From: Oleg Nesterov <oleg@redhat.com>
To: "Todd Kjos" <tkjos@android.com>,
"Martijn Coenen" <maco@android.com>,
"Joel Fernandes" <joelagnelf@nvidia.com>,
"Christian Brauner" <brauner@kernel.org>,
"Carlos Llamas" <cmllamas@google.com>,
"Suren Baghdasaryan" <surenb@google.com>,
"Felix Kuehling" <Felix.Kuehling@amd.com>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Christian König" <christian.koenig@amd.com>,
"David Airlie" <airlied@gmail.com>,
"Simona Vetter" <simona@ffwll.ch>,
"Boris Brezillon" <boris.brezillon@collabora.com>,
"Rob Herring" <robh@kernel.org>,
"Steven Price" <steven.price@arm.com>,
"Adrián Larumbe" <adrian.larumbe@collabora.com>,
"Maarten Lankhorst" <maarten.lankhorst@linux.intel.com>,
"Maxime Ripard" <mripard@kernel.org>,
"Thomas Zimmermann" <tzimmermann@suse.de>,
"Liviu Dudau" <liviu.dudau@arm.com>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Leon Romanovsky" <leon@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>
Cc: linux-kernel@vger.kernel.org, amd-gfx@lists.freedesktop.org,
dri-devel@lists.freedesktop.org, linux-rdma@vger.kernel.org,
netdev@vger.kernel.org
Subject: [PATCH 2/7] android/binder: use same_thread_group(proc->tsk, current) in binder_mmap()
Date: Sun, 7 Dec 2025 13:39:17 +0100 [thread overview]
Message-ID: <aTV1dc-I5vAw6i0n@redhat.com> (raw)
In-Reply-To: <aTV1KYdcDGvjXHos@redhat.com>
With or without this change the checked condition can be falsely true
if proc->tsk execs, but this is fine: binder_alloc_mmap_handler() checks
vma->vm_mm == alloc->mm.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
drivers/android/binder.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/android/binder.c b/drivers/android/binder.c
index a00f6678f04d..980bb13228fc 100644
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -6013,7 +6013,7 @@ static int binder_mmap(struct file *filp, struct vm_area_struct *vma)
{
struct binder_proc *proc = filp->private_data;
- if (proc->tsk != current->group_leader)
+ if (!same_thread_group(proc->tsk, current))
return -EINVAL;
binder_debug(BINDER_DEBUG_OPEN_CLOSE,
--
2.52.0
next prev parent reply other threads:[~2025-12-08 8:21 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-07 12:38 [PATCH 0/7] don't abuse task_struct.group_leader Oleg Nesterov
2025-12-07 12:39 ` [PATCH 1/7] android/binder: don't abuse current->group_leader Oleg Nesterov
2025-12-18 11:06 ` Alice Ryhl
2025-12-07 12:39 ` Oleg Nesterov [this message]
2025-12-18 11:05 ` [PATCH 2/7] android/binder: use same_thread_group(proc->tsk, current) in binder_mmap() Alice Ryhl
2025-12-07 12:39 ` [PATCH 3/7] drm/amdgpu: don't abuse current->group_leader Oleg Nesterov
2025-12-09 19:22 ` Felix Kuehling
2025-12-07 12:39 ` [PATCH 4/7] drm/amd: kill the outdated "Only the pthreads threading model is supported" checks Oleg Nesterov
2025-12-08 8:28 ` Christian König
2025-12-08 10:05 ` Oleg Nesterov
2025-12-09 19:23 ` Felix Kuehling
2025-12-07 12:39 ` [PATCH 5/7] drm/pan*: don't abuse current->group_leader Oleg Nesterov
2025-12-08 8:23 ` Boris Brezillon
2025-12-10 11:49 ` Steven Price
2025-12-07 12:40 ` [PATCH 6/7] RDMA/umem: " Oleg Nesterov
2025-12-21 8:03 ` Leon Romanovsky
2025-12-07 12:40 ` [PATCH 7/7] netclassid: use thread_group_leader(p) in update_classid_task() Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aTV1dc-I5vAw6i0n@redhat.com \
--to=oleg@redhat.com \
--cc=Felix.Kuehling@amd.com \
--cc=adrian.larumbe@collabora.com \
--cc=airlied@gmail.com \
--cc=alexander.deucher@amd.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=boris.brezillon@collabora.com \
--cc=brauner@kernel.org \
--cc=christian.koenig@amd.com \
--cc=cmllamas@google.com \
--cc=davem@davemloft.net \
--cc=dri-devel@lists.freedesktop.org \
--cc=edumazet@google.com \
--cc=jgg@ziepe.ca \
--cc=joelagnelf@nvidia.com \
--cc=kuba@kernel.org \
--cc=leon@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=liviu.dudau@arm.com \
--cc=maarten.lankhorst@linux.intel.com \
--cc=maco@android.com \
--cc=mripard@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=robh@kernel.org \
--cc=simona@ffwll.ch \
--cc=steven.price@arm.com \
--cc=surenb@google.com \
--cc=tkjos@android.com \
--cc=tzimmermann@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.