On Wed, Mar 10, 2021 at 3:21 AM Jeffrey Vander Stoep <je...@google.com> wrote:
> On Fri, Mar 5, 2021 at 12:44 AM Paul Moore <p...@paul-moore.com> wrote:
> >
> > On Thu, Mar 4, 2021 at 5:04 AM Jeffrey Vander Stoep <je...@google.com>
> > wrote:
> > > On Sat, Feb 20, 2021 at 3:45 PM Paul Moore <p...@paul-moore.com> wrote:
> > > > On Fri, Feb 19, 2021 at 9:57 PM James Morris <jmor...@namei.org> wrote:
> > > > > On Fri, 19 Feb 2021, Paul Moore wrote:
> > > > > > diff --git a/drivers/android/binder.c b/drivers/android/binder.c
> > > > > > index c119736ca56ac..39d501261108d 100644
> > > > > > --- a/drivers/android/binder.c
> > > > > > +++ b/drivers/android/binder.c
> > > > > > @@ -2700,7 +2700,7 @@ static void binder_transaction(struct
> > > > > > binder_proc *proc,
> > > > > > u32 secid;
> > > > > > size_t added_size;
> > > > > >
> > > > > > - security_task_getsecid(proc->tsk, &secid);
> > > > > > + security_task_getsecid_subj(proc->tsk, &secid);
> > > > > > ret = security_secid_to_secctx(secid, &secctx,
> > > > > > &secctx_sz);
> > > > > > if (ret) {
> > > > > > return_error = BR_FAILED_REPLY;
> > > > >
> > > > > Can someone from the Android project confirm this is correct for
> > > > > binder?
> > >
> > > This looks correct to me.
> >
> > Thanks for the verification. Should I assume the SELinux specific
> > binder changes looked okay too?
> >
> Yes, those also look good to me.
Thanks, that binder changes were the one area I wasn't 100% on, I
appreciate the verification.
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit
