lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Sep 2021 11:12:17 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Arnd Bergmann <arnd@...nel.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "# 3.4.x" <stable@...r.kernel.org>,
        Lukas Hannen <lukas.hannen@...nsource.tttech-industrial.com>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH 5.14 298/334] time: Handle negative seconds correctly in
 timespec64_to_ns()

On Wed, Sep 15, 2021 at 09:00:32PM +0200, Arnd Bergmann wrote:
> On Tue, Sep 14, 2021 at 1:22 AM Greg Kroah-Hartman
> <gregkh@...uxfoundation.org> wrote:
> >  /*
> >   * Limits for settimeofday():
> > @@ -124,10 +126,13 @@ static inline bool timespec64_valid_sett
> >   */
> >  static inline s64 timespec64_to_ns(const struct timespec64 *ts)
> >  {
> > -       /* Prevent multiplication overflow */
> > -       if ((unsigned long long)ts->tv_sec >= KTIME_SEC_MAX)
> > +       /* Prevent multiplication overflow / underflow */
> > +       if (ts->tv_sec >= KTIME_SEC_MAX)
> >                 return KTIME_MAX;
> >
> > +       if (ts->tv_sec <= KTIME_SEC_MIN)
> > +               return KTIME_MIN;
> > +
> 
> I just saw this get merged for the stable kernels, and had not seen this when
> Thomas originally merged it.
> 
> I can see how this helps the ptp_clock_adjtime() users, but I just
> double-checked
> what other callers exist, and I think it introduces a regression in setitimer(),
> which does
> 
>         nval = timespec64_to_ns(&value->it_value);
>         ninterval = timespec64_to_ns(&value->it_interval);
> 
> without any further range checking that I could find. Setting timers
> with negative intervals sounds like a bad idea, and interpreting negative
> it_value as a past time instead of KTIME_SEC_MAX sounds like an
> unintended interface change.
> 
> I haven't done any proper analysis of the changes, so maybe it's all
> good, but I think we need to double-check this, and possibly revert
> it from the stable kernels until a final conclusion.

I will revert it now from all stable kernels, thanks.

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ