github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
2bf8b1c111
linux/include
History
Gaosheng Cui fcbd2b3368 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK 
[ Upstream commit 46653972e3 ]

Shifting signed 32-bit value by 31 bits is undefined, so changing
significant bit to unsigned. The UBSAN warning calltrace like below:

UBSAN: shift-out-of-bounds in security/commoncap.c:1252:2
left shift of 1 by 31 places cannot be represented in type 'int'
Call Trace:
 <TASK>
 dump_stack_lvl+0x7d/0xa5
 dump_stack+0x15/0x1b
 ubsan_epilogue+0xe/0x4e
 __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c
 cap_task_prctl+0x561/0x6f0
 security_task_prctl+0x5a/0xb0
 __x64_sys_prctl+0x61/0x8f0
 do_syscall_64+0x58/0x80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
 </TASK>

Fixes: e338d263a7 ("Add 64-bit capability support to the kernel")
Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-11-16 09:57:10 +01:00
..
acpi ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() 2022-11-10 18:14:22 +01:00
asm-generic asm-generic: sections: refactor memory_intersects 2022-08-31 17:15:22 +02:00
clocksource clocksource/drivers/timer-ti-dm: Save and restore timer TIOCP_CFG 2021-07-14 16:56:12 +02:00
crypto crypto: drbg - make reseeding from get_random_bytes() synchronous 2022-06-06 08:42:42 +02:00
drm drm: fix EDID struct for old ARM OABI format 2022-06-09 10:20:59 +02:00
dt-bindings clk: imx8mq: remove SYS PLL 1/2 clock gates 2021-07-14 16:56:20 +02:00
keys
kunit
kvm
linux bpf: Add helper macro bpf_for_each_reg_in_vstate 2022-11-16 09:57:09 +01:00
math-emu
media media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation 2022-11-03 23:57:51 +09:00
memory memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode 2022-05-09 09:05:02 +02:00
misc
net tcp/udp: Make early_demux back namespacified. 2022-11-10 18:14:26 +01:00
pcmcia
ras
rdma RDMA/netlink: Add __maybe_unused to static inline in C file 2021-11-26 10:39:21 +01:00
scsi scsi: stex: Properly zero out the passthrough command structure 2022-10-15 07:55:55 +02:00
soc firmware: raspberrypi: Keep count of all consumers 2021-09-15 09:50:41 +02:00
sound ALSA: control: Use deferred fasync helper 2022-08-25 11:38:21 +02:00
target scsi: target: Fix ordered tag handling 2021-11-26 10:39:11 +01:00
trace tracing: Use a struct alignof to determine trace event field alignment 2022-08-21 15:16:23 +02:00
uapi capabilities: fix undefined behavior in bit shift for CAP_TO_MASK 2022-11-16 09:57:10 +01:00
vdso
video video: of_display_timing.h: include errno.h 2022-07-12 16:32:19 +02:00
xen xen/gnttab: fix gnttab_end_foreign_access() without page specified 2022-03-11 12:11:54 +01:00