This is a note to let you know that I've just added the patch titled
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
to the 6.6-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
printk-fix-signed-integer-overflow-when-defining-log.patch
and it can be found in the queue-6.6 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit 12927b8bdd4da6572059f42fcb970132f7ba004c
Author: Kuan-Wei Chiu <visitorckw@xxxxxxxxx>
Date: Sat Sep 28 19:36:08 2024 +0800
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
[ Upstream commit 3d6f83df8ff2d5de84b50377e4f0d45e25311c7a ]
Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which
leads to undefined behavior. To prevent this, cast 1 to u32 before
performing the shift, ensuring well-defined behavior.
This change explicitly avoids any potential overflow by ensuring that
the shift occurs on an unsigned 32-bit integer.
Signed-off-by: Kuan-Wei Chiu <visitorckw@xxxxxxxxx>
Acked-by: Petr Mladek <pmladek@xxxxxxxx>
Link: https://lore.kernel.org/r/20240928113608.1438087-1-visitorckw@xxxxxxxxx
Signed-off-by: Petr Mladek <pmladek@xxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index 0fca282c0a254..dcdf449615bda 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -474,7 +474,7 @@ static struct latched_seq clear_seq = {
/* record buffer */
#define LOG_ALIGN __alignof__(unsigned long)
#define __LOG_BUF_LEN (1 << CONFIG_LOG_BUF_SHIFT)
-#define LOG_BUF_LEN_MAX (u32)(1 << 31)
+#define LOG_BUF_LEN_MAX ((u32)1 << 31)
static char __log_buf[__LOG_BUF_LEN] __aligned(LOG_ALIGN);
static char *log_buf = __log_buf;
static u32 log_buf_len = __LOG_BUF_LEN;
