| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Nov 2021 09:08:29 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Todd Kjos <tkjos@...gle.com>
Cc: christian@...uner.io, arve@...roid.com, devel@...verdev.osuosl.org,
linux-kernel@...r.kernel.org, maco@...gle.com,
joel@...lfernandes.org, kernel-team@...roid.com
Subject: Re: [PATCH 0/3] binder: Prevent untranslated sender data from being
copied to target
On Tue, Nov 23, 2021 at 11:17:34AM -0800, Todd Kjos wrote:
> Binder copies transactions directly from the sender buffer
> to the target buffer and then fixes up BINDER_TYPE_PTR and
> BINDER_TYPE_FDA objects. This means there is a brief time
> when sender pointers and fds are visible to the target
> process.
>
> This series reworks the the sender to target copy to
> avoid leaking any untranslated sender data from being
> visible in the target.
>
> Todd Kjos (3):
> binder: defer copies of pre-patched txn data
> binder: read pre-translated fds from sender buffer
> binder: avoid potential data leakage when copying txn
>
> drivers/android/binder.c | 442 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------
> 1 file changed, 387 insertions(+), 55 deletions(-)
Are these changes needed now in 5.16-final and also in stable kernels?
Or can they wait until 5.17-rc1?
thanks,
greg k-h
Powered by blists - more mailing lists