Re: [PATCH v3] binder: fix proc->files use-after-free

On Mon, Dec 11, 2017 at 01:23:28PM -0800, Todd Kjos wrote: > Greg- when this is in, we'll want it in 4.14 as well. Ugh, missed that, I'll be sure to mark it for stable, thanks for letting me know. greg k-h

Re: [PATCH v3] binder: fix proc->files use-after-free

On Mon, Dec 11, 2017 at 01:23:28PM -0800, Todd Kjos wrote: > Greg- when this is in, we'll want it in 4.14 as well. Ugh, missed that, I'll be sure to mark it for stable, thanks for letting me know. greg k-h

Re: [PATCH v3] binder: fix proc->files use-after-free

Greg- when this is in, we'll want it in 4.14 as well. On Mon, Nov 27, 2017 at 9:32 AM, Todd Kjos wrote: > proc->files cleanup is initiated by binder_vma_close. Therefore > a reference on the binder_proc is not enough to prevent the > files_struct from being released while the

Re: [PATCH v3] binder: fix proc->files use-after-free

Greg- when this is in, we'll want it in 4.14 as well. On Mon, Nov 27, 2017 at 9:32 AM, Todd Kjos wrote: > proc->files cleanup is initiated by binder_vma_close. Therefore > a reference on the binder_proc is not enough to prevent the > files_struct from being released while the binder_proc still

[PATCH v3] binder: fix proc->files use-after-free

proc->files cleanup is initiated by binder_vma_close. Therefore a reference on the binder_proc is not enough to prevent the files_struct from being released while the binder_proc still has a reference. This can lead to an attempt to dereference the stale pointer obtained from proc->files prior to

[PATCH v3] binder: fix proc->files use-after-free

proc->files cleanup is initiated by binder_vma_close. Therefore a reference on the binder_proc is not enough to prevent the files_struct from being released while the binder_proc still has a reference. This can lead to an attempt to dereference the stale pointer obtained from proc->files prior to