[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] xsm/flask: Fix undefined behaviour in avc_dump_av()
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
- Date: Fri, 1 May 2026 14:17:19 +0000
- Accept-language: en-US, uk-UA, ru-RU
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zFS4Uoz58OBCQEa7Qjp2XgT59HlgHljPSPD0uXJkA3s=; b=LhkPUWINUZemKpjvkUIuVYPvjCDSmr9K9Nvaf42RJnXy2IAwiOWw1CPzQf6moiFToJaVpHrPSi6vUODo/42XpJWEHm91ADwg3lQobrqh2CJ3vXOZq863sf6/eFSetipV+kDntT1VFbEXQXZpTGgP3oqzYDkW0mMum+uAQ7aTjsZGN6fzlhfJcrRNDq4cS8VSWSSsxNmaUoXePVTlK/TGlfdcAYXmHojFK4WPjgFWRCQP9qWw21kP6hjqQh7vVz3DqOLC7iUSUDb9G1OyOd0Y/JphX2kDPdKIn5PUl8FrqnqzzjKp831S4Qgt1IS0ZVJQsmq87O4drgvPG/HPnvldKA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ii+pq10ayKs8KB6Fg6kqkclOn3jPk+nqrby1wd2HMXLOficVZge7TiJy+rWLM2De6YspOcQavQt7QHSAnT4zD4m8ofo8GBeleaA7wJD/z61tiKRiDkGrwMWQO6aBb41YvPt4OEdEcrO6DzA/osAGBX1314j+zX+GSmVO9lduVgWfHgrXbUpA3pX43S5YF0L8M47YjhkitZ+5JV1eyDHnm3IVUY7eHGRBPGW0SEnzXSyBHumbG/nT9mb44AgXJj16SV1dz5L+D+qhPLAHQXmnYUsvYIjPIkBKUjRMulAo5vOPZO0vo3qp278xN8uNhKyyUc6nArappsGPXNOR8jeu5w==
- Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=epam.com header.i="@epam.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:x-ms-exchange-senderadcheck"
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
- Cc: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Fri, 01 May 2026 14:17:43 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHc2XU4ZcEAsUoy1EuhfVMBY8DBFw==
- Thread-topic: [PATCH] xsm/flask: Fix undefined behaviour in avc_dump_av()
When booting Xen with CONFIG_USBAN=y and CONFIG_XSM_FLASK=y,
UBSAN reports undefined behaviour in avc_dump_av() due to a left
shift on a signed int:
(XEN) [ 1.104348]
================================================================================
(XEN) [ 1.105096] UBSAN: Undefined behaviour in xsm/flask/avc.c:184:14
(XEN) [ 1.106052] left shift of 1073741824 by 1 places cannot be represented
in type 'int'
(XEN) [ 1.107546] Xen WARN at common/ubsan/ubsan.c:176
(XEN) [ 1.108295] ----[ Xen-4.21.1 arm64 debug=y ubsan=y Not tainted ]----
(XEN) [ 1.108848] CPU: 0
(XEN) [ 1.109147] PC: 00000a00002f64fc ubsan.c#ubsan_epilogue+0x10/0xd4
[...]
(XEN) [ 1.146320] Xen call trace:
(XEN) [ 1.146663] [<00000a00002f64fc>] ubsan.c#ubsan_epilogue+0x10/0xd4
(PC)
(XEN) [ 1.147227] [<00000a00002f7bc4>]
__ubsan_handle_shift_out_of_bounds+0x1a0/0x290 (LR)
(XEN) [ 1.147868]
(XEN) [ 1.148177]
================================================================================
This can be solved by making 'perm' an unsigned 32-bit type (u32).
Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
---
Test CI pipeline:
https://gitlab.com/xen-project/people/dimaprkp4k/xen/-/pipelines/2493649109
---
xen/xsm/flask/avc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/xen/xsm/flask/avc.c b/xen/xsm/flask/avc.c
index 3d39e55cae..9c3ffdc070 100644
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -152,7 +152,8 @@ static void __attribute__ ((format (printf, 2, 3)))
*/
static void avc_dump_av(struct avc_dump_buf *buf, u16 tclass, u32 av)
{
- int i, i2, perm;
+ int i, i2;
+ u32 perm;
if ( av == 0 )
{
--
2.43.0
|
