Re: [PATCH 4.9 27/33] futex: Remove duplicated code and fix undefined behaviour

From: Greg Kroah-Hartman
Date: Fri May 18 2018 - 04:05:49 EST


On Fri, May 18, 2018 at 10:30:24AM +0200, Jiri Slaby wrote:
> On 05/18/2018, 10:16 AM, Greg Kroah-Hartman wrote:
> > 4.9-stable review patch. If anyone has any objections, please let me know.
> >
> > ------------------
> >
> > From: Jiri Slaby <jslaby@xxxxxxx>
> >
> > commit 30d6e0a4190d37740e9447e4e4815f06992dd8c3 upstream.
> ...
> > --- a/kernel/futex.c
> > +++ b/kernel/futex.c
> > @@ -1458,6 +1458,45 @@ out:
> > return ret;
> > }
> >
> > +static int futex_atomic_op_inuser(unsigned int encoded_op, u32 __user *uaddr)
> > +{
> > + unsigned int op = (encoded_op & 0x70000000) >> 28;
> > + unsigned int cmp = (encoded_op & 0x0f000000) >> 24;
> > + int oparg = sign_extend32((encoded_op & 0x00fff000) >> 12, 12);
> > + int cmparg = sign_extend32(encoded_op & 0x00000fff, 12);
>
> 12 is wrong here â wherever you apply this, you need also a follow-up fix:
> commit d70ef22892ed6c066e51e118b225923c9b74af34
> Author: Jiri Slaby <jslaby@xxxxxxx>
> Date: Thu Nov 30 15:35:44 2017 +0100
>
> futex: futex_wake_op, fix sign_extend32 sign bits

Thanks for letting me know, I've now queued it up to the needed trees.

greg k-h