lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CALAqxLXwjBVWK5qvh+48DKBAfzXScz_kdaR-W2hpD=KcZm4-ZA@mail.gmail.com>
Date:	Thu, 18 Dec 2014 13:24:30 -0800
From:	John Stultz <john.stultz@...aro.org>
To:	Sasha Levin <sasha.levin@...cle.com>
Cc:	lkml <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v2] time: settimeofday: validate the values of tv from user

Ok. I've got this queued. I'm going to run it through some testing and
as long as nothing goes wrong I'll send it on cc'ing stable.

thanks
-john

On Wed, Dec 3, 2014 at 4:22 PM, Sasha Levin <sasha.levin@...cle.com> wrote:
> An unvalidated user input is multiplied by a constant, which can result in
> an undefined behaviour for large values. While this is validated later,
> we should avoid triggering undefined behaviour.
>
> Signed-off-by: Sasha Levin <sasha.levin@...cle.com>
> ---
>  include/linux/time.h |   13 +++++++++++++
>  kernel/time/time.c   |    4 ++++
>  2 files changed, 17 insertions(+)
>
> diff --git a/include/linux/time.h b/include/linux/time.h
> index 203c2ad..851d822 100644
> --- a/include/linux/time.h
> +++ b/include/linux/time.h
> @@ -110,6 +110,19 @@ static inline bool timespec_valid_strict(const struct timespec *ts)
>         return true;
>  }
>
> +static inline bool timeval_valid(const struct timeval *tv)
> +{
> +       /* Dates before 1970 are bogus */
> +       if (tv->tv_sec < 0)
> +               return false;
> +
> +       /* Can't have more miliseconds then a second */
> +       if (tv->tv_usec < 0 || tv->tv_usec >= USEC_PER_SEC)
> +               return false;
> +
> +       return true;
> +}
> +
>  extern struct timespec timespec_trunc(struct timespec t, unsigned gran);
>
>  #define CURRENT_TIME           (current_kernel_time())
> diff --git a/kernel/time/time.c b/kernel/time/time.c
> index 58c4c7c..d54ca39 100644
> --- a/kernel/time/time.c
> +++ b/kernel/time/time.c
> @@ -200,6 +200,10 @@ SYSCALL_DEFINE2(settimeofday, struct timeval __user *, tv,
>         if (tv) {
>                 if (copy_from_user(&user_tv, tv, sizeof(*tv)))
>                         return -EFAULT;
> +
> +               if (!timeval_valid(&user_tv))
> +                       return -EINVAL;
> +
>                 new_ts.tv_sec = user_tv.tv_sec;
>                 new_ts.tv_nsec = user_tv.tv_usec * NSEC_PER_USEC;
>         }
> --
> 1.7.10.4
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ