[PATCH] alarmtimers: verify the alarmtimer_type value from clock2alarm()

From: Hyogi Gim
Date: Tue Jul 08 2014 - 04:50:55 EST

Next message: Richard Weinberger: "Re: [uml-devel] [PATCH] checkstack: use $UTS_MACHINE as target architecture"
Previous message: Andy Shevchenko: "Re: [PATCH v2 04/10] lib/vsprintf: add %*pE[achnops] format specifier"
Next in thread: Thomas Gleixner: "Re: [PATCH] alarmtimers: verify the alarmtimer_type value from clock2alarm()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

clock2alarm() can return a minus value. so, we cannot use this
returned value for a index of an array. but, some functions use
this value directly as a index of an array:
- alarm_clock_getres()
- alarm_clock_get()
- alarm_timer_create()
- alarm_timer_nsleep()

add the verification code for the returned alarmtimer_type from
clock2alarm().

Signed-off-by: Hyogi Gim <hyogi.gim@xxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
---
kernel/time/alarmtimer.c | 27 ++++++++++++++++++++++++---
1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/kernel/time/alarmtimer.c b/kernel/time/alarmtimer.c
index 88c9c65..0b117c6 100644
--- a/kernel/time/alarmtimer.c
+++ b/kernel/time/alarmtimer.c
@@ -487,7 +487,14 @@ static enum alarmtimer_restart alarm_handle_timer(struct alarm *alarm,
*/
static int alarm_clock_getres(const clockid_t which_clock, struct timespec *tp)
{
- clockid_t baseid = alarm_bases[clock2alarm(which_clock)].base_clockid;
+ enum alarmtimer_type type;
+ clockid_t baseid;
+
+ type = clock2alarm(which_clock);
+ if (type < 0)
+ return -EINVAL;
+
+ baseid = alarm_bases[type].base_clockid;

if (!alarmtimer_get_rtcdev())
return -EINVAL;
@@ -504,7 +511,14 @@ static int alarm_clock_getres(const clockid_t which_clock, struct timespec *tp)
*/
static int alarm_clock_get(clockid_t which_clock, struct timespec *tp)
{
- struct alarm_base *base = &alarm_bases[clock2alarm(which_clock)];
+ enum alarmtimer_type type;
+ struct alarm_base *base;
+
+ type = clock2alarm(which_clock);
+ if (type < 0)
+ return -EINVAL;
+
+ base = &alarm_bases[type];

if (!alarmtimer_get_rtcdev())
return -EINVAL;
@@ -531,6 +545,9 @@ static int alarm_timer_create(struct k_itimer *new_timer)
return -EPERM;

type = clock2alarm(new_timer->it_clock);
+ if (type < 0)
+ return -EINVAL;
+
base = &alarm_bases[type];
alarm_init(&new_timer->it.alarm.alarmtimer, type, alarm_handle_timer);
return 0;
@@ -721,7 +738,7 @@ out:
static int alarm_timer_nsleep(const clockid_t which_clock, int flags,
struct timespec *tsreq, struct timespec __user *rmtp)
{
- enum alarmtimer_type type = clock2alarm(which_clock);
+ enum alarmtimer_type type;
struct alarm alarm;
ktime_t exp;
int ret = 0;
@@ -733,6 +750,10 @@ static int alarm_timer_nsleep(const clockid_t which_clock, int flags,
if (!capable(CAP_WAKE_ALARM))
return -EPERM;

+ type = clock2alarm(which_clock);
+ if (type < 0)
+ return -EINVAL;
+
alarm_init(&alarm, type, alarmtimer_nsleep_wakeup);

exp = timespec_to_ktime(*tsreq);
--
1.8.3.2

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Weinberger: "Re: [uml-devel] [PATCH] checkstack: use $UTS_MACHINE as target architecture"
Previous message: Andy Shevchenko: "Re: [PATCH v2 04/10] lib/vsprintf: add %*pE[achnops] format specifier"
Next in thread: Thomas Gleixner: "Re: [PATCH] alarmtimers: verify the alarmtimer_type value from clock2alarm()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]