This is a note to let you know that I've just added the patch titled
binder: use group leader instead of open thread
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
binder-use-group-leader-instead-of-open-thread.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From c4ea41ba195d01c9af66fb28711a16cc97caa9c5 Mon Sep 17 00:00:00 2001
From: Todd Kjos <tkjos@xxxxxxxxxxx>
Date: Thu, 29 Jun 2017 12:01:36 -0700
Subject: binder: use group leader instead of open thread
From: Todd Kjos <tkjos@xxxxxxxxxxx>
commit c4ea41ba195d01c9af66fb28711a16cc97caa9c5 upstream.
The binder allocator assumes that the thread that
called binder_open will never die for the lifetime of
that proc. That thread is normally the group_leader,
however it may not be. Use the group_leader instead
of current.
Signed-off-by: Todd Kjos <tkjos@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/android/binder.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -2972,8 +2972,8 @@ static int binder_open(struct inode *nod
proc = kzalloc(sizeof(*proc), GFP_KERNEL);
if (proc == NULL)
return -ENOMEM;
- get_task_struct(current);
- proc->tsk = current;
+ get_task_struct(current->group_leader);
+ proc->tsk = current->group_leader;
INIT_LIST_HEAD(&proc->todo);
init_waitqueue_head(&proc->wait);
proc->default_priority = task_nice(current);
Patches currently in stable-queue which might be from tkjos@xxxxxxxxxxx are
queue-4.9/binder-use-group-leader-instead-of-open-thread.patch
queue-4.9/revert-android-binder-sanity-check-at-binder-ioctl.patch