02 Mar, 2016
1 commit
-
We want the staging fixes in here as well.
Signed-off-by: Greg Kroah-Hartman
23 Feb, 2016
1 commit
-
This resolves the merge issues and confusions people were having with
the goldfish drivers due to changes for them showing up in two different
trees.Signed-off-by: Greg Kroah-Hartman
21 Feb, 2016
1 commit
-
There's one point was missed in the patch commit da49889deb34 ("staging:
binder: Support concurrent 32 bit and 64 bit processes."). When configure
BINDER_IPC_32BIT, the size of binder_uintptr_t was 32bits, but size of
void * is 64bit on 64bit system. Correct it here.Signed-off-by: Lisa Du
Signed-off-by: Nicolas Boichat
Fixes: da49889deb34 ("staging: binder: Support concurrent 32 bit and 64 bit processes.")
Cc:
Acked-by: Olof Johansson
Signed-off-by: Greg Kroah-Hartman
12 Feb, 2016
2 commits
-
If a /d/binder/proc/[pid] entry is kept open after linux has
torn down the associated process, binder_proc_show can deference
an invalid binder_proc that has been stashed in the debugfs
inode. Validate that the binder_proc ptr passed into binder_proc_show
has not been freed by looking for it within the global process list
whilst the global lock is held. If the ptr is not valid, print nothing.Cc: Colin Cross
Cc: Arve Hjønnevåg
Cc: Dmitry Shmidt
Cc: Rom Lemarchand
Cc: Serban Constantinescu
Cc: Greg Kroah-Hartman
Cc: Android Kernel Team
Signed-off-by: Dmitry Shmidt
[jstultz: Minor commit message tweaks]
Signed-off-by: John Stultz
Signed-off-by: Greg Kroah-Hartman -
Make sure offsets don't point to overlapping flat_binder_object
structs.Cc: Colin Cross
Cc: Arve Hjønnevåg
Cc: Dmitry Shmidt
Cc: Rom Lemarchand
Cc: Serban Constantinescu
Cc: Greg Kroah-Hartman
Cc: Android Kernel Team
Signed-off-by: Dmitry Shmidt
Signed-off-by: John Stultz
Signed-off-by: Greg Kroah-Hartman
08 Feb, 2016
1 commit
-
Sanity check at binder ioctl function,
Only allow the shared mm_struct to use the same binder-object
to do binder operate.And add proc->vma_vm_mm = current->mm at the open function.
The libbinder do ioctl before mmap called.V2: Fix compile error for error commit
V3: Change the condition to proc->vma_vm_mmSigned-off-by: Chen Feng
Signed-off-by: Wei Dong
Signed-off-by: Junmin Zhao
Reviewed-by: Zhuangluan Su
Signed-off-by: Greg Kroah-Hartman
11 Sep, 2015
1 commit
-
With two exceptions (drm/qxl and drm/radeon) all vm_operations_struct
structs should be constant.Signed-off-by: Kirill A. Shutemov
Reviewed-by: Oleg Nesterov
Cc: "H. Peter Anvin"
Cc: Andy Lutomirski
Cc: Dave Hansen
Cc: Ingo Molnar
Cc: Minchan Kim
Cc: Thomas Gleixner
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
02 Mar, 2015
1 commit
-
binder_update_page_range() initializes only addr and size
fields in 'struct vm_struct tmp_area;' and passes it to
map_vm_area().Before 71394fe50146 ("mm: vmalloc: add flag preventing guard hole allocation")
this was because map_vm_area() didn't use any other fields
in vm_struct except addr and size.Now get_vm_area_size() (used in map_vm_area()) reads vm_struct's
flags to determine whether vm area has guard hole or not.binder_update_page_range() don't initialize flags field, so
this causes following binder mmap failures:
-----------[ cut here ]------------
WARNING: CPU: 0 PID: 1971 at mm/vmalloc.c:130
vmap_page_range_noflush+0x119/0x144()
CPU: 0 PID: 1971 Comm: healthd Not tainted 4.0.0-rc1-00399-g7da3fdc-dirty #157
Hardware name: ARM-Versatile Express
[] (unwind_backtrace) from [] (show_stack+0x11/0x14)
[] (show_stack) from [] (dump_stack+0x59/0x7c)
[] (dump_stack) from [] (warn_slowpath_common+0x55/0x84)
[] (warn_slowpath_common) from []
(warn_slowpath_null+0x17/0x1c)
[] (warn_slowpath_null) from []
(vmap_page_range_noflush+0x119/0x144)
[] (vmap_page_range_noflush) from [] (map_vm_area+0x27/0x48)
[] (map_vm_area) from []
(binder_update_page_range+0x12f/0x27c)
[] (binder_update_page_range) from []
(binder_mmap+0xbf/0x1ac)
[] (binder_mmap) from [] (mmap_region+0x2eb/0x4d4)
[] (mmap_region) from [] (do_mmap_pgoff+0x1e7/0x250)
[] (do_mmap_pgoff) from [] (vm_mmap_pgoff+0x45/0x60)
[] (vm_mmap_pgoff) from [] (SyS_mmap_pgoff+0x5d/0x80)
[] (SyS_mmap_pgoff) from [] (ret_fast_syscall+0x1/0x5c)
---[ end trace 48c2c4b9a1349e54 ]---
binder: 1982: binder_alloc_buf failed to map page at f0e00000 in kernel
binder: binder_mmap: 1982 b6bde000-b6cdc000 alloc small buf failed -12Use map_kernel_range_noflush() instead of map_vm_area() as this is better
API for binder's purposes and it allows to get rid of 'vm_struct tmp_area' at all.Fixes: 71394fe50146 ("mm: vmalloc: add flag preventing guard hole allocation")
Signed-off-by: Andrey Ryabinin
Reported-by: Amit Pundir
Tested-by: Amit Pundir
Acked-by: David Rientjes
Tested-by: John Stultz
Signed-off-by: Greg Kroah-Hartman
26 Jan, 2015
1 commit
-
Add security hooks to the binder and implement the hooks for SELinux.
The security hooks enable security modules such as SELinux to implement
controls over binder IPC. The security hooks include support for
controlling what process can become the binder context manager
(binder_set_context_mgr), controlling the ability of a process
to invoke a binder transaction/IPC to another process (binder_transaction),
controlling the ability of a process to transfer a binder reference to
another process (binder_transfer_binder), and controlling the ability
of a process to transfer an open file to another process (binder_transfer_file).These hooks have been included in the Android kernel trees since Android 4.3.
(Updated to reflect upstream relocation and changes to the binder driver,
changes to the LSM audit data structures, coding style cleanups, and
to add inline documentation for the hooks).Signed-off-by: Stephen Smalley
Acked-by: Nick Kralevich
Acked-by: Jeffrey Vander Stoep
Signed-off-by: Greg Kroah-Hartman
20 Oct, 2014
2 commits
-
binder.h isn't needed to just include a uapi file and set a single
define, so move it into binder.c to save a few lines of code.Signed-off-by: Greg Kroah-Hartman
-
The Android binder code has been "stable" for many years now. No matter
what comes in the future, we are going to have to support this API, so
might as well move it to the "real" part of the kernel as there's no
real work that needs to be done to the existing code.Signed-off-by: Greg Kroah-Hartman