| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230424045122.370511-1-gehao@kylinos.cn>
Date: Mon, 24 Apr 2023 12:51:22 +0800
From: Hao Ge <gehao@...inos.cn>
To: viro@...iv.linux.org.uk, brauner@...nel.org
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
gehao618@....com, Hao Ge <gehao@...inos.cn>
Subject: [PATCH V2] fs: fix undefined behavior in bit shift for SB_NOUSER
Shifting signed 32-bit value by 31 bits is undefined, so changing
significant bit to unsigned. The UBSAN warning calltrace like below:
UBSAN: shift-out-of-bounds in fs/nsfs.c:306:32
left shift of 1 by 31 places cannot be represented in type 'int'
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.3.0-rc4+ #2
Call trace:
<TASK>
dump_backtrace+0x134/0x1e0
show_stack+0x2c/0x3c
dump_stack_lvl+0xb0/0xd4
dump_stack+0x14/0x1c
ubsan_epilogue+0xc/0x3c
__ubsan_handle_shift_out_of_bounds+0xb0/0x14c
nsfs_init+0x4c/0xb0
start_kernel+0x38c/0x738
__primary_switched+0xbc/0xc4
</TASK>
Fixes: e462ec50cb5f ("VFS: Differentiate mount flags (MS_*) from internal superblock flags")
Signed-off-by: Hao Ge <gehao@...inos.cn>
---
v2: add Fixes for changelog
---
include/linux/fs.h | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/include/linux/fs.h b/include/linux/fs.h
index c85916e9f7db..86ab23a05b61 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1069,19 +1069,19 @@ extern int send_sigurg(struct fown_struct *fown);
#define SB_NOATIME 1024 /* Do not update access times. */
#define SB_NODIRATIME 2048 /* Do not update directory access times */
#define SB_SILENT 32768
-#define SB_POSIXACL (1<<16) /* VFS does not apply the umask */
-#define SB_INLINECRYPT (1<<17) /* Use blk-crypto for encrypted files */
-#define SB_KERNMOUNT (1<<22) /* this is a kern_mount call */
-#define SB_I_VERSION (1<<23) /* Update inode I_version field */
-#define SB_LAZYTIME (1<<25) /* Update the on-disk [acm]times lazily */
+#define SB_POSIXACL (1U<<16) /* VFS does not apply the umask */
+#define SB_INLINECRYPT (1U<<17) /* Use blk-crypto for encrypted files */
+#define SB_KERNMOUNT (1U<<22) /* this is a kern_mount call */
+#define SB_I_VERSION (1U<<23) /* Update inode I_version field */
+#define SB_LAZYTIME (1U<<25) /* Update the on-disk [acm]times lazily */
/* These sb flags are internal to the kernel */
-#define SB_SUBMOUNT (1<<26)
-#define SB_FORCE (1<<27)
-#define SB_NOSEC (1<<28)
-#define SB_BORN (1<<29)
-#define SB_ACTIVE (1<<30)
-#define SB_NOUSER (1<<31)
+#define SB_SUBMOUNT (1U<<26)
+#define SB_FORCE (1U<<27)
+#define SB_NOSEC (1U<<28)
+#define SB_BORN (1U<<29)
+#define SB_ACTIVE (1U<<30)
+#define SB_NOUSER (1U<<31)
/* These flags relate to encoding and casefolding */
#define SB_ENC_STRICT_MODE_FL (1 << 0)
--
2.25.1
No virus found
Checked by Hillstone Network AntiVirus
Powered by blists - more mailing lists