lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-id: <167822825917.8008.11050193827453206272@noble.neil.brown.name>
Date:   Wed, 08 Mar 2023 09:30:59 +1100
From:   "NeilBrown" <neilb@...e.de>
To:     "Jerry Zhang" <jerry@...dio.com>
Cc:     embedded@...dio.com, "Jerry Zhang" <Jerry@...dio.com>,
        "Chuck Lever" <chuck.lever@...cle.com>,
        "Jeff Layton" <jlayton@...nel.org>,
        "Trond Myklebust" <trond.myklebust@...merspace.com>,
        "Anna Schumaker" <anna@...nel.org>,
        "J. Bruce Fields" <bfields@...hat.com>, linux-nfs@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] sunrpc: Fix incorrect parsing of expiry time

On Wed, 08 Mar 2023, Jerry Zhang wrote:
> The expiry time field is mean to be expressed in seconds since boot.

Correct.

> The get_expiry() function parses a relative time value in seconds.

Incorrect.  It parses and absoulte wall-clock time.

NeilBrown

> In order to get the absolute time of seconds since boot that the given
> message will expire, the right thing is to add seconds_since_boot()
> to the given relative value.
> 
> Previously this logic was subtracting boot.tv_sec from the relative
> value, which was causing some confusing behavior. The return type of
> time64_t could possibly underflow if time since boot is greater than
> the passed in relative argument. Also several checks in nfs code compare
> the return value to 0 to indicate failure, and this could spuriously
> be tripped if seconds since boot happened to match the argument.
> 
> Fixes: c5b29f885afe ("sunrpc: use seconds since boot in expiry cache")
> Signed-off-by: Jerry Zhang <Jerry@...dio.com>
> ---
>  include/linux/sunrpc/cache.h | 4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
> 
> diff --git a/include/linux/sunrpc/cache.h b/include/linux/sunrpc/cache.h
> index ec5a555df96f..b96b1319c93d 100644
> --- a/include/linux/sunrpc/cache.h
> +++ b/include/linux/sunrpc/cache.h
> @@ -301,16 +301,14 @@ static inline int get_time(char **bpp, time64_t *time)
>  }
>  
>  static inline time64_t get_expiry(char **bpp)
>  {
>  	time64_t rv;
> -	struct timespec64 boot;
>  
>  	if (get_time(bpp, &rv))
>  		return 0;
>  	if (rv < 0)
>  		return 0;
> -	getboottime64(&boot);
> -	return rv - boot.tv_sec;
> +	return rv + seconds_since_boot();
>  }
>  
>  #endif /*  _LINUX_SUNRPC_CACHE_H_ */
> -- 
> 2.37.3
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ