From: Sasha Levin Date: Wed, 4 Jan 2023 13:05:39 +0000 (-0500) Subject: Fixes for 5.4 X-Git-Tag: v6.1.4~64^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e575605bf82f3a36b5145e378f988ce864463bfa;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 5.4 Signed-off-by: Sasha Levin --- diff --git a/queue-5.4/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch b/queue-5.4/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch new file mode 100644 index 00000000000..d2843ae013b --- /dev/null +++ b/queue-5.4/binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch @@ -0,0 +1,41 @@ +From 946f7c73f332682ac0ddb9979f61f21f712a138c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 2 Dec 2022 09:41:01 +0800 +Subject: binfmt: Fix error return code in load_elf_fdpic_binary() + +From: Wang Yufen + +[ Upstream commit e7f703ff2507f4e9f496da96cd4b78fd3026120c ] + +Fix to return a negative error code from create_elf_fdpic_tables() +instead of 0. + +Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") +Cc: stable@vger.kernel.org +Signed-off-by: Wang Yufen +Signed-off-by: Kees Cook +Link: https://lore.kernel.org/r/1669945261-30271-1-git-send-email-wangyufen@huawei.com +Signed-off-by: Sasha Levin +--- + fs/binfmt_elf_fdpic.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c +index 9f785627009c..39bcbfab386d 100644 +--- a/fs/binfmt_elf_fdpic.c ++++ b/fs/binfmt_elf_fdpic.c +@@ -435,8 +435,9 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm) + current->mm->start_stack = current->mm->start_brk + stack_size; + #endif + +- if (create_elf_fdpic_tables(bprm, current->mm, +- &exec_params, &interp_params) < 0) ++ retval = create_elf_fdpic_tables(bprm, current->mm, &exec_params, ++ &interp_params); ++ if (retval < 0) + goto error; + + kdebug("- start_code %lx", current->mm->start_code); +-- +2.35.1 + diff --git a/queue-5.4/binfmt-move-install_exec_creds-after-setup_new_exec-.patch b/queue-5.4/binfmt-move-install_exec_creds-after-setup_new_exec-.patch new file mode 100644 index 00000000000..5ad422c420c --- /dev/null +++ b/queue-5.4/binfmt-move-install_exec_creds-after-setup_new_exec-.patch @@ -0,0 +1,123 @@ +From 07131fa8eacb87b47c9b24922f2697e9d77e7f85 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 12 Mar 2020 10:17:17 -0500 +Subject: binfmt: Move install_exec_creds after setup_new_exec to match + binfmt_elf + +From: Eric W. Biederman + +[ Upstream commit e7f7785449a1f459a4a3ca92f82f56fb054dd2b9 ] + +In 2016 Linus moved install_exec_creds immediately after +setup_new_exec, in binfmt_elf as a cleanup and as part of closing a +potential information leak. + +Perform the same cleanup for the other binary formats. + +Different binary formats doing the same things the same way makes exec +easier to reason about and easier to maintain. + +Greg Ungerer reports: +> I tested the the whole series on non-MMU m68k and non-MMU arm +> (exercising binfmt_flat) and it all tested out with no problems, +> so for the binfmt_flat changes: +Tested-by: Greg Ungerer + +Ref: 9f834ec18def ("binfmt_elf: switch to new creds when switching to new mm") +Reviewed-by: Kees Cook +Reviewed-by: Greg Ungerer +Signed-off-by: "Eric W. Biederman" +Stable-dep-of: e7f703ff2507 ("binfmt: Fix error return code in load_elf_fdpic_binary()") +Signed-off-by: Sasha Levin +--- + arch/x86/ia32/ia32_aout.c | 3 +-- + fs/binfmt_aout.c | 2 +- + fs/binfmt_elf_fdpic.c | 2 +- + fs/binfmt_flat.c | 3 +-- + 4 files changed, 4 insertions(+), 6 deletions(-) + +diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c +index 9bb71abd66bd..37b36a8ce5fa 100644 +--- a/arch/x86/ia32/ia32_aout.c ++++ b/arch/x86/ia32/ia32_aout.c +@@ -140,6 +140,7 @@ static int load_aout_binary(struct linux_binprm *bprm) + set_personality_ia32(false); + + setup_new_exec(bprm); ++ install_exec_creds(bprm); + + regs->cs = __USER32_CS; + regs->r8 = regs->r9 = regs->r10 = regs->r11 = regs->r12 = +@@ -156,8 +157,6 @@ static int load_aout_binary(struct linux_binprm *bprm) + if (retval < 0) + return retval; + +- install_exec_creds(bprm); +- + if (N_MAGIC(ex) == OMAGIC) { + unsigned long text_addr, map_size; + +diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c +index 8e8346a81723..ace587b66904 100644 +--- a/fs/binfmt_aout.c ++++ b/fs/binfmt_aout.c +@@ -162,6 +162,7 @@ static int load_aout_binary(struct linux_binprm * bprm) + set_personality(PER_LINUX); + #endif + setup_new_exec(bprm); ++ install_exec_creds(bprm); + + current->mm->end_code = ex.a_text + + (current->mm->start_code = N_TXTADDR(ex)); +@@ -174,7 +175,6 @@ static int load_aout_binary(struct linux_binprm * bprm) + if (retval < 0) + return retval; + +- install_exec_creds(bprm); + + if (N_MAGIC(ex) == OMAGIC) { + unsigned long text_addr, map_size; +diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c +index d86ebd0dcc3d..9f785627009c 100644 +--- a/fs/binfmt_elf_fdpic.c ++++ b/fs/binfmt_elf_fdpic.c +@@ -353,6 +353,7 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm) + current->personality |= READ_IMPLIES_EXEC; + + setup_new_exec(bprm); ++ install_exec_creds(bprm); + + set_binfmt(&elf_fdpic_format); + +@@ -434,7 +435,6 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm) + current->mm->start_stack = current->mm->start_brk + stack_size; + #endif + +- install_exec_creds(bprm); + if (create_elf_fdpic_tables(bprm, current->mm, + &exec_params, &interp_params) < 0) + goto error; +diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c +index c999bc0c0691..22a7d7547a91 100644 +--- a/fs/binfmt_flat.c ++++ b/fs/binfmt_flat.c +@@ -565,6 +565,7 @@ static int load_flat_file(struct linux_binprm *bprm, + /* OK, This is the point of no return */ + set_personality(PER_LINUX_32BIT); + setup_new_exec(bprm); ++ install_exec_creds(bprm); + } + + /* +@@ -992,8 +993,6 @@ static int load_flat_binary(struct linux_binprm *bprm) + } + } + +- install_exec_creds(bprm); +- + set_binfmt(&flat_format); + + #ifdef CONFIG_MMU +-- +2.35.1 + diff --git a/queue-5.4/series b/queue-5.4/series index 597c708aafa..dc8d11068c8 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -486,3 +486,5 @@ arm-ux500-do-not-directly-dereference-__iomem.patch arm64-dts-qcom-sdm850-lenovo-yoga-c630-correct-i2c12-pins-drive-strength.patch selftests-use-optional-usercflags-and-userldflags.patch cpufreq-init-completion-before-kobject_init_and_add.patch +binfmt-move-install_exec_creds-after-setup_new_exec-.patch +binfmt-fix-error-return-code-in-load_elf_fdpic_binar.patch