a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
add742eabf
android_kernel_samsung_a7y1.../fs
History
Jann Horn add742eabf fs/binfmt_flat.c: make load_flat_shared_library() work 
commit 867bfa4a5fcee66f2b25639acae718e8b28b25a5 upstream.

load_flat_shared_library() is broken: It only calls load_flat_file() if
prepare_binprm() returns zero, but prepare_binprm() returns the number of
bytes read - so this only happens if the file is empty.

Instead, call into load_flat_file() if the number of bytes read is
non-negative. (Even if the number of bytes is zero - in that case,
load_flat_file() will see nullbytes and return a nice -ENOEXEC.)

In addition, remove the code related to bprm creds and stop using
prepare_binprm() - this code is loading a library, not a main executable,
and it only actually uses the members "buf", "file" and "filename" of the
linux_binprm struct. Instead, call kernel_read() directly.

Link: http://lkml.kernel.org/r/20190524201817.16509-1-jannh@google.com
Fixes: 287980e49ffc ("remove lots of IS_ERR_VALUE abuses")
Signed-off-by: Jann Horn <jannh@google.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Kees Cook <keescook@chromium.org>
Cc: Nicolas Pitre <nicolas.pitre@linaro.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Greg Ungerer <gerg@linux-m68k.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-06 19:13:44 +02:00
..
9p 9p locks: add mount option for lock retry interval 2020-04-06 15:20:03 +02:00
adfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
affs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
afs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
autofs4 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
befs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
btrfs Btrfs: fix race updating log root item during fsync 2020-04-06 18:21:28 +02:00
cachefiles A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ceph ceph: flush dirty inodes before proceeding with remount 2020-04-06 18:13:58 +02:00
cifs CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM 2020-04-06 18:21:41 +02:00
coda A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
configfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
cramfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
crypto A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
debugfs debugfs: fix use-after-free on symlink traversal 2020-04-06 16:42:15 +02:00
devpts A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dlm A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ecryptfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
efivarfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
efs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exofs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exportfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ext2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ext4 ext4: do not delete unlinked inode from orphan list on failed truncate 2020-04-06 18:14:53 +02:00
f2fs f2fs: fix to do sanity check on valid block count of segment 2020-04-06 19:01:57 +02:00
fat fs/fat/file.c: issue flush after the writeback of FAT 2020-04-06 19:00:52 +02:00
freevxfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fscache A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fuse fuse: retrieve: cap requested size to negotiated max_write 2020-04-06 19:02:05 +02:00
gfs2 gfs2: Fix lru_count going negative 2020-04-06 18:15:29 +02:00
hfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hfsplus A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hostfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hpfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hugetlbfs hugetlb: use same fault hash key for shared and private mappings 2020-04-06 18:15:12 +02:00
isofs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
jbd2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
jffs2 jffs2: fix use-after-free on symlink traversal 2020-04-06 16:42:13 +02:00
jfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
kernfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lockd A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
logfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
minix A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ncpfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nfs NFS4: Fix v4.0 client state corruption when mount 2020-04-06 18:13:48 +02:00
nfs_common A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nfsd nfsd: allow fh_want_write to be called twice 2020-04-06 19:02:07 +02:00
nilfs2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nls A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
notify A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ntfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ocfs2 fs/ocfs2: fix race in ocfs2_dentry_attach_lock() 2020-04-06 19:02:56 +02:00
omfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
openpromfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
overlayfs ovl: fix uid/gid when creating over whiteout 2020-04-06 15:28:07 +02:00
proc coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 2020-04-06 19:09:33 +02:00
pstore A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
qnx4 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
qnx6 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
quota A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ramfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
reiserfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
romfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sdcardfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sdfat A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
squashfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysv A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
tracefs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ubifs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
udf udf: Fix crash on IO error during truncate 2020-04-06 10:58:12 +02:00
ufs ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour 2020-04-06 18:14:41 +02:00
xfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
aio.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
anon_inodes.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
attr.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bad_inode.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_aout.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_elf_fdpic.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_elf.c binfmt_elf: switch to new creds when switching to new mm 2020-04-06 14:52:46 +02:00
binfmt_em86.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_flat.c fs/binfmt_flat.c: make load_flat_shared_library() work 2020-04-06 19:13:44 +02:00
binfmt_misc.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_script.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
block_dev.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
buffer.c fs: fix guard_bio_eod to check for real EOD errors 2020-04-06 14:50:20 +02:00
char_dev.c chardev: add additional check for minor range overlap 2020-04-06 18:19:58 +02:00
compat_binfmt_elf.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
compat_ioctl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
compat.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
coredump.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dax.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dcache.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dcookies.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
direct-io.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dlog_hook.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
drop_caches.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
eventfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
eventpoll.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exec.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fcntl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fhandle.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
file_table.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
file.c fs/file.c: initialize init_files.resize_wait 2020-04-06 14:49:46 +02:00
filesystems.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs_pin.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs_struct.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs-writeback.c fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount 2020-04-06 18:12:59 +02:00
inode.c Abort file_remove_privs() for non-reg. files 2020-04-06 19:09:43 +02:00
internal.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ioctl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig.binfmt A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
libfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
locks.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Makefile A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mbcache.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mount.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mpage.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
namei.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
namespace.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
no-block.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nsfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
open.c fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock 2020-04-06 18:47:45 +02:00
pipe.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pnode.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pnode.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
posix_acl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
proc_namespace.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
read_write.c fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock 2020-04-06 18:47:45 +02:00
readdir.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
select.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
seq_file.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
signalfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
splice.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
stack.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
stat.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
statfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
super.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sync.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
timerfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
userfaultfd.c coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 2020-04-06 19:09:33 +02:00
utimes.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
xattr.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30