On Tue, Oct 12, 2021 at 12:56 PM Todd Kjos <tkjos@xxxxxxxxxx> wrote: > > This series fixes the possible use of an incorrect security context > when checking selinux permissions, getting a security ID, or lookup > up the euid. > > The previous behavior was to save the group_leader 'struct task_struct' > in binder_open() and using that to obtain security IDs or euids. > > This has been shown to be unreliable, so this series instead saves the > 'struct cred' of the task that called binder_open(). This cred is used > for these lookups instead of the task. Hi Todd, I just merged all three patches into selinux/next, thanks for your help patience on this patchset. Ultimately I merged these patches into selinux/next as opposed to selinux/stable-5.15 because I felt that a couple of weeks in -next before going to Linus would be a good thing. I'm also not certain how widespread binder is outside of Android so I figured the practical difference between next and stable-5.15 is likely very small. Regardless, all of your Fixes and stable tags remain in the patches so as soon as they go up to Linus during the next merge window the stable folks will be notified. -- paul moore www.paul-moore.com
