From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Wed, 7 Jan 2015 11:09:26 -0800 From: Greg KH To: John Stultz Cc: lkml , Sasha Levin , Thomas Gleixner , Ingo Molnar , stable , Andy Lutomirski Subject: Re: [PATCH 1/2] time: settimeofday: Validate the values of tv from user Message-ID: <20150107190926.GA4364@kroah.com> References: <1420654340-3009-1-git-send-email-john.stultz@linaro.org> <1420654340-3009-2-git-send-email-john.stultz@linaro.org> <20150107182845.GA7699@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-ID: On Wed, Jan 07, 2015 at 11:02:01AM -0800, John Stultz wrote: > On Wed, Jan 7, 2015 at 10:28 AM, Greg KH wrote: > > On Wed, Jan 07, 2015 at 10:12:19AM -0800, John Stultz wrote: > >> From: Sasha Levin > >> > >> An unvalidated user input is multiplied by a constant, which can result in > >> an undefined behaviour for large values. While this is validated later, > >> we should avoid triggering undefined behaviour. > >> > >> Cc: Thomas Gleixner > >> Cc: Ingo Molnar > >> Cc: stable > >> Cc: Andy Lutomirski > >> Signed-off-by: Sasha Levin > >> [jstultz: include trivial milisecond->microsecond correction noticed > >> by Andy] > >> Signed-off-by: John Stultz > >> --- > >> include/linux/time.h | 13 +++++++++++++ > >> kernel/time/time.c | 4 ++++ > >> 2 files changed, 17 insertions(+) > > > > > > > > This is not the correct way to submit patches for inclusion in the > > stable kernel tree. Please read Documentation/stable_kernel_rules.txt > > for how to do this properly. > > > > > > Hrm. I'm not quite sure which rule I'm running afoul here. > > Does this seem too much like a theoretical issue and not like enough > of a "oh, that's not good" issue? No, crap, my fault, I messed up on these, you are doing this just fine, I'm not awake this morning... /me goes off to get more coffee. greg k-h