This series fixes the possible use of an incorrect security context when checking selinux permissions, getting a security ID, or lookup up the euid.
The previous behavior was to save the group_leader 'struct task_struct' in binder_open() and using that to obtain security IDs or euids. This has been shown to be unreliable, so this series instead saves the 'struct cred' of the task that called binder_open(). This cred is used for these lookups instead of the task. v1 and v2 of this series were a single patch "binder: use euid from" cred instead of using task". During review, Stephen Smalley identified two more related issues so the corresponding patches were added to the series. Todd Kjos (3): binder: use cred instead of task for selinux checks binder: use cred instead of task for getsecid binder: use euid from cred instead of using task _______________________________________________ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
