From: Arnd Bergmann <arnd@arndb.de>
To: Anil Gurumurthy <anil.gurumurthy@qlogic.com>,
Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>,
"James E . J . Bottomley" <jejb@linux.vnet.ibm.com>,
"Martin K . Petersen" <martin.petersen@oracle.com>
Cc: linux-scsi@vger.kernel.org, linux-kernel@vger.kernel.org,
y2038@lists.linaro.org, hch@lst.de, hare@suse.com,
jthumshirn@suse.de, Arnd Bergmann <arnd@arndb.de>
Subject: [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events
Date: Fri, 10 Nov 2017 16:37:14 +0100 [thread overview]
Message-ID: <20171110153715.1929456-7-arnd@arndb.de> (raw)
In-Reply-To: <20171110153715.1929456-1-arnd@arndb.de>
bfa_aen_entry_s is passed to user space in a netlink message, but
is defined using a 'struct timeval' and an 'enum' that are not only
different between architectures, but also between 32-bit user space and
64-bit kernels they may run on, as well as depending on the particular
C library that defines timeval.
This changes the in-kernel definition to no longer use the timeval
type directly but instead use two open-coded 'unsigned long' members.
This keeps the existing ABI, but making the variable unsigned also
helps make it work after y2038, until it overflows in 2106.
Since the macro becomes overly complex at this point, I'm changing
it to an inline function for readability.
I'm not changing the 32-bit user-space ABI at this point, to keep the
changes separate, I deally this would be defined using the same
binary layout for all architectures.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
drivers/scsi/bfa/bfa_defs_svc.h | 3 ++-
drivers/scsi/bfa/bfad_im.h | 32 ++++++++++++++++++++++----------
2 files changed, 24 insertions(+), 11 deletions(-)
diff --git a/drivers/scsi/bfa/bfa_defs_svc.h b/drivers/scsi/bfa/bfa_defs_svc.h
index e81707f938cb..df1e874015c4 100644
--- a/drivers/scsi/bfa/bfa_defs_svc.h
+++ b/drivers/scsi/bfa/bfa_defs_svc.h
@@ -1455,7 +1455,8 @@ struct bfa_aen_entry_s {
enum bfa_aen_category aen_category;
u32 aen_type;
union bfa_aen_data_u aen_data;
- struct timeval aen_tv;
+ unsigned long aen_tv_sec;
+ unsigned long aen_tv_usec;
u32 seq_num;
u32 bfad_num;
};
diff --git a/drivers/scsi/bfa/bfad_im.h b/drivers/scsi/bfa/bfad_im.h
index c81ec2a77ef5..7f7616c52814 100644
--- a/drivers/scsi/bfa/bfad_im.h
+++ b/drivers/scsi/bfa/bfad_im.h
@@ -131,16 +131,28 @@ struct bfad_im_s {
} while (0)
/* post fc_host vendor event */
-#define bfad_im_post_vendor_event(_entry, _drv, _cnt, _cat, _evt) do { \
- do_gettimeofday(&(_entry)->aen_tv); \
- (_entry)->bfad_num = (_drv)->inst_no; \
- (_entry)->seq_num = (_cnt); \
- (_entry)->aen_category = (_cat); \
- (_entry)->aen_type = (_evt); \
- if ((_drv)->bfad_flags & BFAD_FC4_PROBE_DONE) \
- queue_work((_drv)->im->drv_workq, \
- &(_drv)->im->aen_im_notify_work); \
-} while (0)
+static inline void bfad_im_post_vendor_event(struct bfa_aen_entry_s *entry,
+ struct bfad_s *drv, int cnt,
+ enum bfa_aen_category cat,
+ enum bfa_ioc_aen_event evt)
+{
+ struct timespec64 ts;
+
+ ktime_get_real_ts64(&ts);
+ /*
+ * 'unsigned long aen_tv_sec' overflows in y2106 on 32-bit
+ * architectures, or in 2038 if user space interprets it
+ * as 'signed'.
+ */
+ entry->aen_tv_sec = ts.tv_sec;
+ entry->aen_tv_usec = ts.tv_nsec / NSEC_PER_USEC;
+ entry->bfad_num = drv->inst_no;
+ entry->seq_num = cnt;
+ entry->aen_category = cat;
+ entry->aen_type = evt;
+ if (drv->bfad_flags & BFAD_FC4_PROBE_DONE)
+ queue_work(drv->im->drv_workq, &drv->im->aen_im_notify_work);
+}
struct Scsi_Host *bfad_scsi_host_alloc(struct bfad_im_port_s *im_port,
struct bfad_s *);
--
2.9.0
WARNING: multiple messages have this Message-ID (diff)
From: Arnd Bergmann <arnd@arndb.de>
To: Anil Gurumurthy <anil.gurumurthy@qlogic.com>,
Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>,
"James E . J . Bottomley" <jejb@linux.vnet.ibm.com>,
"Martin K . Petersen" <martin.petersen@oracle.com>
Cc: hare@suse.com, Arnd Bergmann <arnd@arndb.de>,
linux-scsi@vger.kernel.org, y2038@lists.linaro.org,
linux-kernel@vger.kernel.org, jthumshirn@suse.de, hch@lst.de
Subject: [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events
Date: Fri, 10 Nov 2017 16:37:14 +0100 [thread overview]
Message-ID: <20171110153715.1929456-7-arnd@arndb.de> (raw)
In-Reply-To: <20171110153715.1929456-1-arnd@arndb.de>
bfa_aen_entry_s is passed to user space in a netlink message, but
is defined using a 'struct timeval' and an 'enum' that are not only
different between architectures, but also between 32-bit user space and
64-bit kernels they may run on, as well as depending on the particular
C library that defines timeval.
This changes the in-kernel definition to no longer use the timeval
type directly but instead use two open-coded 'unsigned long' members.
This keeps the existing ABI, but making the variable unsigned also
helps make it work after y2038, until it overflows in 2106.
Since the macro becomes overly complex at this point, I'm changing
it to an inline function for readability.
I'm not changing the 32-bit user-space ABI at this point, to keep the
changes separate, I deally this would be defined using the same
binary layout for all architectures.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
drivers/scsi/bfa/bfa_defs_svc.h | 3 ++-
drivers/scsi/bfa/bfad_im.h | 32 ++++++++++++++++++++++----------
2 files changed, 24 insertions(+), 11 deletions(-)
diff --git a/drivers/scsi/bfa/bfa_defs_svc.h b/drivers/scsi/bfa/bfa_defs_svc.h
index e81707f938cb..df1e874015c4 100644
--- a/drivers/scsi/bfa/bfa_defs_svc.h
+++ b/drivers/scsi/bfa/bfa_defs_svc.h
@@ -1455,7 +1455,8 @@ struct bfa_aen_entry_s {
enum bfa_aen_category aen_category;
u32 aen_type;
union bfa_aen_data_u aen_data;
- struct timeval aen_tv;
+ unsigned long aen_tv_sec;
+ unsigned long aen_tv_usec;
u32 seq_num;
u32 bfad_num;
};
diff --git a/drivers/scsi/bfa/bfad_im.h b/drivers/scsi/bfa/bfad_im.h
index c81ec2a77ef5..7f7616c52814 100644
--- a/drivers/scsi/bfa/bfad_im.h
+++ b/drivers/scsi/bfa/bfad_im.h
@@ -131,16 +131,28 @@ struct bfad_im_s {
} while (0)
/* post fc_host vendor event */
-#define bfad_im_post_vendor_event(_entry, _drv, _cnt, _cat, _evt) do { \
- do_gettimeofday(&(_entry)->aen_tv); \
- (_entry)->bfad_num = (_drv)->inst_no; \
- (_entry)->seq_num = (_cnt); \
- (_entry)->aen_category = (_cat); \
- (_entry)->aen_type = (_evt); \
- if ((_drv)->bfad_flags & BFAD_FC4_PROBE_DONE) \
- queue_work((_drv)->im->drv_workq, \
- &(_drv)->im->aen_im_notify_work); \
-} while (0)
+static inline void bfad_im_post_vendor_event(struct bfa_aen_entry_s *entry,
+ struct bfad_s *drv, int cnt,
+ enum bfa_aen_category cat,
+ enum bfa_ioc_aen_event evt)
+{
+ struct timespec64 ts;
+
+ ktime_get_real_ts64(&ts);
+ /*
+ * 'unsigned long aen_tv_sec' overflows in y2106 on 32-bit
+ * architectures, or in 2038 if user space interprets it
+ * as 'signed'.
+ */
+ entry->aen_tv_sec = ts.tv_sec;
+ entry->aen_tv_usec = ts.tv_nsec / NSEC_PER_USEC;
+ entry->bfad_num = drv->inst_no;
+ entry->seq_num = cnt;
+ entry->aen_category = cat;
+ entry->aen_type = evt;
+ if (drv->bfad_flags & BFAD_FC4_PROBE_DONE)
+ queue_work(drv->im->drv_workq, &drv->im->aen_im_notify_work);
+}
struct Scsi_Host *bfad_scsi_host_alloc(struct bfad_im_port_s *im_port,
struct bfad_s *);
--
2.9.0
_______________________________________________
Y2038 mailing list
Y2038@lists.linaro.org
https://lists.linaro.org/mailman/listinfo/y2038
next prev parent reply other threads:[~2017-11-10 15:38 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-10 15:37 [PATCH 0/7] scsi: bfa: do_gettimeofday removal Arnd Bergmann
2017-11-10 15:37 ` Arnd Bergmann
2017-11-10 15:37 ` [PATCH 1/7] scsi: bfa: use ktime_get_real_ts64 for firmware timestamp Arnd Bergmann
2017-11-10 15:37 ` Arnd Bergmann
2017-11-10 15:37 ` [PATCH 2/7] scsi: bfa: use proper time accessor for stats_reset_time Arnd Bergmann
2017-11-10 15:37 ` [PATCH 3/7] scsi: bfa: improve bfa_ioc_send_enable/disable data Arnd Bergmann
2017-11-13 14:08 ` [Y2038] " Ben Hutchings
2017-11-13 14:55 ` Arnd Bergmann
2017-11-10 15:37 ` [PATCH 4/7] scsi: bfa: document overflow of io_profile_start_time Arnd Bergmann
2017-11-10 15:37 ` [PATCH 5/7] scsi: bfa: replace bfa_get_log_time() with ktime_get_real_seconds() Arnd Bergmann
2017-11-10 15:37 ` Arnd Bergmann
2017-11-10 15:37 ` Arnd Bergmann [this message]
2017-11-10 15:37 ` [PATCH 6/7] scsi: bfa: try to sanitize vendor netlink events Arnd Bergmann
2017-11-10 15:37 ` [PATCH 7/7] scsi: bfa: use 64-bit times in bfa_aen_entry_s ABI Arnd Bergmann
2017-11-10 17:24 ` [PATCH 0/7] scsi: bfa: do_gettimeofday removal Christoph Hellwig
2017-11-10 17:33 ` Gurumurthy, Anil
2017-11-21 3:04 ` Martin K. Petersen
2017-11-21 3:04 ` Martin K. Petersen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171110153715.1929456-7-arnd@arndb.de \
--to=arnd@arndb.de \
--cc=anil.gurumurthy@qlogic.com \
--cc=hare@suse.com \
--cc=hch@lst.de \
--cc=jejb@linux.vnet.ibm.com \
--cc=jthumshirn@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=martin.petersen@oracle.com \
--cc=sudarsana.kalluru@qlogic.com \
--cc=y2038@lists.linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.