lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 11 Feb 2015 07:47:28 +0800
From:	John Stultz <john.stultz@...aro.org>
To:	Prarit Bhargava <prarit@...hat.com>
Cc:	lkml <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Miroslav Lichvar <mlichvar@...hat.com>
Subject: Re: [PATCH] time, ntp: Do not update time_state in middle of leap second

On Sun, Feb 8, 2015 at 2:29 AM, Prarit Bhargava <prarit@...hat.com> wrote:
> During leap second insertion testing it was noticed that a small window
> exists where the time_state could be reset such that
> time_state = TIME_OK, which then causes the leap second to not occur, or
> causes the entire leap second state machine to fail.


I think this description is fairly opaque, and probably needs the
specific example of the state change transitions that motivates this
patch.

> While this is highly unlikely to ever happen in the real world it is
> still something we should protect against, as breaking the state machine
> is obviously bad.

In this case it was a test-case bug where uninitialized data being
passed to adjtimex (when the test intended to only read the time
state) was causing an unexpected state change transition. So its not
immediately obvious that resetting the state machine when the root
called adjtimex is invalid, so it would be good to make this more
clear and explicit (ie: show the expected state transitions and the
command that caused the strange transition you saw).

Sorry for the slow response here, I've been on the fence as to if this
is the right thing or not, and have needed to get some time to stare
at this a bit more to see if I can convince myself its the right
thing, so improving the commit message might make it more obvious to
me and others. :)

thanks
-john
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ