From: Thomas Gleixner <tglx@linutronix.de>
To: Arnd Bergmann <arnd@arndb.de>, John Stultz <jstultz@google.com>,
Jacob Macneal <jake.macneal@gmail.com>
Cc: linux-kernel@vger.kernel.org, Stephen Boyd <sboyd@kernel.org>
Subject: Re: [PATCH] time: copy tai value (International Atomic Time, in seconds) to output __user struct in get_old_timex32().
Date: Thu, 01 Dec 2022 13:41:56 +0100 [thread overview]
Message-ID: <87a647s3cb.ffs@tglx> (raw)
In-Reply-To: <7d95f4bb-01a3-44db-af08-275daa9ffb1e@app.fastmail.com>
On Wed, Nov 23 2022 at 20:53, Arnd Bergmann wrote:
> On Wed, Nov 23, 2022, at 19:54, John Stultz wrote:
>>> --- a/kernel/time/time.c
>>> +++ b/kernel/time/time.c
>>> @@ -311,6 +311,7 @@ int get_old_timex32(struct __kernel_timex *txc, const struct old_timex32 __user
>>> txc->calcnt = tx32.calcnt;
>>> txc->errcnt = tx32.errcnt;
>>> txc->stbcnt = tx32.stbcnt;
>>> + txc->tai = tx32.tai;
>>>
>>
>> This does seem like something that was overlooked.
>>
>> Arnd: There isn't something more subtle I'm missing here, right?
>
> I agree. Looking at the git history, it seems that the tai field
> was added a long time ago in 153b5d054ac2 ("ntp: support for TAI").
> The commit correctly did the conversion for copying the data out
> of the kernel and did not copy the value in because it wasn't
> needed at the time.
>
> I don't see any user of the tai field that gets copied into
> the kernel, so the bug appears harmless, but Jacob's fix is
> nevertheless correct, as we should not use any uninitialized
> data in a structure that comes from userspace.
There is no uninitialized data. txc is zeroed at the beginning of that
function.
I agree that it's inconsistent vs. the regular adjtimex(), but as there
is no usage of the txc->tai value coming from user space it's pretty
much cosmetic.
Thanks,
tglx
next prev parent reply other threads:[~2022-12-01 12:42 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-21 5:53 [PATCH] time: copy tai value (International Atomic Time, in seconds) to output __user struct in get_old_timex32() Jacob Macneal
2022-11-23 18:54 ` John Stultz
2022-11-23 19:53 ` Arnd Bergmann
2022-11-23 20:29 ` John Stultz
2022-12-01 12:41 ` Thomas Gleixner [this message]
2022-12-01 13:47 ` Thomas Gleixner
[not found] ` <CAHn5w+piDmr2iJGo74BCOW6QApEgJmd0p2Z0TZgxU3X6PiJiAA@mail.gmail.com>
2022-12-01 15:18 ` Thomas Gleixner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a647s3cb.ffs@tglx \
--to=tglx@linutronix.de \
--cc=arnd@arndb.de \
--cc=jake.macneal@gmail.com \
--cc=jstultz@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sboyd@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.