lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20151206221149.GA22451@netboy>
Date:	Sun, 6 Dec 2015 23:11:49 +0100
From:	Richard Cochran <richardcochran@...il.com>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Sasha Levin <sasha.levin@...cle.com>, john.stultz@...aro.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] time: verify time values in adjtimex ADJ_SETOFFSET to
 avoid overflow

On Sun, Dec 06, 2015 at 10:07:01AM +0100, Thomas Gleixner wrote:
> On Sat, 5 Dec 2015, Sasha Levin wrote:
> > On 12/05/2015 12:10 PM, Thomas Gleixner wrote:
> > > That's not a canonical timeval. timeval_valid() is what you want to
> > > check it. Or has adjtimex some magic exception here?

You can't use timeval_valid for ADJ_SETOFFSET, because the seconds
field can also be negative (when setting the time back).

> > Nope, it looks like timeval_valid() is indeed what I've needed to use.
> > 
> > Is there a reason ntp_validate_timex() doesn't do timeval_valid() too
> > for at least the ADJ_SETOFFSET case? If not, I'll add it in.

So you should not use timeval_valid, and the original patch is also
not right.  The rule is:

	The value of a timeval is the sum of its fields, but the
	field tv_usec must always be non-negative.

We had a discussion about this a year or two ago.  Maybe I can find it
again.

The overflow is a latent problem, and the patch should:

1. return error in case (txc->time.tv_usec >= USEC_PER_SEC)
2. remove the redundant test in timekeeping_inject_offset.

Thanks,
Richard


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ