From 6432d658d41a6092e5796a6160beac8253573414 Mon Sep 17 00:00:00 2001
From: Sasha Levin <sashal@kernel.org>
Date: Wed, 4 Jan 2023 08:05:40 -0500
Subject: [PATCH] Fixes for 4.19

Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 ...-return-code-in-load_elf_fdpic_binar.patch |  41 ++++++
 ...all_exec_creds-after-setup_new_exec-.patch | 123 ++++++++++++++++++
 queue-4.19/series                             |   2 +
 3 files changed, 166 insertions(+)
 create mode 100644 queue-4.19/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch
 create mode 100644 queue-4.19/binfmt-move-install_exec_creds-after-setup_new_exec-.patch

diff --git a/queue-4.19/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch b/queue-4.19/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch
new file mode 100644
index 00000000000..51a11f6d4b8
--- /dev/null
+++ b/queue-4.19/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch
@@ -0,0 +1,41 @@
+From cb6464b7c8b84b256ef8eec5546ce99497f63142 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 2 Dec 2022 09:41:01 +0800
+Subject: binfmt: Fix error return code in load_elf_fdpic_binary()
+
+From: Wang Yufen <wangyufen@huawei.com>
+
+[ Upstream commit e7f703ff2507f4e9f496da96cd4b78fd3026120c ]
+
+Fix to return a negative error code from create_elf_fdpic_tables()
+instead of 0.
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Cc: stable@vger.kernel.org
+Signed-off-by: Wang Yufen <wangyufen@huawei.com>
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Link: https://lore.kernel.org/r/1669945261-30271-1-git-send-email-wangyufen@huawei.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/binfmt_elf_fdpic.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
+index 60896c16f103..64d0b838085d 100644
+--- a/fs/binfmt_elf_fdpic.c
++++ b/fs/binfmt_elf_fdpic.c
+@@ -439,8 +439,9 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
+ 	current->mm->start_stack = current->mm->start_brk + stack_size;
+ #endif
+ 
+-	if (create_elf_fdpic_tables(bprm, current->mm,
+-				    &exec_params, &interp_params) < 0)
++	retval = create_elf_fdpic_tables(bprm, current->mm, &exec_params,
++					 &interp_params);
++	if (retval < 0)
+ 		goto error;
+ 
+ 	kdebug("- start_code  %lx", current->mm->start_code);
+-- 
+2.35.1
+
diff --git a/queue-4.19/binfmt-move-install_exec_creds-after-setup_new_exec-.patch b/queue-4.19/binfmt-move-install_exec_creds-after-setup_new_exec-.patch
new file mode 100644
index 00000000000..bf85b945d86
--- /dev/null
+++ b/queue-4.19/binfmt-move-install_exec_creds-after-setup_new_exec-.patch
@@ -0,0 +1,123 @@
+From d7fb37865cd39cc7d0056072377dbdd5b570f0f4 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 12 Mar 2020 10:17:17 -0500
+Subject: binfmt: Move install_exec_creds after setup_new_exec to match
+ binfmt_elf
+
+From: Eric W. Biederman <ebiederm@xmission.com>
+
+[ Upstream commit e7f7785449a1f459a4a3ca92f82f56fb054dd2b9 ]
+
+In 2016 Linus moved install_exec_creds immediately after
+setup_new_exec, in binfmt_elf as a cleanup and as part of closing a
+potential information leak.
+
+Perform the same cleanup for the other binary formats.
+
+Different binary formats doing the same things the same way makes exec
+easier to reason about and easier to maintain.
+
+Greg Ungerer reports:
+> I tested the the whole series on non-MMU m68k and non-MMU arm
+> (exercising binfmt_flat) and it all tested out with no problems,
+> so for the binfmt_flat changes:
+Tested-by: Greg Ungerer <gerg@linux-m68k.org>
+
+Ref: 9f834ec18def ("binfmt_elf: switch to new creds when switching to new mm")
+Reviewed-by: Kees Cook <keescook@chromium.org>
+Reviewed-by: Greg Ungerer <gerg@linux-m68k.org>
+Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
+Stable-dep-of: e7f703ff2507 ("binfmt: Fix error return code in load_elf_fdpic_binary()")
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/x86/ia32/ia32_aout.c | 3 +--
+ fs/binfmt_aout.c          | 2 +-
+ fs/binfmt_elf_fdpic.c     | 2 +-
+ fs/binfmt_flat.c          | 3 +--
+ 4 files changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c
+index 3ebd77770f98..4cfda3cfae7f 100644
+--- a/arch/x86/ia32/ia32_aout.c
++++ b/arch/x86/ia32/ia32_aout.c
+@@ -298,6 +298,7 @@ static int load_aout_binary(struct linux_binprm *bprm)
+ 	set_personality_ia32(false);
+ 
+ 	setup_new_exec(bprm);
++	install_exec_creds(bprm);
+ 
+ 	regs->cs = __USER32_CS;
+ 	regs->r8 = regs->r9 = regs->r10 = regs->r11 = regs->r12 =
+@@ -314,8 +315,6 @@ static int load_aout_binary(struct linux_binprm *bprm)
+ 	if (retval < 0)
+ 		return retval;
+ 
+-	install_exec_creds(bprm);
+-
+ 	if (N_MAGIC(ex) == OMAGIC) {
+ 		unsigned long text_addr, map_size;
+ 
+diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c
+index c3deb2e35f20..e7a9e8b56e71 100644
+--- a/fs/binfmt_aout.c
++++ b/fs/binfmt_aout.c
+@@ -244,6 +244,7 @@ static int load_aout_binary(struct linux_binprm * bprm)
+ 	set_personality(PER_LINUX);
+ #endif
+ 	setup_new_exec(bprm);
++	install_exec_creds(bprm);
+ 
+ 	current->mm->end_code = ex.a_text +
+ 		(current->mm->start_code = N_TXTADDR(ex));
+@@ -256,7 +257,6 @@ static int load_aout_binary(struct linux_binprm * bprm)
+ 	if (retval < 0)
+ 		return retval;
+ 
+-	install_exec_creds(bprm);
+ 
+ 	if (N_MAGIC(ex) == OMAGIC) {
+ 		unsigned long text_addr, map_size;
+diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
+index b53bb3729ac1..60896c16f103 100644
+--- a/fs/binfmt_elf_fdpic.c
++++ b/fs/binfmt_elf_fdpic.c
+@@ -357,6 +357,7 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
+ 		current->personality |= READ_IMPLIES_EXEC;
+ 
+ 	setup_new_exec(bprm);
++	install_exec_creds(bprm);
+ 
+ 	set_binfmt(&elf_fdpic_format);
+ 
+@@ -438,7 +439,6 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm)
+ 	current->mm->start_stack = current->mm->start_brk + stack_size;
+ #endif
+ 
+-	install_exec_creds(bprm);
+ 	if (create_elf_fdpic_tables(bprm, current->mm,
+ 				    &exec_params, &interp_params) < 0)
+ 		goto error;
+diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c
+index a6f97d86fb80..a909743b1a0e 100644
+--- a/fs/binfmt_flat.c
++++ b/fs/binfmt_flat.c
+@@ -541,6 +541,7 @@ static int load_flat_file(struct linux_binprm *bprm,
+ 		/* OK, This is the point of no return */
+ 		set_personality(PER_LINUX_32BIT);
+ 		setup_new_exec(bprm);
++		install_exec_creds(bprm);
+ 	}
+ 
+ 	/*
+@@ -965,8 +966,6 @@ static int load_flat_binary(struct linux_binprm *bprm)
+ 		}
+ 	}
+ 
+-	install_exec_creds(bprm);
+-
+ 	set_binfmt(&flat_format);
+ 
+ #ifdef CONFIG_MMU
+-- 
+2.35.1
+
diff --git a/queue-4.19/series b/queue-4.19/series
index a451ea9038c..b2df311430f 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -380,3 +380,5 @@ soc-qcom-select-remap_mmio-for-llcc-driver.patch
 ktest.pl-minconfig-unset-configs-instead-of-just-removing-them.patch
 arm-ux500-do-not-directly-dereference-__iomem.patch
 selftests-use-optional-usercflags-and-userldflags.patch
+binfmt-move-install_exec_creds-after-setup_new_exec-.patch
+binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch
-- 
2.47.3