From patchwork Sat Oct 22 07:27:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 7574 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp1106205wrr; Sat, 22 Oct 2022 01:37:16 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7qWGhdItwexNS55Lj8CKJIzVMGzWMhd7ISz/WVZBKEzhAvivxNCUIwApG8QyV8wlOqmtZ7 X-Received: by 2002:a17:907:25c5:b0:783:f5df:900e with SMTP id ae5-20020a17090725c500b00783f5df900emr18530460ejc.491.1666427836220; Sat, 22 Oct 2022 01:37:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666427836; cv=none; d=google.com; s=arc-20160816; b=0kN4cXSiggV+IL68tzxAsdwwLnLueKx36V1dfhsE0m6CsFCUrhl+RXu79R/K2DjuaB ozoLATuu8ZYMgj4/0rmS3AY+tcVtS0kduorsJRQT/AORDwKEPDPeoI86VMW7Pn1RLZJv bYhyWZ5Hs4V0+9O/zJ1pLoX/toxqouOWTacUcUX5Utc+JEgrtBexF1JfyMIK+Y3YfKtJ UyyO2KwICuWwVs0JL7uKHF3FG78vc0e7DyPOZeeAdrUzmZJ8C7FSHeUpdwJE7Zvyscmu NPnxu/0wkfyv6zRhLJGCeEeWXiKI2GTnSOFkWzBJ51cQWNyQ1d14Llo7ydvuMX2jSnOW z2ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=GkpIIKB4FSAuvww5RJn8c2l+yUbHTebrSJd4X3cfkbU=; b=Yj2gY4JZDF4aU2HD26+MMMuvW0NT1Fyk2haL/cCluP50zP9Ghv+lI0IkQGcSbPN4qf HGFBPUIGz0FlNKamaW/ren7JnnpUTJ1TrAWGvM7Gwll+svyYHrYqmvYKdoRiBT+ssVUE vwsSdybsc22zPOY9DGWtE5lP/MqIERLs2h53eWK13TJbmakrEtTvRn79EK2Q7v2QKa+o I+NzbbKhqZbORud2o8FqUvZXpCegywTi+k4jh9UF2DJcQfIBKsOT7+8qqy03X9wMvuCM e5jfGQnFRaUlpApAq2LlBzpFlILYpGEz/1fcrCgExEy5ShvK7ZjaTau5tIer+xlAvIpX VX6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=MNsij98I; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ec12-20020a0564020d4c00b00459779478absi18592928edb.186.2022.10.22.01.36.48; Sat, 22 Oct 2022 01:37:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=MNsij98I; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233920AbiJVIbm (ORCPT + 99 others); Sat, 22 Oct 2022 04:31:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52006 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233939AbiJVI2u (ORCPT ); Sat, 22 Oct 2022 04:28:50 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC3542F668; Sat, 22 Oct 2022 01:01:11 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id DF6AB60B93; Sat, 22 Oct 2022 07:59:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E6803C433C1; Sat, 22 Oct 2022 07:59:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1666425586; bh=DWDmBHGO0wHz+DOiz6L+Y2WUHV5bbg+xFAMdEVqancE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MNsij98I5/VA3CYPFfgVON20X6GJ+xkyQUKXS0WhjxscgchAqpnFueuTpGA1QLbrH m5nqsZ41ttbEVHHbw7PChONn2zWNhlCS/6m6PC72O7fWSeOEL/wO7K8JK2glPCOPhy jn0rrOTGRORmiYOErW2elePSIK1TXUvqjcwAQLCM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Chao Qin , Zhang Rui , "Rafael J. Wysocki" , Sasha Levin Subject: [PATCH 5.19 549/717] powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue Date: Sat, 22 Oct 2022 09:27:08 +0200 Message-Id: <20221022072522.652748958@linuxfoundation.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221022072415.034382448@linuxfoundation.org> References: <20221022072415.034382448@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 X-Spam-Status: No, score=-7.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747376234639743040?= X-GMAIL-MSGID: =?utf-8?q?1747376234639743040?= From: Chao Qin [ Upstream commit 2d93540014387d1c73b9ccc4d7895320df66d01b ] When value < time_unit, the parameter of ilog2() will be zero and the return value is -1. u64(-1) is too large for shift exponent and then will trigger shift-out-of-bounds: shift exponent 18446744073709551615 is too large for 32-bit type 'int' Call Trace: rapl_compute_time_window_core rapl_write_data_raw set_time_window store_constraint_time_window_us Signed-off-by: Chao Qin Acked-by: Zhang Rui Signed-off-by: Rafael J. Wysocki Signed-off-by: Sasha Levin --- drivers/powercap/intel_rapl_common.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/powercap/intel_rapl_common.c b/drivers/powercap/intel_rapl_common.c index 684f177acb44..c053fac05cc2 100644 --- a/drivers/powercap/intel_rapl_common.c +++ b/drivers/powercap/intel_rapl_common.c @@ -994,6 +994,9 @@ static u64 rapl_compute_time_window_core(struct rapl_package *rp, u64 value, y = value & 0x1f; value = (1 << y) * (4 + f) * rp->time_unit / 4; } else { + if (value < rp->time_unit) + return 0; + do_div(value, rp->time_unit); y = ilog2(value); f = div64_u64(4 * (value - (1 << y)), 1 << y);