Thomas Gleixner 2e17841715 alarmtimer: Prevent overflow for relative nanosleep ... [ Upstream commit 5f936e19cc0ef97dbe3a56e9498922ad5ba1edef ] Air Icy reported: UBSAN: Undefined behaviour in kernel/time/alarmtimer.c:811:7 signed integer overflow: 1529859276030040771 + 9223372036854775807 cannot be represented in type 'long long int' Call Trace: alarm_timer_nsleep+0x44c/0x510 kernel/time/alarmtimer.c:811 __do_sys_clock_nanosleep kernel/time/posix-timers.c:1235 [inline] __se_sys_clock_nanosleep kernel/time/posix-timers.c:1213 [inline] __x64_sys_clock_nanosleep+0x326/0x4e0 kernel/time/posix-timers.c:1213 do_syscall_64+0xb8/0x3a0 arch/x86/entry/common.c:290 alarm_timer_nsleep() uses ktime_add() to add the current time and the relative expiry value. ktime_add() has no sanity checks so the addition can overflow when the relative timeout is large enough. Use ktime_add_safe() which has the necessary sanity checks in place and limits the result to the valid range. Fixes: 9a7adcf5c6 ("timers: Posix interface for alarm-timers") Reported-by: Team OWL337 <icytxw@gmail.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: John Stultz <john.stultz@linaro.org> Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1807020926360.1595@nanos.tec.linutronix.de Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2018-10-10 08:52:05 +02:00
..
alarmtimer.c	alarmtimer: Prevent overflow for relative nanosleep	2018-10-10 08:52:05 +02:00
clockevents.c	clockevents: Remove unused set_mode() callback	2015-09-14 11:00:55 +02:00
clocksource.c	clocksource: Allow unregistering the watchdog	2016-09-15 08:27:47 +02:00
hrtimer.c	hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)	2018-03-03 10:19:41 +01:00
itimer.c	itimers: Handle relative timers with CONFIG_TIME_LOW_RES proper	2016-02-25 12:01:25 -08:00
jiffies.c
Kconfig	rcu: Drop RCU_USER_QS in favor of NO_HZ_FULL	2015-07-06 13:52:18 -07:00
Makefile	time: Remove development rules from Kbuild/Makefile	2015-07-01 09:57:35 +02:00
ntp.c	ntp: Fix ADJ_SETOFFSET being used w/ ADJ_NANO	2016-09-15 08:27:47 +02:00
ntp_internal.h	ntp/pps: use timespec64 for hardpps()	2015-10-01 09:57:59 -07:00
posix-clock.c	time: Change posix clocks ops interfaces to use timespec64	2018-03-24 10:58:40 +01:00
posix-cpu-timers.c	posix_cpu_timer: Exit early when process has been reaped	2016-08-10 11:49:29 +02:00
posix-timers.c	posix-timer: Properly check sigevent->sigev_notify	2018-02-16 20:09:40 +01:00
sched_clock.c	timers, sched_clock: Update timeout for clock wrap	2018-03-22 09:23:21 +01:00
test_udelay.c
tick-broadcast-hrtimer.c	kernel: broadcast-hrtimer: Migrate to new 'set-state' interface	2015-08-10 11:41:08 +02:00
tick-broadcast.c	tick/broadcast: Use for_each_cpu() specially on UP kernels	2018-05-26 08:48:56 +02:00
tick-common.c	clockevents: Remove unused set_mode() callback	2015-09-14 11:00:55 +02:00
tick-internal.h	timer: Minimize nohz off overhead	2015-06-19 15:18:28 +02:00
tick-oneshot.c	clockevents: Provide functions to set and get the state	2015-06-02 14:40:47 +02:00
tick-sched.c	nohz: Fix local_timer_softirq_pending()	2018-08-09 12:19:27 +02:00
tick-sched.h	tick/broadcast: Make idle check independent from mode and config	2015-07-07 18:46:47 +02:00
time.c	time: Make sure jiffies_to_msecs() preserves non-zero time periods	2018-07-03 11:21:30 +02:00
timeconst.bc	timeconst: Update path in comment	2015-10-26 10:06:06 +09:00
timeconv.c
timecounter.c
timekeeping.c	time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting	2018-05-26 08:49:00 +02:00
timekeeping.h	hrtimer: Make offset update smarter	2015-04-22 17:06:49 +02:00
timekeeping_debug.c	timekeeping: Cap array access in timekeeping_debug	2016-09-15 08:27:52 +02:00
timekeeping_internal.h
timer.c	timers: Plug locking race vs. timer migration	2018-01-31 12:06:08 +01:00
timer_list.c	sysrq: Reset the watchdog timers while displaying high-resolution timers	2018-03-22 09:23:21 +01:00
timer_stats.c	timer: Stats: Simplify the flags handling	2015-06-19 15:18:27 +02:00