Re: [PATCH 1/2] y2038: make CONFIG_64BIT_TIME unconditional

From: Arnd Bergmann
Date: Sat Apr 27 2019 - 16:47:41 EST

On Sat, Apr 27, 2019 at 5:06 PM Lukasz Majewski <lukma@xxxxxxx> wrote:
> > 27.04.2019 Ð 00:46:53 +0200 Lukasz Majewski ÐÐÐÐÑÐÐ:
> > (I am wondering whether such trucation is undefined behaviour in C
> According to [1] - Chapter - Point 3 it is
> implementation-defined.

The kernel relies on the sane behavior for integer overflow in many
places already, and it is built with -fno-strict-overflow to also make
sure gcc doesn't optimize cases that would be undefined otherwise.

> > and
> > whether there should be sign-extension instead of zeroing-out for the
> > in_compat_syscall() case though.)
> What I've found is that "typically" the high order bits are discarded.
> However, it is still "implementation dependent".

I think the question was whether we should use

kts.tv_nsec = (int)kts.tv_nsec;

instead of

kts.tv_nsec &= 0xfffffffful;

Both have a clearly defined meaning in the C dialect we use in the
kernel, but differ in the upper 32 bits for negative input values.

I would say that using sign-extension indeed makes more sense
here, but we don't need to change it for linux-5.1, since none of the
callers of get_timespec64() care -- any negative 32-bit tv_nsec
value results in -EINVAL, including the utimensat() syscall that
has two special cases outside of the 0...999999999 range.