lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <18226.52864.225837.882954@cargo.ozlabs.ibm.com>
Date:	Thu, 8 Nov 2007 19:53:20 +1100
From:	Paul Mackerras <paulus@...ba.org>
To:	David Miller <davem@...emloft.net>
Cc:	akpm@...ux-foundation.org, lkml@...idb.org,
	linux-kernel@...r.kernel.org, drepper@...hat.com,
	mtk-manpages@....net
Subject: Re: compat_sys_times() bogus until jiffies >= 0.

David Miller writes:

> On x86 only.  We could use force_successful_syscall_return()
> to make sure the condition codes get set correctly on
> other platforms.
> 
> But even in that case we'd still be broken when the return
> value is exactly -1 and that's what the application is going
> to compare against to test for errors.

We could special-case that and turn it into 0.  That would introduce a
0.01 second blip, which would be better than a 41 second window for
bad behaviour like we have at the moment.

It's also possible that many applications already don't check for
errors.  For example, glibc deliberately doesn't check for errors when
it calls __times in the clock() implementation.  There is a comment in
sysdeps/unix/sysv/linux/clock.c that says this:

  /* We don't check for errors here.  The only error the kernel
     returns is EFAULT if the value cannot be written to the struct we
     pass a pointer to.  Otherwise the kernel returns an `unsigned
     long' value which is the number of jiffies since system start.
     But this number can be negative (when read as `long') when the
     system is up for some time.  Ignoring errors should therefore
     have no negative impacts but solve the problem.  */
  __times (&buf);

Paul.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ