v2: add Cc stable because the UBSAN might be triggered of previous stable kernels as well.
Agathe Porte (1): ufs: ufs_sb_private_info: remove unused s_{2,3}apb fields
fs/ufs/super.c | 4 ---- fs/ufs/ufs_fs.h | 4 ---- 2 files changed, 8 deletions(-)
These two fields are populated during and stored as a "frequently used value" in ufs_fill_super, but are not used afterwards in the driver.
Moreover, one of the shifts triggers UBSAN: shift-out-of-bounds when apbshift is 12 because 12 * 3 = 36 and 1 << 36 does not fit in the 32 bit integer used to store the value.
Cc: stable@vger.kernel.org Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2087853 Signed-off-by: Agathe Porte agathe.porte@canonical.com --- fs/ufs/super.c | 4 ---- fs/ufs/ufs_fs.h | 4 ---- 2 files changed, 8 deletions(-)
diff --git a/fs/ufs/super.c b/fs/ufs/super.c index bc625788589c..7ea1a4c07ba2 100644 --- a/fs/ufs/super.c +++ b/fs/ufs/super.c @@ -1240,11 +1240,7 @@ static int ufs_fill_super(struct super_block *sb, void *data, int silent) else uspi->s_apbshift = uspi->s_bshift - 2;
- uspi->s_2apbshift = uspi->s_apbshift * 2; - uspi->s_3apbshift = uspi->s_apbshift * 3; uspi->s_apb = 1 << uspi->s_apbshift; - uspi->s_2apb = 1 << uspi->s_2apbshift; - uspi->s_3apb = 1 << uspi->s_3apbshift; uspi->s_apbmask = uspi->s_apb - 1; uspi->s_nspfshift = uspi->s_fshift - UFS_SECTOR_BITS; uspi->s_nspb = uspi->s_nspf << uspi->s_fpbshift; diff --git a/fs/ufs/ufs_fs.h b/fs/ufs/ufs_fs.h index ef9ead44776a..0905f9a16b91 100644 --- a/fs/ufs/ufs_fs.h +++ b/fs/ufs/ufs_fs.h @@ -775,12 +775,8 @@ struct ufs_sb_private_info {
__u32 s_fpbmask; /* fragments per block mask */ __u32 s_apb; /* address per block */ - __u32 s_2apb; /* address per block^2 */ - __u32 s_3apb; /* address per block^3 */ __u32 s_apbmask; /* address per block mask */ __u32 s_apbshift; /* address per block shift */ - __u32 s_2apbshift; /* address per block shift * 2 */ - __u32 s_3apbshift; /* address per block shift * 3 */ __u32 s_nspfshift; /* number of sector per fragment shift */ __u32 s_nspb; /* number of sector per block */ __u32 s_inopf; /* inodes per fragment */
On Tue, Nov 12, 2024 at 01:01:54PM +0100, Agathe Porte wrote:
These two fields are populated during and stored as a "frequently used value" in ufs_fill_super, but are not used afterwards in the driver.
Moreover, one of the shifts triggers UBSAN: shift-out-of-bounds when apbshift is 12 because 12 * 3 = 36 and 1 << 36 does not fit in the 32 bit integer used to store the value.
Cc: stable@vger.kernel.org Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2087853
As these values are not used, even if the shift goes off in the wild it's not needed to backport this as it's not actually causing any problems. So I'd drop the cc: stable@ please.
thanks,
greg k-h
On 12/11/2024 13:12, Greg KH wrote:
On Tue, Nov 12, 2024 at 01:01:54PM +0100, Agathe Porte wrote:
These two fields are populated during and stored as a "frequently used value" in ufs_fill_super, but are not used afterwards in the driver.
Moreover, one of the shifts triggers UBSAN: shift-out-of-bounds when apbshift is 12 because 12 * 3 = 36 and 1 << 36 does not fit in the 32 bit integer used to store the value.
Cc: stable@vger.kernel.org Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2087853
As these values are not used, even if the shift goes off in the wild it's not needed to backport this as it's not actually causing any problems. So I'd drop the cc: stable@ please.
OK, sent a v3 that drops the stable cc: https://lore.kernel.org/linux-kernel/20241112122000.35610-1-agathe.porte@can...
linux-stable-mirror@lists.linaro.org
-
Agathe Porte -
Greg KH