Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp2396938ybc; Wed, 13 Nov 2019 13:54:38 -0800 (PST) X-Google-Smtp-Source: APXvYqwLyczOQtDC7t4f2GaWZn39pybj98znc/g9tzKhUhJeUryExcV4GQSa1uoDPJkXsAi25zoQ X-Received: by 2002:a17:906:80d5:: with SMTP id a21mr5115641ejx.114.1573682078476; Wed, 13 Nov 2019 13:54:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573682078; cv=none; d=google.com; s=arc-20160816; b=NnlZg4uZtTRILHUzjQ6srec4rMPF6X5iyU/theE8d/FhSZcTDlNftk2vly82TMxWEc eYg0A91iWZ1RyoXuwJLDWJPzlU6sZKq2g+AEz8rAhC7P3NSHArvMYOilB18XB0weRSxq BkTKi2G7l5EOhz+6aXAukNW9piKFIy7SPIvcAklXyK0MJ9YXaPrJKZkTbxJpbp43nvoM KRkmof3N0rkQ86/vm8TQpfI7X8Wsm64tEHMbwPfwygivJOSA4KQK0LUPqD81S1sH5XCE ffPCH49ugyxasCWqTplo5QOO9JXXYFYUsZ/PgmYBiAv2L8tjLEb4dcJPsYooZE/OBw3E 3B3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=xexDXMqE2sBNmozcCzAtCgT+0YN+I7PvLebnjLOv2OA=; b=DffaDf13lYMeZvBrwTWMXHj7j/wev8m4nWrMV7DMg0c+6uU4Qm1QV2jT8XRUJiY5i6 pammqJydCCc8AByTgLbV2lnKgu9Z2YjmxVOu830T3nZOwo3KULMCzX3f4ZNnyKoEugIV ymwMYr5jPed63WJiWXJjAr0N0vwWVpgLtWW9iFyFfmT3ZVxEhoOItLcSGEcYZlAH7+kW hM5bZ+xBuD2eAzmrCOrJqc2AenLtbFEG0UUZfbcZwDSc8iPjE7bfYRiZ9QSJnK1Oskdw P3SNUiojV3mJtEENErLsHYuJp62/eonznHiFnrv4yp62F+KeK4o0hQvC2Rw+KthCIqKy 3gPA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id gx24si2171128ejb.429.2019.11.13.13.54.13; Wed, 13 Nov 2019 13:54:38 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726439AbfKMVxb (ORCPT + 99 others); Wed, 13 Nov 2019 16:53:31 -0500 Received: from Galois.linutronix.de ([193.142.43.55]:39191 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726189AbfKMVxb (ORCPT ); Wed, 13 Nov 2019 16:53:31 -0500 Received: from p5b06da22.dip0.t-ipconnect.de ([91.6.218.34] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iV0Zi-00074B-MH; Wed, 13 Nov 2019 22:53:18 +0100 Date: Wed, 13 Nov 2019 22:53:17 +0100 (CET) From: Thomas Gleixner To: Arnd Bergmann cc: y2038@lists.linaro.org, John Stultz , linux-kernel@vger.kernel.org, Stephen Boyd , David Howells , Al Viro , Deepa Dinamani , Christian Brauner , Jens Axboe , Ingo Molnar , Corey Minyard , zhengbin , Li RongQing , linux-api@vger.kernel.org Subject: Re: [PATCH 17/23] y2038: time: avoid timespec usage in settimeofday() In-Reply-To: <20191108211323.1806194-8-arnd@arndb.de> Message-ID: References: <20191108210236.1296047-1-arnd@arndb.de> <20191108211323.1806194-8-arnd@arndb.de> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 8 Nov 2019, Arnd Bergmann wrote: > -SYSCALL_DEFINE2(settimeofday, struct timeval __user *, tv, > +SYSCALL_DEFINE2(settimeofday, struct __kernel_old_timeval __user *, tv, > struct timezone __user *, tz) > { > struct timespec64 new_ts; > - struct timeval user_tv; > struct timezone new_tz; > > if (tv) { > - if (copy_from_user(&user_tv, tv, sizeof(*tv))) > + if (get_user(new_ts.tv_sec, &tv->tv_sec) || > + get_user(new_ts.tv_nsec, &tv->tv_usec)) > return -EFAULT; How is that supposed to be correct on a 32bit kernel? > > - if (!timeval_valid(&user_tv)) > + if (tv->tv_usec > USEC_PER_SEC) > return -EINVAL; That's incomplete: static inline bool timeval_valid(const struct timeval *tv) { /* Dates before 1970 are bogus */ if (tv->tv_sec < 0) return false; /* Can't have more microseconds then a second */ if (tv->tv_usec < 0 || tv->tv_usec >= USEC_PER_SEC) return false; return true; } > > - new_ts.tv_sec = user_tv.tv_sec; > - new_ts.tv_nsec = user_tv.tv_usec * NSEC_PER_USEC; > + new_ts.tv_nsec *= NSEC_PER_USEC; > } > if (tz) { > if (copy_from_user(&new_tz, tz, sizeof(*tz))) > @@ -245,18 +244,17 @@ COMPAT_SYSCALL_DEFINE2(settimeofday, struct old_timeval32 __user *, tv, > struct timezone __user *, tz) > { > struct timespec64 new_ts; > - struct timeval user_tv; > struct timezone new_tz; > > if (tv) { > - if (compat_get_timeval(&user_tv, tv)) > + if (get_user(new_ts.tv_sec, &tv->tv_sec) || > + get_user(new_ts.tv_nsec, &tv->tv_usec)) > return -EFAULT; > > - if (!timeval_valid(&user_tv)) > + if (new_ts.tv_nsec > USEC_PER_SEC) > return -EINVAL; Ditto. Thanks, tglx