projects / firefly-linux-kernel-4.4.55.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
binder: don't allow mmap() by process other than proc->tsk
[firefly-linux-kernel-4.4.55.git] / drivers / staging / android / binder.c
diff --git a/drivers/staging/android/binder.c b/drivers/staging/android/binder.c
index 574e99210c36cd1485012aec3b010dae712f27bf..b9a534c46aac53354bc0fd65707c1d00fe7afa6b 100644 (file)
--- a/drivers/staging/android/binder.c
+++ b/drivers/staging/android/binder.c
@@ -2793,6 +2793,9 @@ static int binder_mmap(struct file *filp, struct vm_area_struct *vma)
        const char *failure_string;
        struct binder_buffer *buffer;
 
+       if (proc->tsk != current)
+               return -EINVAL;
+
        if ((vma->vm_end - vma->vm_start) > SZ_4M)
                vma->vm_end = vma->vm_start + SZ_4M;
 
@@ -2857,7 +2860,7 @@ static int binder_mmap(struct file *filp, struct vm_area_struct *vma)
        binder_insert_free_buffer(proc, buffer);
        proc->free_async_space = proc->buffer_size / 2;
        barrier();
-       proc->files = get_files_struct(proc->tsk);
+       proc->files = get_files_struct(current);
        proc->vma = vma;
        proc->vma_vm_mm = vma->vm_mm;
 
Unnamed repository; edit this file 'description' to name the repository.