Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2663263yba; Mon, 8 Apr 2019 01:49:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqw3BBPVz+b9hjYNUEEcuEwPkVAA77vDgvoHiRyEhAWCEf1PCgTqL21wcj0ctiKQFisbYQy8 X-Received: by 2002:a62:e215:: with SMTP id a21mr27211070pfi.30.1554713359233; Mon, 08 Apr 2019 01:49:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554713359; cv=none; d=google.com; s=arc-20160816; b=oWziROVhUXvLEFaBd9uWVZmfJzedbPknxOl5lrotueE6u2xqAA98BxrYPvGZy6aCAu sy836Nkvl/BmWwRzPXEkEKC3eUqYz6ZX49PYXO9x2D0fhruOPdEz1KxhaKryPDOdF/xD wXe6X9GVboyEO4o4Z2nwa6F3PFbRNJjQPZ3l9VaReahx+4RDblBIhUBpkiKEjsouavp8 tkDkrdhUh533LHHc2jvKbPiOS9f8j3pm9lTgr5DvBVW0t7bZ+dZY/hgRJeyRgHkglBs8 Hr/IpzojoTlbwfjPFzCmuqoAt+/BMgg/xk/0jrq/n2nGvxUcShOJnDwTi9utWr4nNLFX ZKHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :mime-version; bh=kXi2GogRRfLYCkUe+P9JP8LfWes3Q5tSDryeYOceAvs=; b=LrzIpdjKheP3ghxS/W5GoG3Q991GNcJkYSDgqiBHwHnraC62B52jYgSDLuCf8zxP0J rIx0gWwZh1mjZPD6EXt2i20w/PhFOAI0d8Ie31EgUdSdI3hFBTFucSdmsXYFjZlQ/5za tPiQj+spfe8QIxvyjIwMtUv7bncug0dTv/8G+KHVMXIUJkZp9fAj1cMSeg6mlk4RyRh5 uK8sFxXB7R0yLQrhmmTkiac3MaVDYxQUV15+repo7pekt7a92zdlx6u1pyGh0r+2FIWC mVNUDd4D3LfhwdTr4M5mouomX6r7hMk0yTXnxUUIZNOiyPX99jQO/VggTERpqElxUBy4 /lZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k132si8114147pgc.131.2019.04.08.01.49.04; Mon, 08 Apr 2019 01:49:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726666AbfDHIrx (ORCPT + 99 others); Mon, 8 Apr 2019 04:47:53 -0400 Received: from mail-ot1-f41.google.com ([209.85.210.41]:41631 "EHLO mail-ot1-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725854AbfDHIrx (ORCPT ); Mon, 8 Apr 2019 04:47:53 -0400 Received: by mail-ot1-f41.google.com with SMTP id 64so11246458otb.8 for ; Mon, 08 Apr 2019 01:47:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=kXi2GogRRfLYCkUe+P9JP8LfWes3Q5tSDryeYOceAvs=; b=ITd1Hu1/NFHuBIsgT+2aGTeQOX+Ry9w83+qmc33bUayjnshKyzKatoowIHzc9EAXA0 J6ygqiuwj/OytjBbHw+N1zLe+teS5l44Fc//fsYPMCFT9QuCN8cz/CRGEnI/bQAvpV8R yt1vWqEmsjDwvSDRAlnUDTi/d/1bdRYmSuqay/x24JhI7KzbohbOFgikq4Dd/jst49Gh syIkajIr0lY3u08/cNXofKA4NqlJ404a9Apt/c8JytaGZ7KvR5bbZxMAzx3TJExELkNa fSTQwDj76hxkXZA/icGTgCtSlmIwif9PUSgxIlWSVcV74yEtsToBRmFsRYcvzCycbEAU P8Jw== X-Gm-Message-State: APjAAAWVF+o4uHcx9reRHCDNOcjaY0iqu7OqlcrAd06WyIHBLzA7QTcc v2giqRsL5uHOfsfD1CoSHQKtsoRLzvMILVZ0/Wjp6A== X-Received: by 2002:a9d:648f:: with SMTP id g15mr18908468otl.220.1554713272439; Mon, 08 Apr 2019 01:47:52 -0700 (PDT) MIME-Version: 1.0 From: Ondrej Mosnacek Date: Mon, 8 Apr 2019 10:47:43 +0200 Message-ID: Subject: kernel/time/ntp.c: Possible off-by-one error in TAI range check? To: Roman Zippel Cc: Thomas Gleixner , John Stultz , Stephen Boyd , Andrew Morton , Linux kernel mailing list Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, while writing tests for clock adjustment auditing [1] [2], I stumbled upon a strange behavior of adjtimex(2) when setting the TAI offset... Commit 153b5d054ac2 ("ntp: support for TAI") added a possibility to change the TAI offset from userspace via adjtimex(2). The code checks if the input value (txc->constant) is greater than 0 and if it is not, then it doesn't modify the value. Ignoring the fact that this check should probably be in timekeeping_validate_timex() and cause -EINVAL to be returned when false, I find it strange that the check doesn't allow to set the value to 0, which seems to be the default value... Was this behavior intended or should the code actually check for txc->constant >= 0 instead of txc->constant > 0? Thanks, [1] https://github.com/linux-audit/audit-kernel/issues/10 [2] https://github.com/linux-audit/audit-kernel/wiki/RFE-More-detailed-auditing-of-changes-to-system-clock -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc.