From: Greg KH <gregkh@linuxfoundation.org>
To: "Arve Hjønnevåg" <arve@android.com>
Cc: Dan Carpenter <dan.carpenter@oracle.com>,
devel@driverdev.osuosl.org,
Christopher Lais <chris+android@zenthought.org>,
linux-kernel@vger.kernel.org, Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH 1/2] Staging: android: binder: Add some error checks
Date: Wed, 1 Feb 2012 14:47:08 -0800 [thread overview]
Message-ID: <20120201224708.GA2643@kroah.com> (raw)
In-Reply-To: <CAMP5XgeV7R4JfRG+9qqkUN_BC0MvADKOngVXqK9mvmXcxisqYA@mail.gmail.com>
On Wed, Feb 01, 2012 at 02:29:36PM -0800, Arve Hjønnevåg wrote:
> 2012/1/31 Dan Carpenter <dan.carpenter@oracle.com>:
> > On Tue, Jan 31, 2012 at 03:20:30PM -0800, Arve Hjønnevåg wrote:
> >> 2012/1/31 Greg KH <greg@kroah.com>:
> >> > On Sat, Jan 21, 2012 at 11:22:08AM +0300, Dan Carpenter wrote:
> >> >> On Fri, Jan 20, 2012 at 07:56:20PM -0800, Arve Hjønnevåg wrote:
> >> >> > - Add a mutex to protect against two processes mmapping the
> >> >> > same binder_proc.
> >> >> > - After locking mmap_sem, check that the vma we want to access
> >> >> > (still) points to the same mm_struct.
> >> >> > - Use proc->tsk instead of current to get the files struct since
> >> >> > this is where we get the rlimit from.
> >> >>
> >> >> This doesn't seem related to the locking change at all. Probably
> >> >> this patch should be split into three patches, one bugfix per
> >> >> patch, unless they are very closely related.
> >> >
> >> > I agree. Arve, is this all fixing one problem, or multiple ones? If
> >> > multiple ones, we need this split up into multiple patches.
> >> >
> >>
> >> That depend on your point of view. It fixes crashes if you use the
> >> same binder file pointer from multiple processes. It seemed excessive
> >> to have three patches for this.
> >
> > It would have helped you to write a better changelog. The subject
> > says "[patch] android: grab bag of random fixes" and the the
> > description matches that. You have no idea how annoyed I get at
> > grab bag patches.
> >
>
> Would the following be a better change description (or do you still
> want three patches):
>
> Staging: android: binder: Fix crashes when sharing a binder file
> between processes
>
> Opening the binder driver and sharing the file returned with
> other processes (e.g. by calling fork) can crash the kernel.
> Prevent these crashes with the following changes:
> - Add a mutex to protect against two processes mmapping the
> same binder_proc.
> - After locking mmap_sem, check that the vma we want to access
> (still) points to the same mm_struct.
> - Use proc->tsk instead of current to get the files struct since
> this is where we get the rlimit from.
That looks good to me, as one patch, Dan?
greg k-h
next prev parent reply other threads:[~2012-02-01 22:47 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-21 3:56 [PATCH 0/2] Binder bug fixes Arve Hjønnevåg
2012-01-21 3:56 ` [PATCH 1/2] Staging: android: binder: Add some error checks Arve Hjønnevåg
2012-01-21 8:22 ` Dan Carpenter
2012-01-31 18:52 ` Greg KH
2012-01-31 23:20 ` Arve Hjønnevåg
2012-02-01 6:53 ` Dan Carpenter
2012-02-01 22:29 ` Arve Hjønnevåg
2012-02-01 22:47 ` Greg KH [this message]
2012-02-01 23:29 ` [PATCH] Staging: android: binder: Fix crashes when sharing a binder file between processes Arve Hjønnevåg
2012-02-02 6:27 ` [PATCH 1/2] Staging: android: binder: Add some error checks Dan Carpenter
2012-01-21 3:56 ` [PATCH 2/2] Staging: android: binder: Don't call dump_stack in binder_vma_open Arve Hjønnevåg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120201224708.GA2643@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=arve@android.com \
--cc=chris+android@zenthought.org \
--cc=dan.carpenter@oracle.com \
--cc=devel@driverdev.osuosl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.