lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <51485A43.4020600@sysgo.com>
Date:	Tue, 19 Mar 2013 13:29:55 +0100
From:	David Engraf <david.engraf@...go.com>
To:	Thomas Gleixner <tglx@...utronix.de>,
	John Stultz <john.stultz@...aro.org>
CC:	linux-kernel@...r.kernel.org
Subject: [PATCH] ktime_add_ns() may overflow on 32bit architectures

Hello,

I've triggered an overflow when using ktime_add_ns() on a 32bit 
architecture not supporting CONFIG_KTIME_SCALAR.

When passing a very high value for u64 nsec, e.g. 7881299347898368000 
the do_div() function converts this value to seconds (7881299347) which 
is still to high to pass to the ktime_set() function as long. The result 
in my case is a negative value.

The problem on my system occurs in the tick-sched.c, 
tick_nohz_stop_sched_tick() when time_delta is set to 
timekeeping_max_deferment(). The check for time_delta < KTIME_MAX is 
valid, thus ktime_add_ns() is called with a too large value resulting in 
a negative expire value. This leads to an endless loop in the ticker code:

time_delta: 7881299347898368000
expires = ktime_add_ns(last_update, time_delta)
expires: negative value

This error doesn't occurs on 64bit or architectures supporting 
CONFIG_KTIME_SCALAR (e.g. ARM, x86-32).

Best regards
- David

Signed-off-by: David Engraf <david.engraf@...go.com>


View attachment "ktime_add_ns.patch" of type "text/x-diff" (426 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ