Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7e04a42e authored by Linux Build Service Account's avatar Linux Build Service Account Committed by Gerrit - the friendly Code Review server
Browse files

Merge "staging: android: binder: Add copy_flat_binder_object()"

parents d32f6f81 724732b4

drivers/staging/android/binder.c

+7 −2
Original line number Diff line number Diff line
@@ -145,6 +145,11 @@ module_param_call(stop_on_user_error, binder_set_stop_on_user_error, 
#define deref_helper(ptr)	    (*(typeof(size_t *))ptr)

#define size_helper(x)		    sizeof(x)



static inline struct flat_binder_object *copy_flat_binder_object(void __user *ptr)

{

	return (struct flat_binder_object *)ptr;

}



enum binder_stat_types {

	BINDER_STAT_PROC,

	BINDER_STAT_THREAD,
@@ -1258,7 +1263,7 @@ static void binder_transaction_buffer_release(struct binder_proc *proc, 
			 debug_id, deref_helper(offp), buffer->data_size);

			continue;

		}

		fp = (struct flat_binder_object *)(buffer->data + deref_helper(offp));

		fp = copy_flat_binder_object(buffer->data + deref_helper(offp));

		switch (fp->type) {

		case BINDER_TYPE_BINDER:

		case BINDER_TYPE_WEAK_BINDER: {
@@ -1512,7 +1517,7 @@ static void binder_transaction(struct binder_proc *proc, 
			return_error = BR_FAILED_REPLY;

			goto err_bad_offset;

		}

		fp = (struct flat_binder_object *)(t->buffer->data + deref_helper(offp));

		fp = copy_flat_binder_object(t->buffer->data + deref_helper(offp));

		switch (fp->type) {

		case BINDER_TYPE_BINDER:

		case BINDER_TYPE_WEAK_BINDER: {