Passing unnormalized timespec64 to timespec64_compare() may cause
incorrect results.
For example:
wall_to_monotonic = {tv_sec = -10, tv_nsec = 900000000}
ts_delta = {tv_sec = -9, tv_nsec = -900000000}
timespec64_compare() returns -1, but actually wall_to_monotonic > ts_delta.
This will cause wall_to_monotonic to become a positive number.
Use timespec64_sub() instead of direct subtraction to avoid this.
Signed-off-by: Yu Liao <[email protected]>
---
include/linux/time64.h | 2 ++
kernel/time/timekeeping.c | 3 +--
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/include/linux/time64.h b/include/linux/time64.h
index 81b9686a2079..f74a36d253cd 100644
--- a/include/linux/time64.h
+++ b/include/linux/time64.h
@@ -50,6 +50,8 @@ static inline int timespec64_equal(const struct timespec64 *a,
* lhs < rhs: return <0
* lhs == rhs: return 0
* lhs > rhs: return >0
+ *
+ * Note: Both lhs and rhs must be normalized.
*/
static inline int timespec64_compare(const struct timespec64 *lhs, const struct timespec64 *rhs)
{
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index b348749a9fc6..dcdcb85121e4 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -1306,8 +1306,7 @@ int do_settimeofday64(const struct timespec64 *ts)
timekeeping_forward_now(tk);
xt = tk_xtime(tk);
- ts_delta.tv_sec = ts->tv_sec - xt.tv_sec;
- ts_delta.tv_nsec = ts->tv_nsec - xt.tv_nsec;
+ ts_delta = timespec64_sub(*ts, xt);
if (timespec64_compare(&tk->wall_to_monotonic, &ts_delta) > 0) {
ret = -EINVAL;
--
2.25.1
Is there any comments about this patch?
BTW, is it necessary to add set_normalized_timespec64 to timespec64_compare?
Thanks,
Yu
On 2021/12/2 21:07, Yu Liao wrote:
> Passing unnormalized timespec64 to timespec64_compare() may cause
> incorrect results.
>
> For example:
> wall_to_monotonic = {tv_sec = -10, tv_nsec = 900000000}
> ts_delta = {tv_sec = -9, tv_nsec = -900000000}
>
> timespec64_compare() returns -1, but actually wall_to_monotonic > ts_delta.
> This will cause wall_to_monotonic to become a positive number.
>
> Use timespec64_sub() instead of direct subtraction to avoid this.
>
> Signed-off-by: Yu Liao <[email protected]>
> ---
> include/linux/time64.h | 2 ++
> kernel/time/timekeeping.c | 3 +--
> 2 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/include/linux/time64.h b/include/linux/time64.h
> index 81b9686a2079..f74a36d253cd 100644
> --- a/include/linux/time64.h
> +++ b/include/linux/time64.h
> @@ -50,6 +50,8 @@ static inline int timespec64_equal(const struct timespec64 *a,
> * lhs < rhs: return <0
> * lhs == rhs: return 0
> * lhs > rhs: return >0
> + *
> + * Note: Both lhs and rhs must be normalized.
> */
> static inline int timespec64_compare(const struct timespec64 *lhs, const struct timespec64 *rhs)
> {
> diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
> index b348749a9fc6..dcdcb85121e4 100644
> --- a/kernel/time/timekeeping.c
> +++ b/kernel/time/timekeeping.c
> @@ -1306,8 +1306,7 @@ int do_settimeofday64(const struct timespec64 *ts)
> timekeeping_forward_now(tk);
>
> xt = tk_xtime(tk);
> - ts_delta.tv_sec = ts->tv_sec - xt.tv_sec;
> - ts_delta.tv_nsec = ts->tv_nsec - xt.tv_nsec;
> + ts_delta = timespec64_sub(*ts, xt);
>
> if (timespec64_compare(&tk->wall_to_monotonic, &ts_delta) > 0) {
> ret = -EINVAL;