mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-05 08:26:59 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers
History
Basavaraj Natikar 8785436617 HID: amd_sfh: Fix for shift-out-of-bounds 
Shift operation of 'exp' and 'shift' variables exceeds the maximum number
of shift values in the u32 range leading to UBSAN shift-out-of-bounds.

...
[    6.120512] UBSAN: shift-out-of-bounds in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c:149:50
[    6.120598] shift exponent 104 is too large for 64-bit type 'long unsigned int'
[    6.120659] CPU: 4 PID: 96 Comm: kworker/4:1 Not tainted 6.4.0amd_1-next-20230519-dirty #10
[    6.120665] Hardware name: AMD Birman-PHX/Birman-PHX, BIOS SFH_with_HPD_SEN.FD 04/05/2023
[    6.120667] Workqueue: events amd_sfh_work_buffer [amd_sfh]
[    6.120687] Call Trace:
[    6.120690]  <TASK>
[    6.120694]  dump_stack_lvl+0x48/0x70
[    6.120704]  dump_stack+0x10/0x20
[    6.120707]  ubsan_epilogue+0x9/0x40
[    6.120716]  __ubsan_handle_shift_out_of_bounds+0x10f/0x170
[    6.120720]  ? psi_group_change+0x25f/0x4b0
[    6.120729]  float_to_int.cold+0x18/0xba [amd_sfh]
[    6.120739]  get_input_rep+0x57/0x340 [amd_sfh]
[    6.120748]  ? __schedule+0xba7/0x1b60
[    6.120756]  ? __pfx_get_input_rep+0x10/0x10 [amd_sfh]
[    6.120764]  amd_sfh_work_buffer+0x91/0x180 [amd_sfh]
[    6.120772]  process_one_work+0x229/0x430
[    6.120780]  worker_thread+0x4a/0x3c0
[    6.120784]  ? __pfx_worker_thread+0x10/0x10
[    6.120788]  kthread+0xf7/0x130
[    6.120792]  ? __pfx_kthread+0x10/0x10
[    6.120795]  ret_from_fork+0x29/0x50
[    6.120804]  </TASK>
...

Fix this by adding the condition to validate shift ranges.

Fixes: 93ce5e0231 ("HID: amd_sfh: Implement SFH1.1 functionality")
Cc: stable@vger.kernel.org
Tested-by: Kai-Heng Feng <kai.heng.feng@canonical.com>
Signed-off-by: Basavaraj Natikar <Basavaraj.Natikar@amd.com>
Signed-off-by: Akshata MukundShetty <akshata.mukundshetty@amd.com>
Link: https://lore.kernel.org/r/20230707065722.9036-3-Basavaraj.Natikar@amd.com
Signed-off-by: Benjamin Tissoires <bentiss@kernel.org>
2023-07-10 09:53:50 +02:00
..
accel accel/qaic: Call DRM helper function to destroy prime GEM 2023-06-20 08:07:29 -06:00
accessibility
acpi Power management updates for 6.5-rc1 2023-06-26 19:36:30 -07:00
amba
android
ata ata: libata-scsi: Avoid deadlock on rescan after device resume 2023-06-18 12:00:49 +09:00
atm
auxdisplay
base regmap: Updates for v6.5 2023-06-28 13:26:19 -07:00
bcma
block Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
bluetooth
bus
cdrom cdrom: Fix spectre-v1 gadget 2023-06-22 07:48:08 -06:00
cdx
char for-6.5/splice-2023-06-23 2023-06-26 11:52:12 -07:00
clk This batch of clk driver updates for the merge window contains almost no new 2023-06-29 10:05:47 -07:00
clocksource Scheduler changes for v6.5: 2023-06-27 14:03:21 -07:00
comedi
connector
counter
cpufreq cpufreq: intel_pstate: Fix energy_performance_preference for passive 2023-06-21 19:42:58 +02:00
cpuidle
crypto workqueue: Ordered workqueue creation cleanups 2023-06-27 16:46:06 -07:00
cxl
dax
dca
devfreq
dio
dma
dma-buf udmabuf: revert 'Add support for mapping hugepages (v4)' 2023-06-19 13:19:32 -07:00
edac - Add initial support for RAS hardware found on AMD server GPUs (MI200). 2023-06-26 15:09:18 -07:00
eisa
extcon
firewire
firmware xen: branch for v6.5-rc1 2023-06-27 16:03:20 -07:00
fpga
fsi
gnss
gpio gpio updates for v6.5 2023-06-29 10:11:10 -07:00
gpu This batch of clk driver updates for the merge window contains almost no new 2023-06-29 10:05:47 -07:00
greybus
hid HID: amd_sfh: Fix for shift-out-of-bounds 2023-07-10 09:53:50 +02:00
hsi
hte
hv x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline 2023-06-17 23:09:47 +00:00
hwmon hwmon: max31827: Switch back to use struct i2c_driver::probe 2023-06-26 06:45:54 -07:00
hwspinlock
hwtracing arm64 updates for 6.5: 2023-06-26 17:11:53 -07:00
i2c i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle 2023-06-23 12:58:24 +02:00
i3c
idle intel_idle: Add a "Long HLT" C1 state for the VM guest mode 2023-06-21 19:46:58 +02:00
iio
infiniband Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
input gpio updates for v6.5 2023-06-29 10:11:10 -07:00
interconnect
iommu Merge branch 'expand-stack' 2023-06-28 20:35:21 -07:00
ipack
irqchip ARM updates for v6.5-rc1 2023-06-26 17:07:53 -07:00
isdn
leds leds: trigger: netdev: expose hw_control status via sysfs 2023-06-21 14:30:46 -07:00
macintosh
mailbox
mcb
md - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
media fbdev fixes for 6.5-rc1: 2023-06-29 10:20:38 -07:00
memory
memstick
message
mfd gpio updates for v6.5 2023-06-29 10:11:10 -07:00
misc - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
mmc gpio updates for v6.5 2023-06-29 10:11:10 -07:00
most
mtd Core MTD changes: 2023-06-28 14:02:03 -07:00
mux
net Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-06-22 18:40:38 -07:00
ntb
nubus
nvdimm
nvme Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
nvmem
of gpio updates for v6.5 2023-06-29 10:11:10 -07:00
opp
parisc
parport sysctl: replace child with an enumeration 2023-06-18 02:32:54 -07:00
pci - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
pcmcia
peci
perf - Arnd Bergmann has fixed a bunch of -Wmissing-prototypes in 2023-06-28 10:59:38 -07:00
phy This batch of clk driver updates for the merge window contains almost no new 2023-06-29 10:05:47 -07:00
pinctrl regulator: Updates for v6.5 2023-06-28 13:32:47 -07:00
platform chrome platform changes for 6.5 2023-06-26 20:12:07 -07:00
pnp
power
powercap
pps
ps3
ptp ptp: ocp: Add .getmaxphase ptp_clock_info callback 2023-06-20 09:02:33 +01:00
pwm
rapidio
ras
regulator Add Renesas PMIC RAA215300 and built-in RTC 2023-06-24 01:57:59 +01:00
remoteproc
reset
rpmsg
rtc This batch of clk driver updates for the merge window contains almost no new 2023-06-29 10:05:47 -07:00
s390 Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
sbus
scsi Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
sh
siox
slimbus
soc Add Renesas PMIC RAA215300 and built-in RTC 2023-06-24 01:57:59 +01:00
soundwire
spi spi: Updates for v6.5 2023-06-28 13:48:42 -07:00
spmi
ssb
staging Staging driver fix for 6.4-rc7 2023-06-17 11:04:10 -07:00
target Networking changes for 6.5. 2023-06-28 16:43:10 -07:00
tc
tee
thermal Thermal control updates for 6.5-rc1 2023-06-26 19:41:26 -07:00
thunderbolt
tty Move the Arm architecture documentation under Documentation/arch/. This 2023-06-27 11:58:16 -07:00
ufs
uio
usb gpio updates for v6.5 2023-06-29 10:11:10 -07:00
vdpa - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
vfio mm: ptep_get() conversion 2023-06-19 16:19:25 -07:00
vhost - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
video fbdev fixes for 6.5-rc1: 2023-06-29 10:20:38 -07:00
virt workqueue: Ordered workqueue creation cleanups 2023-06-27 16:46:06 -07:00
virtio
vlynq
w1
watchdog
xen - Yosry Ahmed brought back some cgroup v1 stats in OOM logs. 2023-06-28 10:28:11 -07:00
zorro
Kconfig
Makefile