linux/block
Konstantin Ovsepian 9bce8005ec blk_iocost: fix more out of bound shifts
Recently running UBSAN caught few out of bound shifts in the
ioc_forgive_debts() function:

UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38
shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long
long')
...
UBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30
shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long
long')
...
Call Trace:
<IRQ>
dump_stack_lvl+0xca/0x130
__ubsan_handle_shift_out_of_bounds+0x22c/0x280
? __lock_acquire+0x6441/0x7c10
ioc_timer_fn+0x6cec/0x7750
? blk_iocost_init+0x720/0x720
? call_timer_fn+0x5d/0x470
call_timer_fn+0xfa/0x470
? blk_iocost_init+0x720/0x720
__run_timer_base+0x519/0x700
...

Actual impact of this issue was not identified but I propose to fix the
undefined behaviour.
The proposed fix to prevent those out of bound shifts consist of
precalculating exponent before using it the shift operations by taking
min value from the actual exponent and maximum possible number of bits.

Reported-by: Breno Leitao <leitao@debian.org>
Signed-off-by: Konstantin Ovsepian <ovs@ovs.to>
Acked-by: Tejun Heo <tj@kernel.org>
Link: https://lore.kernel.org/r/20240822154137.2627818-1-ovs@ovs.to
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2024-08-26 14:13:22 -06:00
..
partitions Compactifying bdev flags 2024-05-21 13:02:56 -07:00
badblocks.c badblocks: avoid checking invalid range in badblocks_check() 2023-12-23 18:38:08 -07:00
bdev.c for-6.11/block-20240710 2024-07-15 14:20:22 -07:00
bfq-cgroup.c block, bfq: remove blkg_path() 2024-06-18 09:22:45 -06:00
bfq-iosched.c block: BFQ: Refactor bfq_exit_icq() to silence sparse warning 2024-06-16 15:30:32 -06:00
bfq-iosched.h block, bfq: remove blkg_path() 2024-06-18 09:22:45 -06:00
bfq-wf2q.c block, bfq: inject I/O to underutilized actuators 2023-01-29 15:18:33 -07:00
bio-integrity.c for-6.11/block-post-20240722 2024-07-22 11:04:09 -07:00
bio.c for-6.11/block-post-20240722 2024-07-22 11:04:09 -07:00
blk-cgroup-fc-appid.c block: Replace all non-returning strlcpy with strscpy 2023-06-01 09:13:31 -06:00
blk-cgroup-rwstat.c blk-cgroup: use group allocation/free of per-cpu counters API 2024-04-03 09:10:17 -06:00
blk-cgroup-rwstat.h
blk-cgroup.c blk-ioprio: remove per-disk structure 2024-07-28 16:47:51 -06:00
blk-cgroup.h blk-cgroup: Remove unused declaration blkg_path() 2024-08-16 15:07:27 -06:00
blk-core.c block: avoid polling configuration errors 2024-07-19 09:35:35 -06:00
blk-crypto-fallback.c block, fs: Restore the per-bio/request data lifetime fields 2024-02-06 14:31:05 +01:00
blk-crypto-internal.h blk-crypto: remove blk_crypto_insert_cloned_request() 2023-03-16 09:35:09 -06:00
blk-crypto-profile.c blk-crypto: use dynamic lock class for blk_crypto_profile::lock 2023-07-05 16:36:12 -06:00
blk-crypto-sysfs.c block: make kobj_type structures constant 2023-02-09 09:38:16 -07:00
blk-crypto.c blk-crypto: make blk_crypto_evict_key() more robust 2023-03-16 09:35:09 -06:00
blk-flush.c for-6.11/block-20240710 2024-07-15 14:20:22 -07:00
blk-ia-ranges.c block: make kobj_type structures constant 2023-02-09 09:38:16 -07:00
blk-integrity.c block: cleanup flag_{show,store} 2024-06-17 10:13:37 -06:00
blk-ioc.c blk-ioc: fix recursive spin_lock/unlock_irq() in ioc_clear_queue() 2023-06-07 07:51:00 -06:00
blk-iocost.c blk_iocost: fix more out of bound shifts 2024-08-26 14:13:22 -06:00
blk-iolatency.c block: add blk_time_get_ns() and blk_time_get() helpers 2024-02-05 10:07:22 -07:00
blk-ioprio.c blk-ioprio: remove per-disk structure 2024-07-28 16:47:51 -06:00
blk-ioprio.h blk-ioprio: remove per-disk structure 2024-07-28 16:47:51 -06:00
blk-lib.c blk-lib: check for kill signal in ioctl BLKZEROOUT 2024-07-05 00:53:15 -06:00
blk-map.c block: don't free the integrity payload in bio_integrity_unmap_free_user 2024-07-03 10:21:16 -06:00
blk-merge.c block: take offset into account in blk_bvec_map_sg again 2024-07-09 01:02:44 -06:00
blk-mq-cpumap.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-debugfs.c block: Catch possible entries missing from rqf_name[] 2024-07-19 09:32:49 -06:00
blk-mq-debugfs.h block: Replace zone_wlock debugfs entry with zone_wplugs entry 2024-04-17 08:44:03 -06:00
blk-mq-pci.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-sched.c blk-mq: Remove the hctx 'run' debugfs attribute 2024-01-17 14:16:34 -07:00
blk-mq-sched.h blk-mq: make sure elevator callbacks aren't called for passthrough request 2023-05-18 19:42:54 -06:00
blk-mq-sysfs.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq-tag.c for-6.5/block-2023-06-23 2023-06-26 12:47:20 -07:00
blk-mq-virtio.c blk-mq: include <linux/blk-mq.h> in block/blk-mq.h 2023-04-13 06:52:29 -06:00
blk-mq.c block: Call .limit_depth() after .hctx has been set 2024-07-02 08:47:45 -06:00
blk-mq.h block: Relocate BLK_MQ_CPU_WORK_BATCH 2024-07-19 09:32:48 -06:00
blk-pm.c block: Remove blk_set_runtime_active() 2023-11-20 10:22:40 -07:00
blk-pm.h
blk-rq-qos.c block: correct stale comment in rq_qos_wait 2023-09-18 14:15:28 -06:00
blk-rq-qos.h block: skip QUEUE_FLAG_STATS and rq-qos for passthrough io 2023-12-01 18:29:18 -07:00
blk-settings.c block: Validate logical block size in blk_validate_limits() 2024-07-09 00:00:17 -06:00
blk-stat.c blk-throttle: remove CONFIG_BLK_DEV_THROTTLING_LOW 2024-05-09 09:44:55 -06:00
blk-stat.h block: delete redundant function declaration 2024-05-27 13:58:06 -06:00
blk-sysfs.c block: pass a gendisk to the queue_sysfs_entry methods 2024-06-28 15:06:16 -06:00
blk-throttle.c blk-throttle: fix lower control under super low iops limit 2024-06-28 14:55:02 -06:00
blk-throttle.h blk-throttle: Fix incorrect display of io.max 2024-05-30 19:44:29 -06:00
blk-timeout.c
blk-wbt.c blk-wbt: don't throttle swap writes in direct reclaim 2024-07-01 06:51:53 -06:00
blk-wbt.h blk-wbt: remove the separate write cache tracking 2023-12-26 09:28:10 -07:00
blk-zoned.c for-6.11/block-20240710 2024-07-15 14:20:22 -07:00
blk.h for-6.11/block-post-20240722 2024-07-22 11:04:09 -07:00
bounce.c block: split integrity support out of bio.h 2024-07-03 10:21:15 -06:00
bsg-lib.c scsi: bsg: Pass dev to blk_mq_alloc_queue() 2024-05-30 20:22:15 -04:00
bsg.c SCSI misc on 20230629 2023-06-30 11:57:07 -07:00
disk-events.c block: move bdev_mark_dead out of disk_check_media_change 2023-10-28 13:29:23 +02:00
early-lookup.c wrapper for access to ->bd_partno 2024-05-02 17:48:09 -04:00
elevator.c block: pass a gendisk to the queue_sysfs_entry methods 2024-06-28 15:06:16 -06:00
elevator.h block: pass a gendisk to the queue_sysfs_entry methods 2024-06-28 15:06:16 -06:00
fops.c block: clean up the check in blkdev_iomap_begin() 2024-06-27 05:56:35 -06:00
genhd.c block: fix deadlock between sd_remove & sd_release 2024-07-24 09:51:21 -06:00
holder.c block: fix deadlock between bd_link_disk_holder and partition scan 2024-02-23 07:44:19 -07:00
ioctl.c blk-lib: check for kill signal in ioctl BLKZEROOUT 2024-07-05 00:53:15 -06:00
ioprio.c block: move __get_task_ioprio() into header file 2024-01-08 12:27:39 -07:00
Kconfig block: remove the blk_integrity_profile structure 2024-06-14 10:20:06 -06:00
Kconfig.iosched block: Default to use cgroup support for BFQ 2023-01-30 09:42:42 -07:00
kyber-iosched.c blk-mq: pass a flags argument to elevator_type->insert_requests 2023-04-13 06:52:30 -06:00
Makefile block: remove the blk_integrity_profile structure 2024-06-14 10:20:06 -06:00
mq-deadline.c block/mq-deadline: Fix the tag reservation code 2024-07-02 08:47:45 -06:00
opal_proto.h block: sed-opal: handle empty atoms when parsing response 2024-02-16 15:52:45 -07:00
sed-opal.c block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() 2024-06-12 10:53:20 -06:00
t10-pi.c block: constify ext_pi_ref_escape() 2024-08-13 06:20:02 -06:00