Patchwork [061/270] timekeeping: Cast raw_interval to u64 to avoid shift overflow

login
register
mail settings
Submitter Herton Ronaldo Krzesinski
Date Nov. 26, 2012, 4:55 p.m.
Message ID <1353949160-26803-62-git-send-email-herton.krzesinski@canonical.com>
Download mbox | patch
Permalink /patch/201794/
State New
Headers show

Comments

Herton Ronaldo Krzesinski - Nov. 26, 2012, 4:55 p.m.
3.5.7u1 -stable review patch.  If anyone has any objections, please let me know.

------------------

From: Dan Carpenter <dan.carpenter@oracle.com>

commit 5b3900cd409466c0070b234d941650685ad0c791 upstream.

We fixed a bunch of integer overflows in timekeeping code during the 3.6
cycle.  I did an audit based on that and found this potential overflow.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: John Stultz <johnstul@us.ibm.com>
Link: http://lkml.kernel.org/r/20121009071823.GA19159@elgon.mountain
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
[ herton: adapt for 3.5, timekeeper instead of tk pointer ]
Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
---
 kernel/time/timekeeping.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Ben Hutchings - Nov. 27, 2012, 3:08 p.m.
On Mon, 2012-11-26 at 14:55 -0200, Herton Ronaldo Krzesinski wrote:
> 3.5.7u1 -stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Dan Carpenter <dan.carpenter@oracle.com>
> 
> commit 5b3900cd409466c0070b234d941650685ad0c791 upstream.
> 
> We fixed a bunch of integer overflows in timekeeping code during the 3.6
> cycle.  I did an audit based on that and found this potential overflow.
> 
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> Acked-by: John Stultz <johnstul@us.ibm.com>
> Link: http://lkml.kernel.org/r/20121009071823.GA19159@elgon.mountain
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> [ herton: adapt for 3.5, timekeeper instead of tk pointer ]
> Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>

This is also missing from 3.4; looks like Herton's version is
applicable.

Ben.

> ---
>  kernel/time/timekeeping.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
> index 63c88c1..8954990 100644
> --- a/kernel/time/timekeeping.c
> +++ b/kernel/time/timekeeping.c
> @@ -1012,7 +1012,7 @@ static cycle_t logarithmic_accumulation(cycle_t offset, int shift)
>  	}
>  
>  	/* Accumulate raw time */
> -	raw_nsecs = timekeeper.raw_interval << shift;
> +	raw_nsecs = (u64)timekeeper.raw_interval << shift;
>  	raw_nsecs += timekeeper.raw_time.tv_nsec;
>  	if (raw_nsecs >= NSEC_PER_SEC) {
>  		u64 raw_secs = raw_nsecs;
Greg KH - Nov. 30, 2012, 1:51 a.m.
On Tue, Nov 27, 2012 at 03:08:27PM +0000, Ben Hutchings wrote:
> On Mon, 2012-11-26 at 14:55 -0200, Herton Ronaldo Krzesinski wrote:
> > 3.5.7u1 -stable review patch.  If anyone has any objections, please let me know.
> > 
> > ------------------
> > 
> > From: Dan Carpenter <dan.carpenter@oracle.com>
> > 
> > commit 5b3900cd409466c0070b234d941650685ad0c791 upstream.
> > 
> > We fixed a bunch of integer overflows in timekeeping code during the 3.6
> > cycle.  I did an audit based on that and found this potential overflow.
> > 
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> > Acked-by: John Stultz <johnstul@us.ibm.com>
> > Link: http://lkml.kernel.org/r/20121009071823.GA19159@elgon.mountain
> > Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> > [ herton: adapt for 3.5, timekeeper instead of tk pointer ]
> > Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com>
> 
> This is also missing from 3.4; looks like Herton's version is
> applicable.

Thanks, now applied.

greg k-h

Patch

diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index 63c88c1..8954990 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -1012,7 +1012,7 @@  static cycle_t logarithmic_accumulation(cycle_t offset, int shift)
 	}
 
 	/* Accumulate raw time */
-	raw_nsecs = timekeeper.raw_interval << shift;
+	raw_nsecs = (u64)timekeeper.raw_interval << shift;
 	raw_nsecs += timekeeper.raw_time.tv_nsec;
 	if (raw_nsecs >= NSEC_PER_SEC) {
 		u64 raw_secs = raw_nsecs;