[3.16.y-ckt stable] Patch "time: adjtimex: Validate the ADJ_FREQUENCY values" has been added to staging queue

John Stultz john.stultz at linaro.org
Mon Feb 2 18:09:09 UTC 2015 

Might hold off on merging this one as we've gotten some problem
reports against it w/ 3.18-stable.

thanks
-john

On Mon, Feb 2, 2015 at 3:49 AM, Luis Henriques
<luis.henriques at canonical.com> wrote:
> This is a note to let you know that I have just added a patch titled
>
>     time: adjtimex: Validate the ADJ_FREQUENCY values
>
> to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree
> which can be found at:
>
>  http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.16.y-queue
>
> This patch is scheduled to be released in version 3.16.7-ckt6.
>
> If you, or anyone else, feels it should not be added to this tree, please
> reply to this email.
>
> For more information about the 3.16.y-ckt tree, see
> https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable
>
> Thanks.
> -Luis
>
> ------
>
> From e18034cee3c5aaf021dedb9f7b3fbf280daf50ef Mon Sep 17 00:00:00 2001
> From: Sasha Levin <sasha.levin at oracle.com>
> Date: Wed, 3 Dec 2014 19:25:05 -0500
> Subject: time: adjtimex: Validate the ADJ_FREQUENCY values
>
> commit 5e5aeb4367b450a28f447f6d5ab57d8f2ab16a5f upstream.
>
> Verify that the frequency value from userspace is valid and makes sense.
>
> Unverified values can cause overflows later on.
>
> Cc: Thomas Gleixner <tglx at linutronix.de>
> Cc: Ingo Molnar <mingo at kernel.org>
> Signed-off-by: Sasha Levin <sasha.levin at oracle.com>
> [jstultz: Fix up bug for negative values and drop redunent cap check]
> Signed-off-by: John Stultz <john.stultz at linaro.org>
> Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
> ---
>  kernel/time/ntp.c | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c
> index 33db43a39515..3fca3fdd7c82 100644
> --- a/kernel/time/ntp.c
> +++ b/kernel/time/ntp.c
> @@ -632,6 +632,13 @@ int ntp_validate_timex(struct timex *txc)
>         if ((txc->modes & ADJ_SETOFFSET) && (!capable(CAP_SYS_TIME)))
>                 return -EPERM;
>
> +       if (txc->modes & ADJ_FREQUENCY) {
> +               if (LONG_MIN / PPM_SCALE > txc->freq)
> +                       return -EINVAL;
> +               if (LONG_MAX / PPM_SCALE < txc->freq)
> +                       return -EINVAL;
> +       }
> +
>         return 0;
>  }
>
> --
> 2.1.4
>

More information about the kernel-team mailing list