| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180326215522.GA409@bombadil.infradead.org>
Date: Mon, 26 Mar 2018 14:55:22 -0700
From: Matthew Wilcox <willy@...radead.org>
To: Arnd Bergmann <arnd@...db.de>
Cc: Jeff Moyer <jmoyer@...hat.com>,
"Leizhen (ThunderTown)" <thunder.leizhen@...wei.com>,
Alexander Viro <viro@...iv.linux.org.uk>,
Benjamin LaHaise <bcrl@...ck.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
linux-aio <linux-aio@...ck.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Tianhong Ding <dingtianhong@...wei.com>,
Hanjun Guo <guohanjun@...wei.com>,
Libin <huawei.libin@...wei.com>,
Kefeng Wang <wangkefeng.wang@...wei.com>,
Deepa Dinamani <deepa.kernel@...il.com>
Subject: Re: [PATCH 1/1] aio: make sure the input "timeout" value is valid
On Mon, Mar 26, 2018 at 10:01:30PM +0200, Arnd Bergmann wrote:
> I had suggested a more complete helper function at some point,
> to take care of all combinations of checking/non-checking, 32/64
> bit, microsecond/nanosecond, and zeroing/checking the upper 32 bits
> of nanoseconds before comparing against 1 billion, but Deepa
> thought that was overkill, so I didn't continue that.
Yeah, that sounds like a nightmare to use ;-)
> For all I can tell, the get_timespec64() helper should almost always
> include the check, the one exception I know is utimensat() and related
> functions that may encode the special UTIME_NOW and UTIME_OMIT
> constants in the nanoseconds.
So do you endorse the get_valid_timespec64() patch I posted up-thread?
We can't just make get_timespec64 return an errno directly because it'll
require changing all the users.
Powered by blists - more mailing lists