[patch 0/2] posix-timers: Sanitize posix timer overrun handling

From: Thomas Gleixner
Date: Tue Jun 26 2018 - 09:28:24 EST

Next message: Thomas Gleixner: "[patch 1/2] posix-timers: Make forward callback return s64"
Previous message: Thomas Gleixner: "[patch 2/2] posix-timers: Sanitize overrun handling"
Next in thread: Thomas Gleixner: "[patch 2/2] posix-timers: Sanitize overrun handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Icy reported an UBSAN splat in the posix timer code, which is caused by the
way the overrun accounting works. Depending on interval and expiry time the
overrun can be larger than INT_MAX, but the accounting is int based which
basically makes the accounting values, which are visible to user space via
timer_getoverrrun(2) and siginfo::si_overrun, random.

The following series addresses this by converting the internal accounting
to 64bit and clamping the user space visible values to INT_MAX.

Thanks,

tglx

8<-------------------
b/include/linux/posix-timers.h | 4 ++--
kernel/time/alarmtimer.c | 4 ++--
kernel/time/posix-cpu-timers.c | 2 +-
kernel/time/posix-timers.c | 33 +++++++++++++++++++++------------
kernel/time/posix-timers.h | 2 +-
5 files changed, 27 insertions(+), 18 deletions(-)

Next message: Thomas Gleixner: "[patch 1/2] posix-timers: Make forward callback return s64"
Previous message: Thomas Gleixner: "[patch 2/2] posix-timers: Sanitize overrun handling"
Next in thread: Thomas Gleixner: "[patch 2/2] posix-timers: Sanitize overrun handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]