Re: [PATCH net] ptp: improve max_adj check against unreasonable values

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Richard Cochran <richardcochran@gmail.com>
To: Jakub Kicinski <kuba@kernel.org>
Cc: davem@davemloft.net, jacob.e.keller@intel.com, netdev@vger.kernel.org
Subject: Re: [PATCH net] ptp: improve max_adj check against unreasonable values
Date: Mon, 14 Jun 2021 22:13:24 -0700	[thread overview]
Message-ID: <20210615051324.GC5517@localhost> (raw)
In-Reply-To: <20210614222405.378030-1-kuba@kernel.org>

On Mon, Jun 14, 2021 at 03:24:05PM -0700, Jakub Kicinski wrote:
> Scaled PPM conversion to PPB may (on 64bit systems) result
> in a value larger than s32 can hold (freq/scaled_ppm is a long).
> This means the kernel will not correctly reject unreasonably
> high ->freq values (e.g. > 4294967295ppb, 281474976645 scaled PPM).
> 
> The conversion is equivalent to a division by ~66 (65.536),
> so the value of ppb is always smaller than ppm, but not small
> enough to assume narrowing the type from long -> s32 is okay.
> 
> Note that reasonable user space (e.g. ptp4l) will not use such
> high values, anyway, 4289046510ppb ~= 4.3x, so the fix is
> somewhat pedantic.

But still important to defend against fuzzing!
 
> Fixes: d39a743511cd ("ptp: validate the requested frequency adjustment.")
> Fixes: d94ba80ebbea ("ptp: Added a brand new class driver for ptp clocks.")
> Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Acked-by: Richard Cochran <richardcochran@gmail.com>

next prev parent reply	other threads:[~2021-06-15  5:13 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-14 22:24 [PATCH net] ptp: improve max_adj check against unreasonable values Jakub Kicinski
2021-06-15  5:13 ` Richard Cochran [this message]
2021-06-15 18:10 ` patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210615051324.GC5517@localhost \
    --to=richardcochran@gmail.com \
    --cc=davem@davemloft.net \
    --cc=jacob.e.keller@intel.com \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.