ANDROID: binder: don't enqueue death notifications to thread todo.

This allows userspace to request death notifications without having to worry about getting an immediate callback on the same thread; one scenario where this would be problematic is if the death recipient handler grabs a lock that was already taken earlier (eg as part of a nested transaction). Bug: 23525545 Test: boots Change-Id: Ie7652bb14368b0edc0420adf256b4b2717b5f9d4 Signed-off-by: Martijn Coenen <maco@google.com>
2017-05-25 16:07:22 -07:00
parent 2d56c940da
commit 4cb89f9e0f
1 changed files with 4 additions and 14 deletions
--- a/drivers/android/binder.c
+++ b/drivers/android/binder.c
@@ -2900,20 +2900,10 @@ static int binder_thread_write(struct binder_proc *proc,
 				ref->death = death;
 				if (ref->node_is_zombie) {
 					ref->death->work.type = BINDER_WORK_DEAD_BINDER;
-					if (thread->looper &
-					    (BINDER_LOOPER_STATE_REGISTERED |
-					     BINDER_LOOPER_STATE_ENTERED))
-						binder_enqueue_work(
-							&ref->death->work,
-							&thread->todo,
-							__LINE__);
-					else {
-						binder_enqueue_work(
-							&ref->death->work,
-							&proc->todo,
-							__LINE__);
-						binder_wakeup_proc(proc);
-					}
+					binder_enqueue_work(&ref->death->work,
+							    &proc->todo,
+							    __LINE__);
+					binder_wakeup_proc(proc);
 				}
 				binder_proc_unlock(proc, __LINE__);
 			} else {