Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/kern kern_time: prevent the system clock from being set ...



details:   https://anonhg.NetBSD.org/src/rev/89532e783e1a
branches:  trunk
changeset: 1015595:89532e783e1a
user:      nia <nia%NetBSD.org@localhost>
date:      Tue Oct 27 00:07:18 2020 +0000

description:
kern_time: prevent the system clock from being set too low or high

currently doing this will drive KUBSAN haywire and possibly cause
system lock-ups, so more testing should probably be performed before
we let the clock be set too many thousands of years into the future.

ditto for negative values, which were being passed by chrony for
some reason while my internet connection was being unreliable.
this also triggered some interesting KUBSAN reports.

diffstat:

 sys/kern/kern_time.c |  11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diffs (32 lines):

diff -r 549126eea213 -r 89532e783e1a sys/kern/kern_time.c
--- a/sys/kern/kern_time.c      Mon Oct 26 23:28:52 2020 +0000
+++ b/sys/kern/kern_time.c      Tue Oct 27 00:07:18 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: kern_time.c,v 1.205 2020/05/23 23:42:43 ad Exp $       */
+/*     $NetBSD: kern_time.c,v 1.206 2020/10/27 00:07:18 nia Exp $      */
 
 /*-
  * Copyright (c) 2000, 2004, 2005, 2007, 2008, 2009 The NetBSD Foundation, Inc.
@@ -61,7 +61,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.205 2020/05/23 23:42:43 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.206 2020/10/27 00:07:18 nia Exp $");
 
 #include <sys/param.h>
 #include <sys/resourcevar.h>
@@ -137,6 +137,13 @@
 {
        struct timespec delta, now;
 
+       /*
+        * The time being set to an unreasonable value will cause
+        * unreasonable system behaviour.
+        */
+       if (ts->tv_sec < 0 || ts->tv_sec > (1LL << 36))
+               return (EINVAL);
+
        /* WHAT DO WE DO ABOUT PENDING REAL-TIME TIMEOUTS??? */
        nanotime(&now);
        timespecsub(ts, &now, &delta);



Home | Main Index | Thread Index | Old Index