lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri, 05 Apr 2024 20:07:51 -0600
From: Jens Axboe <axboe@...nel.dk>
To: linux-kernel@...r.kernel.org, Rik van Riel <riel@...riel.com>
Cc: kernel-team@...a.com, Tejun Heo <tj@...nel.org>, 
 Josef Bacik <josef@...icpanda.com>, cgroups@...r.kernel.org, 
 linux-block@...r.kernel.org
Subject: Re: [PATCH] blk-iocost: avoid out of bounds shift


On Thu, 04 Apr 2024 12:32:53 -0400, Rik van Riel wrote:
> UBSAN catches undefined behavior in blk-iocost, where sometimes
> iocg->delay is shifted right by a number that is too large,
> resulting in undefined behavior on some architectures.
> 
> [  186.556576] ------------[ cut here ]------------
> UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23
> shift exponent 64 is too large for 64-bit type 'u64' (aka 'unsigned long long')
> CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S          E    N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1
> Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020
> Call Trace:
>  <IRQ>
>  dump_stack_lvl+0x8f/0xe0
>  __ubsan_handle_shift_out_of_bounds+0x22c/0x280
>  iocg_kick_delay+0x30b/0x310
>  ioc_timer_fn+0x2fb/0x1f80
>  __run_timer_base+0x1b6/0x250
> ...
> 
> [...]

Applied, thanks!

[1/1] blk-iocost: avoid out of bounds shift
      commit: beaa51b36012fad5a4d3c18b88a617aea7a9b96d

Best regards,
-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ