Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp561148img; Thu, 28 Feb 2019 04:19:14 -0800 (PST) X-Google-Smtp-Source: AHgI3IZhFIWjh0csf/jFHL9GybHZV5ufi6nuaKc/NUK/1Rnc9hz8r03HZgM+lvSnGaTS7I2bacFw X-Received: by 2002:a17:902:8c95:: with SMTP id t21mr7541918plo.300.1551356354318; Thu, 28 Feb 2019 04:19:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551356354; cv=none; d=google.com; s=arc-20160816; b=pyb9egnRVdFesGIJk+w0uFW/EkpGzjOXd7NQII7DAEUlHvTitmr0mE47Ibp2XGzyYL cUVcdb66it6laCa9BsR6J+IpdQa4joAmthCS9DkRhKQRg0/RMU09Uzwz/IZfY8e+BdD1 Zh5ojQhBN43MbAmmj023yt0WCaQXrds04CZPAPs+ISSkfQ3E/EM1mjod7U3XL2P3vOx/ 7pQ8fn42Vau/eFXpzj7qN343pelf0t25y5OwiwrrmeurELyLrdkxZV9tIbuIoAODIi+5 6FYVD4IwzRXpjSCkVKQv4rOrYOIYTyr3AHgBwlZ6Py5xCRyoweihl6QNGIM6moshNHke x16Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=KUmAzlYItQXjPtNNrpRGAfU8/QYiBC57p5S99Cf7ZHw=; b=oortPxMbo5SAgiT5ATUncQEuqVlwBrFdxJBSuAdyVEmiVRkgRLeWiKiM4N6kHZcb1u FB/X5KvYR1HF9d5t+erA8EF3yedMhbgj2PWm4BAXypG1C3zOWeL0PWPynGTr9dcq65OK 5oAkuOLOD4ru7WOR55TQvIujxYkF2+4Kj9Vc6eiL9c+WriKYajVC9wjlmXtn7DsUuoF5 wv5x0rjDaKTjFvovZ/gsuJ9CIjCjB11SmNO6GZRL6cxnUa+IkdwdaBg/MjNqIEbE2vli nxrhGf1M6htWaX+OBbP89KRJSKeV6zeonRQMmyPpTcsBgMopP+yswW7F4IL/jezinXSh nyBQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si18806319ple.390.2019.02.28.04.18.59; Thu, 28 Feb 2019 04:19:14 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731573AbfB1Lbd (ORCPT + 99 others); Thu, 28 Feb 2019 06:31:33 -0500 Received: from mail-qt1-f193.google.com ([209.85.160.193]:45878 "EHLO mail-qt1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726027AbfB1Lbc (ORCPT ); Thu, 28 Feb 2019 06:31:32 -0500 Received: by mail-qt1-f193.google.com with SMTP id d18so22949427qtg.12 for ; Thu, 28 Feb 2019 03:31:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KUmAzlYItQXjPtNNrpRGAfU8/QYiBC57p5S99Cf7ZHw=; b=pobWGdU0WiCeXp0TEl+nd8U3SMa+NV2iIXUZBXSZ3pa+H5X7iHPU5+Dn5nCbizjvZ+ d0vNPed0XKG099Jp+Zmw5AnLFWSayDvUAKDdiPXxbsZHy1I9ErbNA2vVw42wHrymrxqJ MwJTs7Vy34KkeP2NhMi8ga064aJQ9QWniZ+Z/PaIIPLeZ8DJtNooNX3tkeBGCl+JWQHP 9B+b/ssGl/848wRUkzwOAbOI/U/kNASoECaZme6pMgSv2LWNzXf/s5LVfeks+EuVgsmP raO8htKXPRt+YINHc3v9VxYJPbD+T26iHv+tfKHGgl6OhMmfj0hseTMsGUPbiRG4lxQ4 moMQ== X-Gm-Message-State: APjAAAV3beP4kuVAeNJOHhYuAen2XiINFHathTgmrDnu8WGBx9Dsy+iZ ODSN3ZskF9Jn3ucU94t5Db35oqmBy1WH8EpHOOs= X-Received: by 2002:a0c:b758:: with SMTP id q24mr5883929qve.149.1551353491785; Thu, 28 Feb 2019 03:31:31 -0800 (PST) MIME-Version: 1.0 References: <1551253922-3307-1-git-send-email-wangxiongfeng2@huawei.com> In-Reply-To: From: Arnd Bergmann Date: Thu, 28 Feb 2019 12:31:14 +0100 Message-ID: Subject: Re: [PATCH v2] posix-cpu-timers: Avoid undefined behaviour in timespec64_to_ns() To: Thomas Gleixner Cc: Deepa Dinamani , Xiongfeng Wang , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 28, 2019 at 11:35 AM Thomas Gleixner wrote: > On Thu, 28 Feb 2019, Arnd Bergmann wrote: > > On Thu, Feb 28, 2019 at 5:25 AM Deepa Dinamani wrote: > > > > > > On Tue, Feb 26, 2019 at 11:52 PM Xiongfeng Wang > > > wrote: > > I think returning EINVAL here is better than silently truncating, we > > just need to > > document it in the Linux man page. > > Note that truncation would set the time to just before the overflow, > > it bad things > > start to happen the instant after it returns from the kernel. This is possibly > > worse than setting a random value that may or may not crash the system. > > Not necessarily. On the hrtimer based side, we clamp the values to > KTIME_MAX. That means in theory the overflow could happen when the timer > expires and the interval is added. There are two things which prevent that: > > 1) The timer expires in about 292 years from now, which I really can't be > worried about > > 2) The rearming code prevents the overflow into undefined space as well. > > So, it's not unreasonable to do clamping as long as the handed in value is > at least formally correct. > > Of course we need to look at the posix-cpu-timer side of affairs to ensure > that the limits are handled correctly. Ah right. I had misread timer_settime() for clock_settime(), which would have a problem if it were lacking the timespec64_valid_strict() check that it has. However, I see that the man page for clock_settime() fails to mention the EINVAL return code, so I suppose we should add that. I still plan to update the man pages to mention the time64 versions, and can do that at the same time. Arnd