From: Arnd Bergmann <arnd@arndb.de> To: Anil Gurumurthy <anil.gurumurthy@qlogic.com>, Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>, "James E . J . Bottomley" <jejb@linux.vnet.ibm.com>, "Martin K . Petersen" <martin.petersen@oracle.com> Cc: linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org, y2038@lists.linaro.org, hch@lst.de, hare@suse.com, jthumshirn@suse.de, Arnd Bergmann <arnd@arndb.de> Subject: [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events Date: Fri, 10 Nov 2017 16:37:14 +0100 [thread overview] Message-ID: <20171110153715.1929456-7-arnd@arndb.de> (raw) In-Reply-To: <20171110153715.1929456-1-arnd@arndb.de> bfa_aen_entry_s is passed to user space in a netlink message, but is defined using a 'struct timeval' and an 'enum' that are not only different between architectures, but also between 32-bit user space and 64-bit kernels they may run on, as well as depending on the particular C library that defines timeval. This changes the in-kernel definition to no longer use the timeval type directly but instead use two open-coded 'unsigned long' members. This keeps the existing ABI, but making the variable unsigned also helps make it work after y2038, until it overflows in 2106. Since the macro becomes overly complex at this point, I'm changing it to an inline function for readability. I'm not changing the 32-bit user-space ABI at this point, to keep the changes separate, I deally this would be defined using the same binary layout for all architectures. Signed-off-by: Arnd Bergmann <arnd@arndb.de> --- drivers/scsi/bfa/bfa_defs_svc.h | 3 ++- drivers/scsi/bfa/bfad_im.h | 32 ++++++++++++++++++++++---------- 2 files changed, 24 insertions(+), 11 deletions(-) diff --git a/drivers/scsi/bfa/bfa_defs_svc.h b/drivers/scsi/bfa/bfa_defs_svc.h index e81707f938cb..df1e874015c4 100644 --- a/drivers/scsi/bfa/bfa_defs_svc.h +++ b/drivers/scsi/bfa/bfa_defs_svc.h @@ -1455,7 +1455,8 @@ struct bfa_aen_entry_s { enum bfa_aen_category aen_category; u32 aen_type; union bfa_aen_data_u aen_data; - struct timeval aen_tv; + unsigned long aen_tv_sec; + unsigned long aen_tv_usec; u32 seq_num; u32 bfad_num; }; diff --git a/drivers/scsi/bfa/bfad_im.h b/drivers/scsi/bfa/bfad_im.h index c81ec2a77ef5..7f7616c52814 100644 --- a/drivers/scsi/bfa/bfad_im.h +++ b/drivers/scsi/bfa/bfad_im.h @@ -131,16 +131,28 @@ struct bfad_im_s { } while (0) /* post fc_host vendor event */ -#define bfad_im_post_vendor_event(_entry, _drv, _cnt, _cat, _evt) do { \ - do_gettimeofday(&(_entry)->aen_tv); \ - (_entry)->bfad_num = (_drv)->inst_no; \ - (_entry)->seq_num = (_cnt); \ - (_entry)->aen_category = (_cat); \ - (_entry)->aen_type = (_evt); \ - if ((_drv)->bfad_flags & BFAD_FC4_PROBE_DONE) \ - queue_work((_drv)->im->drv_workq, \ - &(_drv)->im->aen_im_notify_work); \ -} while (0) +static inline void bfad_im_post_vendor_event(struct bfa_aen_entry_s *entry, + struct bfad_s *drv, int cnt, + enum bfa_aen_category cat, + enum bfa_ioc_aen_event evt) +{ + struct timespec64 ts; + + ktime_get_real_ts64(&ts); + /* + * 'unsigned long aen_tv_sec' overflows in y2106 on 32-bit + * architectures, or in 2038 if user space interprets it + * as 'signed'. + */ + entry->aen_tv_sec = ts.tv_sec; + entry->aen_tv_usec = ts.tv_nsec / NSEC_PER_USEC; + entry->bfad_num = drv->inst_no; + entry->seq_num = cnt; + entry->aen_category = cat; + entry->aen_type = evt; + if (drv->bfad_flags & BFAD_FC4_PROBE_DONE) + queue_work(drv->im->drv_workq, &drv->im->aen_im_notify_work); +} struct Scsi_Host *bfad_scsi_host_alloc(struct bfad_im_port_s *im_port, struct bfad_s *); -- 2.9.0
WARNING: multiple messages have this Message-ID (diff)
From: Arnd Bergmann <arnd@arndb.de> To: Anil Gurumurthy <anil.gurumurthy@qlogic.com>, Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>, "James E . J . Bottomley" <jejb@linux.vnet.ibm.com>, "Martin K . Petersen" <martin.petersen@oracle.com> Cc: hare@suse.com, Arnd Bergmann <arnd@arndb.de>, linux-scsi@vger.kernel.org, y2038@lists.linaro.org, linux-kernel@vger.kernel.org, jthumshirn@suse.de, hch@lst.de Subject: [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events Date: Fri, 10 Nov 2017 16:37:14 +0100 [thread overview] Message-ID: <20171110153715.1929456-7-arnd@arndb.de> (raw) In-Reply-To: <20171110153715.1929456-1-arnd@arndb.de> bfa_aen_entry_s is passed to user space in a netlink message, but is defined using a 'struct timeval' and an 'enum' that are not only different between architectures, but also between 32-bit user space and 64-bit kernels they may run on, as well as depending on the particular C library that defines timeval. This changes the in-kernel definition to no longer use the timeval type directly but instead use two open-coded 'unsigned long' members. This keeps the existing ABI, but making the variable unsigned also helps make it work after y2038, until it overflows in 2106. Since the macro becomes overly complex at this point, I'm changing it to an inline function for readability. I'm not changing the 32-bit user-space ABI at this point, to keep the changes separate, I deally this would be defined using the same binary layout for all architectures. Signed-off-by: Arnd Bergmann <arnd@arndb.de> --- drivers/scsi/bfa/bfa_defs_svc.h | 3 ++- drivers/scsi/bfa/bfad_im.h | 32 ++++++++++++++++++++++---------- 2 files changed, 24 insertions(+), 11 deletions(-) diff --git a/drivers/scsi/bfa/bfa_defs_svc.h b/drivers/scsi/bfa/bfa_defs_svc.h index e81707f938cb..df1e874015c4 100644 --- a/drivers/scsi/bfa/bfa_defs_svc.h +++ b/drivers/scsi/bfa/bfa_defs_svc.h @@ -1455,7 +1455,8 @@ struct bfa_aen_entry_s { enum bfa_aen_category aen_category; u32 aen_type; union bfa_aen_data_u aen_data; - struct timeval aen_tv; + unsigned long aen_tv_sec; + unsigned long aen_tv_usec; u32 seq_num; u32 bfad_num; }; diff --git a/drivers/scsi/bfa/bfad_im.h b/drivers/scsi/bfa/bfad_im.h index c81ec2a77ef5..7f7616c52814 100644 --- a/drivers/scsi/bfa/bfad_im.h +++ b/drivers/scsi/bfa/bfad_im.h @@ -131,16 +131,28 @@ struct bfad_im_s { } while (0) /* post fc_host vendor event */ -#define bfad_im_post_vendor_event(_entry, _drv, _cnt, _cat, _evt) do { \ - do_gettimeofday(&(_entry)->aen_tv); \ - (_entry)->bfad_num = (_drv)->inst_no; \ - (_entry)->seq_num = (_cnt); \ - (_entry)->aen_category = (_cat); \ - (_entry)->aen_type = (_evt); \ - if ((_drv)->bfad_flags & BFAD_FC4_PROBE_DONE) \ - queue_work((_drv)->im->drv_workq, \ - &(_drv)->im->aen_im_notify_work); \ -} while (0) +static inline void bfad_im_post_vendor_event(struct bfa_aen_entry_s *entry, + struct bfad_s *drv, int cnt, + enum bfa_aen_category cat, + enum bfa_ioc_aen_event evt) +{ + struct timespec64 ts; + + ktime_get_real_ts64(&ts); + /* + * 'unsigned long aen_tv_sec' overflows in y2106 on 32-bit + * architectures, or in 2038 if user space interprets it + * as 'signed'. + */ + entry->aen_tv_sec = ts.tv_sec; + entry->aen_tv_usec = ts.tv_nsec / NSEC_PER_USEC; + entry->bfad_num = drv->inst_no; + entry->seq_num = cnt; + entry->aen_category = cat; + entry->aen_type = evt; + if (drv->bfad_flags & BFAD_FC4_PROBE_DONE) + queue_work(drv->im->drv_workq, &drv->im->aen_im_notify_work); +} struct Scsi_Host *bfad_scsi_host_alloc(struct bfad_im_port_s *im_port, struct bfad_s *); -- 2.9.0 _______________________________________________ Y2038 mailing list Y2038@lists.linaro.org https://lists.linaro.org/mailman/listinfo/y2038
next prev parent reply other threads:[~2017-11-10 15:38 UTC|newest] Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top 2017-11-10 15:37 [PATCH 0/7] scsi: bfa: do_gettimeofday removal Arnd Bergmann 2017-11-10 15:37 ` Arnd Bergmann 2017-11-10 15:37 ` [PATCH 1/7] scsi: bfa: use ktime_get_real_ts64 for firmware timestamp Arnd Bergmann 2017-11-10 15:37 ` Arnd Bergmann 2017-11-10 15:37 ` [PATCH 2/7] scsi: bfa: use proper time accessor for stats_reset_time Arnd Bergmann 2017-11-10 15:37 ` [PATCH 3/7] scsi: bfa: improve bfa_ioc_send_enable/disable data Arnd Bergmann 2017-11-13 14:08 ` [Y2038] " Ben Hutchings 2017-11-13 14:55 ` Arnd Bergmann 2017-11-10 15:37 ` [PATCH 4/7] scsi: bfa: document overflow of io_profile_start_time Arnd Bergmann 2017-11-10 15:37 ` [PATCH 5/7] scsi: bfa: replace bfa_get_log_time() with ktime_get_real_seconds() Arnd Bergmann 2017-11-10 15:37 ` Arnd Bergmann 2017-11-10 15:37 ` Arnd Bergmann [this message] 2017-11-10 15:37 ` [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events Arnd Bergmann 2017-11-10 15:37 ` [PATCH 7/7] scsi: bfa: use 64-bit times in bfa_aen_entry_s ABI Arnd Bergmann 2017-11-10 17:24 ` [PATCH 0/7] scsi: bfa: do_gettimeofday removal Christoph Hellwig 2017-11-10 17:33 ` Gurumurthy, Anil 2017-11-21 3:04 ` Martin K. Petersen 2017-11-21 3:04 ` Martin K. Petersen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20171110153715.1929456-7-arnd@arndb.de \ --to=arnd@arndb.de \ --cc=anil.gurumurthy@qlogic.com \ --cc=hare@suse.com \ --cc=hch@lst.de \ --cc=jejb@linux.vnet.ibm.com \ --cc=jthumshirn@suse.de \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-scsi@vger.kernel.org \ --cc=martin.petersen@oracle.com \ --cc=sudarsana.kalluru@qlogic.com \ --cc=y2038@lists.linaro.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.