Re: [PATCH v5 4/6] staging: android: binder: fix alignment issues

Wed, 03 Jul 2013 15:29:58 -0700 

On Wed, Jun 19, 2013 at 10:12 AM, Serban Constantinescu
<[email protected]> wrote:
> The Android userspace aligns the data written to the binder buffers to
> 4bytes. Thus for 32bit platforms or 64bit platforms running an 32bit
> Android userspace we can have a buffer looking like this:
>
> platform    buffer(binder_cmd   pointer)      size
> 32/32                 32b         32b          8B
> 64/32                 32b         64b          12B
> 64/64                 32b         64b          12B
>
> Thus the kernel needs to check that the buffer size is aligned to 4bytes
> not to (void *) that will be 8bytes on 64bit machines.
>
> The change does not affect existing 32bit ABI.
>
> Signed-off-by: Serban Constantinescu <[email protected]>
> ---
>  drivers/staging/android/binder.c |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/staging/android/binder.c 
> b/drivers/staging/android/binder.c
> index ce70909..7450d56 100644
> --- a/drivers/staging/android/binder.c
> +++ b/drivers/staging/android/binder.c
> @@ -1247,7 +1247,7 @@ static void binder_transaction_buffer_release(struct 
> binder_proc *proc,
>                 struct flat_binder_object *fp;
>                 if (*offp > buffer->data_size - sizeof(*fp) ||
>                     buffer->data_size < sizeof(*fp) ||
> -                   !IS_ALIGNED(*offp, sizeof(void *))) {
> +                   !IS_ALIGNED(*offp, sizeof(u32))) {
>                         pr_err("transaction release %d bad offset %zd, size 
> %zd\n",
>                          debug_id, *offp, buffer->data_size);
>                         continue;
> @@ -1496,7 +1496,7 @@ static void binder_transaction(struct binder_proc *proc,
>                 struct flat_binder_object *fp;
>                 if (*offp > t->buffer->data_size - sizeof(*fp) ||
>                     t->buffer->data_size < sizeof(*fp) ||
> -                   !IS_ALIGNED(*offp, sizeof(void *))) {
> +                   !IS_ALIGNED(*offp, sizeof(u32))) {
>                         binder_user_error("%d:%d got transaction with invalid 
> offset, %zd\n",
>                                         proc->pid, thread->pid, *offp);
>                         return_error = BR_FAILED_REPLY;
> --
> 1.7.9.5
>

Acked-by: Arve Hjønnevåg <[email protected]>

--
Arve Hjønnevåg
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to