lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 5 Jan 2008 16:16:55 -0600
From:	David Fries <david@...es.net>
To:	Thomas Gleixner <tglx@...utronix.de>,
	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org
Subject: [PATCH] system timer: fix crash in <100Hz system timer

The kernel has a divide by zero crash when trying to run the system
timer less than 100Hz.  The problem is x/(HZ/USER_HZ) and related.
Now x*(USER_HZ/HZ) will be used if HZ<USER_HZ.

I'm running the Linux kernel under qemu and went to run a slower
system timer to take less CPU (and battery) on the host.  I found that
the kernel paniced under emulation because of a divide by zero in
three places.  Here is the patch.  The base git was updated today
01-05-2008.  I went for a 20Hz system time by adding config HZ_20 etc
to kernel/Kconfig.hz.  With this patch I verified the system timer by
looking at /proc/interrupts.

Signed-off-by: David Fries <david@...es.net>

-- 
David Fries <david@...es.net>
http://fries.net/~david/ (PGP encryption key available)


diff --git a/include/linux/acct.h b/include/linux/acct.h
index 302eb72..86b848d 100644
--- a/include/linux/acct.h
+++ b/include/linux/acct.h
@@ -173,7 +173,11 @@ typedef struct acct acct_t;
 static inline u32 jiffies_to_AHZ(unsigned long x)
 {
 #if (TICK_NSEC % (NSEC_PER_SEC / AHZ)) == 0
-	return x / (HZ / AHZ);
+	#if HZ < AHZ
+		return x * (AHZ / HZ);
+	#else
+		return x / (HZ / AHZ);
+	#endif
 #else
         u64 tmp = (u64)x * TICK_NSEC;
         do_div(tmp, (NSEC_PER_SEC / AHZ));
diff --git a/kernel/time.c b/kernel/time.c
index 09d3c45..23af26f 100644
--- a/kernel/time.c
+++ b/kernel/time.c
@@ -565,7 +565,11 @@ EXPORT_SYMBOL(jiffies_to_timeval);
 clock_t jiffies_to_clock_t(long x)
 {
 #if (TICK_NSEC % (NSEC_PER_SEC / USER_HZ)) == 0
+	#if HZ < USER_HZ
+	return x * (USER_HZ / HZ);
+	#else
 	return x / (HZ / USER_HZ);
+	#endif
 #else
 	u64 tmp = (u64)x * TICK_NSEC;
 	do_div(tmp, (NSEC_PER_SEC / USER_HZ));
@@ -598,7 +602,12 @@ EXPORT_SYMBOL(clock_t_to_jiffies);
 u64 jiffies_64_to_clock_t(u64 x)
 {
 #if (TICK_NSEC % (NSEC_PER_SEC / USER_HZ)) == 0
-	do_div(x, HZ / USER_HZ);
+	#if HZ < USER_HZ
+		x *= USER_HZ;
+		do_div(x, HZ);
+	#else
+		do_div(x, HZ / USER_HZ);
+	#endif
 #else
 	/*
 	 * There are better ways that don't overflow early,

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ