lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 24 Apr 2023 11:00:05 +0800
From:   Hao Ge <gehao@...inos.cn>
To:     viro@...iv.linux.org.uk, brauner@...nel.org
Cc:     linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        gehao618@....com, Hao Ge <gehao@...inos.cn>
Subject: [PATCH] fs: fix undefined behavior in bit shift for SB_NOUSER

Shifting signed 32-bit value by 31 bits is undefined, so changing
significant bit to unsigned. The UBSAN warning calltrace like below:

UBSAN: shift-out-of-bounds in fs/nsfs.c:306:32
left shift of 1 by 31 places cannot be represented in type 'int'
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-rc4+ #2
Call trace:
<TASK>
dump_backtrace+0x134/0x1e0
show_stack+0x2c/0x3c
dump_stack_lvl+0xb0/0xd4
dump_stack+0x14/0x1c
ubsan_epilogue+0xc/0x3c
__ubsan_handle_shift_out_of_bounds+0xb0/0x14c
nsfs_init+0x4c/0xb0
start_kernel+0x38c/0x738
__primary_switched+0xbc/0xc4
</TASK>

Signed-off-by: Hao Ge <gehao@...inos.cn>
---
 include/linux/fs.h | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/include/linux/fs.h b/include/linux/fs.h
index c85916e9f7db..86ab23a05b61 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1069,19 +1069,19 @@ extern int send_sigurg(struct fown_struct *fown);
 #define SB_NOATIME	1024	/* Do not update access times. */
 #define SB_NODIRATIME	2048	/* Do not update directory access times */
 #define SB_SILENT	32768
-#define SB_POSIXACL	(1<<16)	/* VFS does not apply the umask */
-#define SB_INLINECRYPT	(1<<17)	/* Use blk-crypto for encrypted files */
-#define SB_KERNMOUNT	(1<<22) /* this is a kern_mount call */
-#define SB_I_VERSION	(1<<23) /* Update inode I_version field */
-#define SB_LAZYTIME	(1<<25) /* Update the on-disk [acm]times lazily */
+#define SB_POSIXACL	(1U<<16)	/* VFS does not apply the umask */
+#define SB_INLINECRYPT	(1U<<17)	/* Use blk-crypto for encrypted files */
+#define SB_KERNMOUNT	(1U<<22) /* this is a kern_mount call */
+#define SB_I_VERSION	(1U<<23) /* Update inode I_version field */
+#define SB_LAZYTIME	(1U<<25) /* Update the on-disk [acm]times lazily */
 
 /* These sb flags are internal to the kernel */
-#define SB_SUBMOUNT     (1<<26)
-#define SB_FORCE    	(1<<27)
-#define SB_NOSEC	(1<<28)
-#define SB_BORN		(1<<29)
-#define SB_ACTIVE	(1<<30)
-#define SB_NOUSER	(1<<31)
+#define SB_SUBMOUNT     (1U<<26)
+#define SB_FORCE	(1U<<27)
+#define SB_NOSEC	(1U<<28)
+#define SB_BORN		(1U<<29)
+#define SB_ACTIVE	(1U<<30)
+#define SB_NOUSER	(1U<<31)
 
 /* These flags relate to encoding and casefolding */
 #define SB_ENC_STRICT_MODE_FL	(1 << 0)
-- 
2.25.1


No virus found
		Checked by Hillstone Network AntiVirus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ