releases/5.1.6/sched-rt-check-integer-overflow-at-usec-to-nsec-conv.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From 03d3e265acc8f83246f87718fb91815a8f5b0bfc Mon Sep 17 00:00:00 2001
 From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
 Date: Wed, 27 Feb 2019 11:10:17 +0300
 Subject: sched/rt: Check integer overflow at usec to nsec conversion

 [ Upstream commit 1a010e29cfa00fee2888fd2fd4983f848cbafb58 ]

 Example of unhandled overflows:

  # echo 18446744073709651 > cpu.rt_runtime_us
  # cat cpu.rt_runtime_us
  99

  # echo 18446744073709900 > cpu.rt_period_us
  # cat cpu.rt_period_us
  348

 After this patch they will fail with -EINVAL.

 Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
 Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
 Cc: Linus Torvalds <torvalds@linux-foundation.org>
 Cc: Peter Zijlstra <peterz@infradead.org>
 Cc: Thomas Gleixner <tglx@linutronix.de>
 Link: http://lkml.kernel.org/r/155125501739.293431.5252197504404771496.stgit@buzz
 Signed-off-by: Ingo Molnar <mingo@kernel.org>
 Signed-off-by: Sasha Levin <sashal@kernel.org>
 ---
  kernel/sched/rt.c | 5 +++++
  1 file changed, 5 insertions(+)

 diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
 index 90fa23d36565d..1e6b909dca367 100644
 --- a/kernel/sched/rt.c
 +++ b/kernel/sched/rt.c
 @@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
  	rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
  	if (rt_runtime_us < 0)
  		rt_runtime = RUNTIME_INF;
 +	else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
 +		return -EINVAL;

  	return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
  }
 @@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
  {
  	u64 rt_runtime, rt_period;

 +	if (rt_period_us > U64_MAX / NSEC_PER_USEC)
 +		return -EINVAL;
 +
  	rt_period = rt_period_us * NSEC_PER_USEC;
  	rt_runtime = tg->rt_bandwidth.rt_runtime;

 --
 2.20.1
	From 03d3e265acc8f83246f87718fb91815a8f5b0bfc Mon Sep 17 00:00:00 2001
	From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
	Date: Wed, 27 Feb 2019 11:10:17 +0300
	Subject: sched/rt: Check integer overflow at usec to nsec conversion

	[ Upstream commit 1a010e29cfa00fee2888fd2fd4983f848cbafb58 ]

	Example of unhandled overflows:

	# echo 18446744073709651 > cpu.rt_runtime_us
	# cat cpu.rt_runtime_us
	99

	# echo 18446744073709900 > cpu.rt_period_us
	# cat cpu.rt_period_us
	348

	After this patch they will fail with -EINVAL.

	Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
	Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
	Cc: Linus Torvalds <torvalds@linux-foundation.org>
	Cc: Peter Zijlstra <peterz@infradead.org>
	Cc: Thomas Gleixner <tglx@linutronix.de>
	Link: http://lkml.kernel.org/r/155125501739.293431.5252197504404771496.stgit@buzz
	Signed-off-by: Ingo Molnar <mingo@kernel.org>
	Signed-off-by: Sasha Levin <sashal@kernel.org>
	---
	kernel/sched/rt.c \| 5 +++++
	1 file changed, 5 insertions(+)

	diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
	index 90fa23d36565d..1e6b909dca367 100644
	--- a/kernel/sched/rt.c
	+++ b/kernel/sched/rt.c
	@@ -2555,6 +2555,8 @@ int sched_group_set_rt_runtime(struct task_group *tg, long rt_runtime_us)
	rt_runtime = (u64)rt_runtime_us * NSEC_PER_USEC;
	if (rt_runtime_us < 0)
	rt_runtime = RUNTIME_INF;
	+ else if ((u64)rt_runtime_us > U64_MAX / NSEC_PER_USEC)
	+ return -EINVAL;

	return tg_set_rt_bandwidth(tg, rt_period, rt_runtime);
	}
	@@ -2575,6 +2577,9 @@ int sched_group_set_rt_period(struct task_group *tg, u64 rt_period_us)
	{
	u64 rt_runtime, rt_period;

	+ if (rt_period_us > U64_MAX / NSEC_PER_USEC)
	+ return -EINVAL;
	+
	rt_period = rt_period_us * NSEC_PER_USEC;
	rt_runtime = tg->rt_bandwidth.rt_runtime;

	--
	2.20.1