Re: [patch 1/2] Validate itimer timeval from userspace

From: Jesper Juhl
Date: Sat Mar 18 2006 - 15:21:13 EST


On 3/18/06, Andrew Morton <akpm@xxxxxxxx> wrote:
> Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> >
> > According to the specification the timeval must be validated and
> > an errorcode -EINVAL returned in case the timeval is not in canonical
> > form. Before the hrtimer merge this was silently ignored by the
> > timeval to jiffies conversion. The validation is done inside
> > do_setitimer so all callers are catched.
> >
[...]
>
> From my reading, 2.4's sys_setitimer() will normalise the incoming timeval
> rather than rejecting it. And I think 2.6.13 did that too.
>
> It would be bad of us to change this behaviour, even if that's what the
> spec says we should do - because we can break existing applications.
>
> So I think we're stuck with it - we should normalise and then accept such
> timevals. And we should have a big comment explaining how we differ from
> the spec, and why.
>

Wouldn't this only break existing applications that do incorrect
things (passing invalid values) ?
If that's the case I'd say breaking them is OK and we should change to
follow the spec.

I don't like potential userspace breakage any more than the next guy,
but if the breakage only affects buggy applications then I think it's
more acceptable.

--
Jesper Juhl <jesper.juhl@xxxxxxxxx>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/