lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 8 Jul 2014 09:34:32 +0200
From:	John Stultz <john.stultz@...aro.org>
To:	Richard Cochran <richardcochran@...il.com>
Cc:	lkml <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...nel.org>,
	Prarit Bhargava <prarit@...hat.com>,
	Sharvil Nanavati <sharvil@...gle.com>,
	stable <stable@...r.kernel.org>
Subject: Re: [PATCH] alarmtimer: Fix bug where relative alarm timers were
 treated as absolute

On Tue, Jul 8, 2014 at 8:42 AM, Richard Cochran
<richardcochran@...il.com> wrote:
> On Mon, Jul 07, 2014 at 02:06:11PM -0700, John Stultz wrote:
>> @@ -597,8 +602,16 @@ static int alarm_timer_set(struct k_itimer *timr, int flags,
>>
>>       /* start the timer */
>>       timr->it.alarm.interval = timespec_to_ktime(new_setting->it_interval);
>> -     alarm_start(&timr->it.alarm.alarmtimer,
>> -                     timespec_to_ktime(new_setting->it_value));
>> +     exp = timespec_to_ktime(new_setting->it_value);
>> +     /* Convert (if necessary) to absolute time */
>> +     if (flags != TIMER_ABSTIME) {
>> +             ktime_t now;
>> +
>> +             now = alarm_bases[timr->it.alarm.alarmtimer.type].gettime();
>> +             exp = ktime_add(now, exp);
>> +     }
>> +
>> +     alarm_start(&timr->it.alarm.alarmtimer, exp);
>
> Nothing protects 'exp' from becoming invalid before queuing the alarm,
> if the time base is reset on another cpu. Or would that be harmless
> here?

Hrmn.. So that's a separate question, but a good one to validate as well.

common_timer_set() has a similar behavior where the return value of
hrtimer_start_expires() isn't passed up. This is because the userspace
behavior is that if the time has already passed, the timer should fire
immediately.

If you look in __hrtimer_start_range_ns(), you'll see the chunk of
logic at the bottom which (if I'm reading it right) raises the softirq
(to fire the timer) if our timer is the earliest and
enqueue_reprogram fails (due to the clockevent logic returning ETIME
due to the time being in the past).

So its definitely subtle but looks like its ok. But I'll add a
validation test to be sure I'm not missing anything there as well.

thanks
-john
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ