[patch 1/2] Validate itimer timeval from userspace

According to the specification the timeval must be validated and
an errorcode -EINVAL returned in case the timeval is not in canonical
form. Before the hrtimer merge this was silently ignored by the 
timeval to jiffies conversion. The validation is done inside 
do_setitimer so all callers are catched.

Signed-off-by: Thomas Gleixner <[email protected]>

 include/linux/time.h |    6 ++++++
 kernel/itimer.c      |    8 ++++++++
 2 files changed, 14 insertions(+)

Index: linux-2.6.16-rc6-updates/include/linux/time.h
===================================================================
--- linux-2.6.16-rc6-updates.orig/include/linux/time.h
+++ linux-2.6.16-rc6-updates/include/linux/time.h
@@ -73,6 +73,12 @@ extern void set_normalized_timespec(stru
 #define timespec_valid(ts) \
 	(((ts)->tv_sec >= 0) && (((unsigned long) (ts)->tv_nsec) < NSEC_PER_SEC))
 
+/*
+ * Returns true if the timeval is in canonical form
+ */
+#define timeval_valid(t) \
+	(((t)->tv_sec >= 0) && (((unsigned long) (t)->tv_usec) < USEC_PER_SEC))
+
 extern struct timespec xtime;
 extern struct timespec wall_to_monotonic;
 extern seqlock_t xtime_lock;
Index: linux-2.6.16-rc6-updates/kernel/itimer.c
===================================================================
--- linux-2.6.16-rc6-updates.orig/kernel/itimer.c
+++ linux-2.6.16-rc6-updates/kernel/itimer.c
@@ -150,6 +150,14 @@ int do_setitimer(int which, struct itime
 	ktime_t expires;
 	cputime_t cval, cinterval, nval, ninterval;
 
+	/*
+	 * Validate the timeval. This catches all users of
+	 * do_setitimer.
+	 */
+	if (!timeval_valid(&value->it_value) ||
+	    !timeval_valid(&value->it_interval))
+		return -EINVAL;
+
 	switch (which) {
 	case ITIMER_REAL:
 again:

--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [patch 1/2] Validate itimer timeval from userspace
    • From: Andrew Morton <[email protected]>
  • Re: [patch 1/2] Validate itimer timeval from userspace
    • From: Ingo Molnar <[email protected]>

• References:
  • [patch 0/2] sys_setitimer and sys_alarm hotfixes
    • From: Thomas Gleixner <[email protected]>

• Prev by Date: [patch 2/2] alarm unsigned signed conversion fixup
• Next by Date: [patch 0/2] sys_setitimer and sys_alarm hotfixes
• Previous by thread: Re: [patch 2/2] alarm unsigned signed conversion fixup
• Next by thread: Re: [patch 1/2] Validate itimer timeval from userspace
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]