itimer: Make timeval to nsec conversion range limited
authorThomas Gleixner <tglx@linutronix.de>
Tue, 20 Jun 2017 15:37:35 +0000 (17:37 +0200)
committerThomas Gleixner <tglx@linutronix.de>
Tue, 20 Jun 2017 19:33:56 +0000 (21:33 +0200)
commit35eb7258c009dc478338e674a5a84d25d0929c56
tree7fae943ef2569bf8db0a2e76b60c6027698f3760
parentd15bc69affc57d7985a01745ca28eafa0772325b
itimer: Make timeval to nsec conversion range limited

The expiry time of a itimer is supplied through sys_setitimer() via a
struct timeval. The timeval is validated for correctness.

In the actual set timer implementation the timeval is converted to a
scalar nanoseconds value. If the tv_sec part of the time spec is large
enough the conversion to nanoseconds (sec * NSEC_PER_SEC) overflows 64bit.

Mitigate that by using the timeval_to_ktime() conversion function, which
checks the tv_sec part for a potential mult overflow and clamps the result
to KTIME_MAX, which is about 292 years.

Reported-by: Xishi Qiu <qiuxishi@huawei.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: John Stultz <john.stultz@linaro.org>
Link: http://lkml.kernel.org/r/20170620154113.505981643@linutronix.de
kernel/time/itimer.c