From patchwork Sun Apr 21 21:15:03 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alex Elder X-Patchwork-Id: 2469481 Return-Path: X-Original-To: patchwork-ceph-devel@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id DB2FCDF230 for ; Sun, 21 Apr 2013 21:15:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751914Ab3DUVPH (ORCPT ); Sun, 21 Apr 2013 17:15:07 -0400 Received: from mail-ia0-f171.google.com ([209.85.210.171]:54296 "EHLO mail-ia0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751720Ab3DUVPG (ORCPT ); Sun, 21 Apr 2013 17:15:06 -0400 Received: by mail-ia0-f171.google.com with SMTP id f27so4830452iae.16 for ; Sun, 21 Apr 2013 14:15:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding :x-gm-message-state; bh=DqC4MSQPBtjmC3GF/EyrzW8WT26NUypj4xJmUtUC8LE=; b=Yy/xE2B9zV/Iv7cZNdc2U7Q2KaWuISnygvy55FfqqP+nxWFaJKXEtKdMJjyM+pqz2i +Ey7DBBys9z3k2r96l/8vX8CtpkazvHGLSDQ1cgphJpD2CJ5OZDYuGAiJv6xVheoXioQ a7IG9M67Nr+qBHBXaYwI9hRVjNVoXYYFI7LA4meued2nx6RPJzDcwgK9G+XCgQzpDL5s ED5kBDsbt0NrwG48d9mRu4LlINpZWUXhdvxllBLTS7BWy4pYajO1VvSm8AwJoljY3W2i rdndZZbXMKnV+G17W+sgkpP9QOcHWQFs+HUHKZqRNOrYxui5FhC4+CR0Cjnx8+anKx7l tqOA== X-Received: by 10.42.42.69 with SMTP id s5mr11986254ice.2.1366578905246; Sun, 21 Apr 2013 14:15:05 -0700 (PDT) Received: from [172.22.22.4] (c-71-195-31-37.hsd1.mn.comcast.net. [71.195.31.37]) by mx.google.com with ESMTPSA id qn10sm12852697igc.6.2013.04.21.14.15.03 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 21 Apr 2013 14:15:04 -0700 (PDT) Message-ID: <517456D7.8090603@inktank.com> Date: Sun, 21 Apr 2013 16:15:03 -0500 From: Alex Elder User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 MIME-Version: 1.0 To: ceph-devel@vger.kernel.org Subject: [PATCH 2/2] libceph: validate timespec conversions References: <51745629.7080207@inktank.com> In-Reply-To: <51745629.7080207@inktank.com> X-Gm-Message-State: ALoCoQlJ0JMmki12Umdvf5nAy8uC8LMRb1/x4CsLN6tcnzKEeKcV0yPKtvmJwOwKTMpWx9gdTFLY Sender: ceph-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org A ceph timespec contains 32-bit unsigned values for its seconds and nanoseconds components. For a standard timespec, both fields are signed, and the seconds field is almost surely 64 bits. Add some explicit casts so the fact that this conversion is taking place is obvious. Also trip a bug if we ever try to put out of range (negative or too big) values into a ceph timespec. Signed-off-by: Alex Elder Reviewed-by: Josh Durgin --- include/linux/ceph/decode.h | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/include/linux/ceph/decode.h b/include/linux/ceph/decode.h index 9575a52..379f715 100644 --- a/include/linux/ceph/decode.h +++ b/include/linux/ceph/decode.h @@ -154,14 +154,19 @@ bad: static inline void ceph_decode_timespec(struct timespec *ts, const struct ceph_timespec *tv) { - ts->tv_sec = le32_to_cpu(tv->tv_sec); - ts->tv_nsec = le32_to_cpu(tv->tv_nsec); + ts->tv_sec = (__kernel_time_t)le32_to_cpu(tv->tv_sec); + ts->tv_nsec = (long)le32_to_cpu(tv->tv_nsec); } static inline void ceph_encode_timespec(struct ceph_timespec *tv, const struct timespec *ts) { - tv->tv_sec = cpu_to_le32(ts->tv_sec); - tv->tv_nsec = cpu_to_le32(ts->tv_nsec); + BUG_ON(ts->tv_sec < 0); + BUG_ON(ts->tv_sec > (__kernel_time_t)U32_MAX); + BUG_ON(ts->tv_nsec < 0); + BUG_ON(ts->tv_nsec > (long)U32_MAX); + + tv->tv_sec = cpu_to_le32((u32)ts->tv_sec); + tv->tv_nsec = cpu_to_le32((u32)ts->tv_nsec); } /*