| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210416182558.GA4816@taoren-ubuntu-R90MNF91>
Date: Fri, 16 Apr 2021 11:25:59 -0700
From: Tao Ren <rentao.bupt@...il.com>
To: Guenter Roeck <linux@...ck-us.net>
Cc: Wim Van Sebroeck <wim@...ux-watchdog.org>,
Joel Stanley <joel@....id.au>,
Andrew Jeffery <andrew@...id.au>,
linux-watchdog@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
linux-aspeed@...ts.ozlabs.org, linux-kernel@...r.kernel.org,
openbmc@...ts.ozlabs.org, Tao Ren <taoren@...com>,
Amithash Prasad <amithash@...com>
Subject: Re: [PATCH v2] watchdog: aspeed: fix integer overflow in set_timeout
handler
On Thu, Apr 15, 2021 at 10:07:32PM -0700, Guenter Roeck wrote:
> On 4/15/21 7:13 PM, rentao.bupt@...il.com wrote:
> > From: Tao Ren <rentao.bupt@...il.com>
> >
> > Fix the time comparison (timeout vs. max_hw_heartbeat_ms) in set_timeout
> > handler to avoid potential integer overflow when the supplied timeout is
> > greater than aspeed's maximum allowed timeout (4294 seconds).
> >
>
> I think this is the wrong focus: What this fixes is the wrong hardware
> timeout calculation. Again, I think that the wrong calculation leads to
> the overflow should not be the focus of this patch, though it can of
> course be mentioned.
>
> I'll leave it up to Wim to decide if he wants to apply the patch with the
> current explanation.
>
> Thanks,
> Guenter
Sorry I didn't get your point correctly, and I guess it was because of
my lack of knowledge in timeout/max_hw_heartbeat_ms/worker (hopefully
my understanding is correct now :))
Let me drop this patch and send a new one with different subject and
description soon.
Cheers,
Tao
Powered by blists - more mailing lists