From: Sasha Levin <sasha.levin@oracle.com>
To: John Stultz <john.stultz@linaro.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
lkml <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] ntp: verify offset doesn't overflow in ntp_update_offset
Date: Mon, 7 Dec 2015 19:22:19 -0500 [thread overview]
Message-ID: <566622BB.4050304@oracle.com> (raw)
In-Reply-To: <CALAqxLWEvJJCKA0dS7QFTXy0oA2=NsKRwJ3WbKwfdCXUufxcPA@mail.gmail.com>
On 12/07/2015 07:02 PM, John Stultz wrote:
> On Thu, Dec 3, 2015 at 12:46 PM, Sasha Levin <sasha.levin@oracle.com> wrote:
>> > We need to make sure that the offset is valid before manipulating it,
>> > otherwise it might overflow on the multiplication.
>> >
>> > Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
>> > ---
>> > kernel/time/ntp.c | 6 ++++--
>> > 1 file changed, 4 insertions(+), 2 deletions(-)
>> >
>> > diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c
>> > index 149cc80..36616c3 100644
>> > --- a/kernel/time/ntp.c
>> > +++ b/kernel/time/ntp.c
>> > @@ -297,6 +297,9 @@ static void ntp_update_offset(long offset)
>> > if (!(time_status & STA_PLL))
>> > return;
>> >
>> > + /* Make sure the multiplication below won't overflow */
>> > + offset = clamp(offset, -MAXPHASE, MAXPHASE);
>> > +
>> > if (!(time_status & STA_NANO))
>> > offset *= NSEC_PER_USEC;
> So looking at this a bit closer, this bit looks sort of crazy since we
> clam the offset, do the multiply and then do the exact same clamp.
>
> I'd much rather do a more logical clamp(offset, -USEC_PER_SEC,
> USEC_PER_SEC), but only in the case where we do the multiply.
>
> Any objection to that?
Nope. Sounds right.
Thanks,
Sasha
prev parent reply other threads:[~2015-12-08 0:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-03 20:46 [PATCH] ntp: verify offset doesn't overflow in ntp_update_offset Sasha Levin
2015-12-04 20:26 ` John Stultz
2015-12-08 0:02 ` John Stultz
2015-12-08 0:22 ` Sasha Levin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=566622BB.4050304@oracle.com \
--to=sasha.levin@oracle.com \
--cc=john.stultz@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.