From nobody Thu Apr 2 22:29:02 2026 Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 901E72BE7DC for ; Fri, 13 Feb 2026 21:37:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771018663; cv=none; b=E7IibKdfr9E9RkuqYlKERleiBFsuDwGxql53l/imKt1uzZaTI7aB19gsfE2IMLYhxrm1YGoHIDyxDqJdVjzBwEeWw619j0u8Hxll1KLi4b5lC55pmiqzFUZUehaUunOXpS6OcaT3Ql3rDXJZdaMeePv7NWQp3Ge/PEzpzXYzCH4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771018663; c=relaxed/simple; bh=SY58b6+HRdTcifkgHRCynchJMBD+E6jLhYjyter0gdQ=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=PHYMiYNJEHXujFi5ci9ALPdQr/lkYA7xCCcKRKe7xLcFW/AsK164vLm2i6Io+T8C1X+2kG8XiGE9vVe3aWPcEsbBd0hj/iXzPBRzBIcGgeIoj7OQnUOhpII9v5KSZN2zd3hCfbqnxnfJy4XxCQD1mkn4LRAdZIXwNaXp9pfhTaY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=uKIhLlGN; arc=none smtp.client-ip=209.85.128.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="uKIhLlGN" Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-48318d08ec2so1615e9.1 for ; Fri, 13 Feb 2026 13:37:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771018660; x=1771623460; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=lEpt72S61dcbjCA7YaZRUVRE2wYR3DyNZT5FGpvGmxc=; b=uKIhLlGNFekRsdbrw69FTs88Sst3Q3TYmwsd1cwXHGEnNvTVqurk6baGQo72Fq/WJL e5FUeLeprNUZJX7BC4j3jgXHQ1/03/DICT6FloAfS3UgI8QZwEWDpVh1puAHwTZWpw4B exUijUvY+lYnvqt8eUaJr7DyphN2bWI3C0/ECeVbafaTkhz8Gvap6WDr+SYrHye51XJ5 3r85UZ0dPwjuoVo7KfPpuX21aiiyqlBvyrVr89zjx4u7OgR6cUjVd5y+obiyHekg9UpH J1Z2FXjCuFK26o6bSBFUEl5b41kgdeuTrutH0JQKh+5HGEb1b+IlflAoyDGkbToBNJZK 6RBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771018660; x=1771623460; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=lEpt72S61dcbjCA7YaZRUVRE2wYR3DyNZT5FGpvGmxc=; b=dj3fOy+DYhBAmp9fw5AXO8pNjBx60O0E2uMUzpvPrJ9D/dF+j8Ae5EqrwmkVO2TCmr lHqCkt67B5YWtk92K08s3nUTlr7C8J7hUM4O3j9gt5zbEAvIYor7+YovKuaq+SRbadAx 4A8ZdkfokNsp3Cvxu9CZ6qyjDnGCMPYwwLoRxnWV+lo+9PL9xOtXnIHIwN175JalQDLk GoJHso3LCOZ9UT6ob5IfNA7shbIW2vDXdcDPWbVBw6CjUExWDTwkvOyR9UwnowMi1xzd zBy2cq4swusdOAtr/M+FMWjCfcHoqvl7V5Dfur0rJyxha7cuvKz72gw7fPIBHbOcefYs 0htw== X-Gm-Message-State: AOJu0YzCpaLBAfJ24qi7vFK4kh5wKoETjD+I+RLT2KUwjgxoEy/Dx2SH I/qu5JzPg2e0pqt8VIo6lmaFKqSXknQFdFcXRpgaPKOuk6umjZVpQ6S4ZEvphIS12Q== X-Gm-Gg: AZuq6aLABMiROLhJyq+jsgpxS722bBXXvVUINLCFC9+qStSS4Hdos2VSBCaM3gwgt4c Ex0m7xKOvp5aeT37/4YpcbnqLV7ckAUUc32YHt7HuPnFgVZP4eSWHN3iryQsDi90NMPh9uyxHxR JZt7Pt4P7EyBTEhdDNegs3iW9cPbH8lGzB8eil7v2zjvubEAFEEay/o54nhcNMS371144pYLe+J 5rMXcsUWCpncqTOMsvTCRo9kNo1RXhNGwxoU4akXKPKXMmnfQnk5ytzTtH4Fvon3PEbSr7PThs7 7SrRMDZhp3YlF7sd3/P+TIJBuam2YeuzbB5UEa+IaNsowCeT8I9PkCZJEODNffI/jZogoGh51Qe EPk/jPllkAR5HscTJjqk6XykZ4nX8KCgO80ejr+ZaEfAbVJlBgZ5Ma0lsGMWB6kuhjE8NJlJTB9 KGqNcSP+OKyyVNO/UGh/tT6waERCOL4G3wm5/0bCUQH41c+cBBl3s= X-Received: by 2002:a05:600c:3e0c:b0:47e:d9e7:1c12 with SMTP id 5b1f17b1804b1-4837a1aa909mr209755e9.6.1771018659628; Fri, 13 Feb 2026 13:37:39 -0800 (PST) Received: from localhost ([2a00:79e0:288a:8:989e:b55e:7170:736e]) by smtp.gmail.com with UTF8SMTPSA id 5b1f17b1804b1-4834d5ebd34sm305288435e9.7.2026.02.13.13.37.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Feb 2026 13:37:39 -0800 (PST) From: Jann Horn Date: Fri, 13 Feb 2026 22:37:30 +0100 Subject: [PATCH 1/2] binder: use current_euid() for transaction sender identity Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260213-binder-uid-v1-1-7b795ae05523@google.com> References: <20260213-binder-uid-v1-0-7b795ae05523@google.com> In-Reply-To: <20260213-binder-uid-v1-0-7b795ae05523@google.com> To: Greg Kroah-Hartman , =?utf-8?q?Arve_Hj=C3=B8nnev=C3=A5g?= , Todd Kjos , Christian Brauner , Carlos Llamas , Alice Ryhl Cc: linux-kernel@vger.kernel.org, Miguel Ojeda , Boqun Feng , Gary Guo , =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= , Benno Lossin , Andreas Hindborg , Trevor Gross , Danilo Krummrich , rust-for-linux@vger.kernel.org, Jann Horn X-Mailer: b4 0.15-dev X-Developer-Signature: v=1; a=ed25519-sha256; t=1771018654; l=901; i=jannh@google.com; s=20240730; h=from:subject:message-id; bh=SY58b6+HRdTcifkgHRCynchJMBD+E6jLhYjyter0gdQ=; b=HrbwHznEvXkU+4YCZvpswUgLMo0y7cKmzs5GkwzOs845c76TJOqAwjUgsUpJC/Q77l2wuGYXw p5s4W+3CZ37CAeHz9HebXrFqh8mGTskODpvo8gOU7u7k0fB9/26kG9i X-Developer-Key: i=jannh@google.com; a=ed25519; pk=AljNtGOzXeF6khBXDJVVvwSEkVDGnnZZYqfWhP1V+C8= Binder currently uses task_euid(proc->tsk) as the transaction sender EUID, where proc->tsk is the main thread of the process that opened /dev/binder. That's not clean; use the subjective EUID of the current task instead. Signed-off-by: Jann Horn Acked-by: Gary Guo Reviewed-by: Alice Ryhl --- drivers/android/binder.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/android/binder.c b/drivers/android/binder.c index adde1e40cccd..3dfce0fb9e13 100644 --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -3113,7 +3113,7 @@ static void binder_transaction(struct binder_proc *pr= oc, t->start_time =3D t_start_time; t->from_pid =3D proc->pid; t->from_tid =3D thread->pid; - t->sender_euid =3D task_euid(proc->tsk); + t->sender_euid =3D current_euid(); t->code =3D tr->code; t->flags =3D tr->flags; t->priority =3D task_nice(current); --=20 2.53.0.273.g2a3d683680-goog From nobody Thu Apr 2 22:29:02 2026 Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 987CD2D6E62 for ; Fri, 13 Feb 2026 21:37:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771018664; cv=none; b=dS4nKN571uEqHBhwtM2ce0rvRqXtPa6sCyjYU2bGc6F+d7MlsCHa+p0ypMchBScaAGbRCdQj8IYVPkC/MmhQKhNWPvp/dmShqky9iMJ9Krbohw+clk1hCcxNdeK9rBzoJZy31TB9A+ci5qwyX8EKKwyAFNMHYZfOuC0ENzrSNhQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1771018664; c=relaxed/simple; bh=0Qv1Zhy45amk+UwexhVvvNVPsfJwy/dNV1vCWrKxHJs=; h=From:Date:Subject:MIME-Version:Content-Type:Message-Id:References: In-Reply-To:To:Cc; b=d/ww+m7tEpIzSwt/WvQKwuyMsOs8oqNMppp4GppJN3uXXo9KXPYm0LlRReK4EkPh4QF9dZYHVazsb7zbqMoK/IKDlcVyrN6B/AsxwDQ9hEUVFOVfhczjBJGwrHNBJ2ye2of5JBFp9Ow+dLihKOGY86VTE76PIYHyPxlNrsFGQz8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=1qbRCQvU; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="1qbRCQvU" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-48318d08ec2so1695e9.1 for ; Fri, 13 Feb 2026 13:37:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1771018661; x=1771623461; darn=vger.kernel.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=4ID3zOB4ouLXJH9v7HyxM7TqlQKrFtlHXVt251u20qc=; b=1qbRCQvU8osTIPNdNnX19L4/v6BoqJUlPpKa3bxDo4h1BkRW8zSfFzwqv7/mjWkLrz Qrlp4MBTD3ynNBbnI+/9+3uxL9MSLQTLjFqu/uKntyAG2JMJ45u99GwtSX8YyA7rjoLS kLZlo2Bt7++At1fbAYwBP7dvMYTj+D3hysOz1Hmt+ZqMLUjyAWQC85tCj7sB78pzohqV bahKu3gei9QV9x+5zhBPlvQv8HjKlRtV9Vy3QpeWUa+7Jl+eHQMPIHt4aq8gf653MW2e 6hPuMLMAXcZoftCpVjAGadklT0B7FmMzOVrjLV8yOjj5pJLefy4bLdWgF7Nrnqu7OX6h 0VHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1771018661; x=1771623461; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=4ID3zOB4ouLXJH9v7HyxM7TqlQKrFtlHXVt251u20qc=; b=FxextT8n7KI9GiEEMD0+Uxr7pJC0+pXsjzucxiE6zPwv9u3O3IPPSDEuyZTAvm+ueF njYBu16KKOE72RbCVnIhPUm+Gv3EMbjr8TsvoT27IUc+RgMhp/K+dQWUWBgs+4n/JLgH T4kaV/e1GPQp9dXd7wtn/k/jFf4PVLWaZHYCc+15nVdsqmSoJ/jeBMdFUL96HcmJKxAD SThtyytCYD6tXYsRMnW77bmtKgU/BVTblTPst0pt7Z9z38EKKPG2DTk6Pe3WN7vBL2ES NPwFmGnxwga0FiZHS2wd/3R3WvkMdoNCgfnyAukFaMecC4wSbl/PmXL7zyGJQ3AgpbVl ZyNA== X-Gm-Message-State: AOJu0Ywqoq4oTAAAYxixnQ7B/m3FEk46tXq+foItoTgrKQEoing51QJL w6PcGv4k16/35R70t0V+YzDl5wJdCfooEgA0TQrOiGtQg5m8YHjoUBOUnA68tlMDeA== X-Gm-Gg: AZuq6aL180/3H8YnrfEcS6NuGu18IDkNsugwg3Z/VPuz1RYX4QtS3YIcVpqzeiRy+3U 6WQ1Ouk+mYiRFf+Bg72Wk3UekBFuEaVy8OTV6mGTDsq2ZCkugqtc5V+UKpWObo2n/gAbr7uJ3CH A8YlAl7avrX2Ft6rjLE71/wvm6Mcq2Vpey1gkwruw/GFUsWRjeRo/wZnF3da24MkgMiBucA0Yp7 KX6J7oHA49i+CuuMkBNrU7NZsVsNciw7Mxrd82VBZSei5GIn6nwRXj3L8pXIKHOgsdMP4CdixhR WwcZ3KSkzKfZnCZaxhwl9ii50TLhJu4GMCovbUl/ItjXSS8guGG+w+Ta7oHN9vR3+MtyAsi2qgC DZdHdy3EyArJ9cctzwgoD/flP/1P26yrhgtFPZU7tMrt6p5GtMA49PgsR0gRwv7KyeQ1sjXCtnm jLPLKlkiIMpbTx5gWXcC/8y8iLa2rVMOiV41grRgygWQrgF+pS7vE= X-Received: by 2002:a05:600c:6007:b0:477:86fd:fb48 with SMTP id 5b1f17b1804b1-4837b6e44fcmr7045e9.9.1771018660505; Fri, 13 Feb 2026 13:37:40 -0800 (PST) Received: from localhost ([2a00:79e0:288a:8:989e:b55e:7170:736e]) by smtp.gmail.com with UTF8SMTPSA id 5b1f17b1804b1-4835dd0e327sm229975245e9.14.2026.02.13.13.37.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Feb 2026 13:37:40 -0800 (PST) From: Jann Horn Date: Fri, 13 Feb 2026 22:37:31 +0100 Subject: [PATCH 2/2] rust_binder: use current_euid() for transaction sender identity Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Message-Id: <20260213-binder-uid-v1-2-7b795ae05523@google.com> References: <20260213-binder-uid-v1-0-7b795ae05523@google.com> In-Reply-To: <20260213-binder-uid-v1-0-7b795ae05523@google.com> To: Greg Kroah-Hartman , =?utf-8?q?Arve_Hj=C3=B8nnev=C3=A5g?= , Todd Kjos , Christian Brauner , Carlos Llamas , Alice Ryhl Cc: linux-kernel@vger.kernel.org, Miguel Ojeda , Boqun Feng , Gary Guo , =?utf-8?q?Bj=C3=B6rn_Roy_Baron?= , Benno Lossin , Andreas Hindborg , Trevor Gross , Danilo Krummrich , rust-for-linux@vger.kernel.org, Jann Horn X-Mailer: b4 0.15-dev X-Developer-Signature: v=1; a=ed25519-sha256; t=1771018654; l=1290; i=jannh@google.com; s=20240730; h=from:subject:message-id; bh=0Qv1Zhy45amk+UwexhVvvNVPsfJwy/dNV1vCWrKxHJs=; b=cPbLHIqb4ntFZk4lGUC9cBg+W+TcpQKS/WtpVdRYkXM7EwXL4UMdvzAaDaG+EAIfZdQ5p6s5t jDwf5I08IMKAQRXeLcX1MmVDR+xR7whA+PQQBx9mp5Fe3ARbXx6OQDj X-Developer-Key: i=jannh@google.com; a=ed25519; pk=AljNtGOzXeF6khBXDJVVvwSEkVDGnnZZYqfWhP1V+C8= Binder currently uses from.process.task.euid() as the transaction sender EUID, where from.process.task is the main thread of the process that opened /dev/binder. That's not clean; use the subjective EUID of the current task instead. Signed-off-by: Jann Horn Acked-by: Gary Guo Reviewed-by: Alice Ryhl --- drivers/android/binder/transaction.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/android/binder/transaction.rs b/drivers/android/binder= /transaction.rs index cd8d8202e52d..3deaa745fe2f 100644 --- a/drivers/android/binder/transaction.rs +++ b/drivers/android/binder/transaction.rs @@ -107,7 +107,7 @@ pub(crate) fn new( debug_id, target_node: Some(target_node), from_parent, - sender_euid: from.process.task.euid(), + sender_euid: Kuid::current_euid(), from: from.clone(), to, code: trd.code, @@ -147,7 +147,7 @@ pub(crate) fn new_reply( debug_id, target_node: None, from_parent: None, - sender_euid: from.process.task.euid(), + sender_euid: Kuid::current_euid(), from: from.clone(), to, code: trd.code, --=20 2.53.0.273.g2a3d683680-goog