diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2006-03-25 06:06:33 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 11:22:48 -0500 |
| commit | c08b8a49100715b20e6f7c997e992428b5e06078 (patch) | |
| tree | 014758fb05908a3d49eeadc77f16dfa7585b12ac /kernel/itimer.c | |
| parent | 185ae6d7a32721e9062030a9f2d24ed714fa45df (diff) | |
[PATCH] sys_alarm() unsigned signed conversion fixup
alarm() calls the kernel with an unsigend int timeout in seconds. The
value is stored in the tv_sec field of a struct timeval to setup the
itimer. The tv_sec field of struct timeval is of type long, which causes
the tv_sec value to be negative on 32 bit machines if seconds > INT_MAX.
Before the hrtimer merge (pre 2.6.16) such a negative value was converted
to the maximum jiffies timeout by the timeval_to_jiffies conversion. It's
not clear whether this was intended or just happened to be done by the
timeval_to_jiffies code.
hrtimers expect a timeval in canonical form and treat a negative timeout as
already expired. This breaks the legitimate usage of alarm() with a
timeout value > INT_MAX seconds.
For 32 bit machines it is therefor necessary to limit the internal seconds
value to avoid API breakage. Instead of doing this in all implementations
of sys_alarm the duplicated sys_alarm code is moved into a common function
in itimer.c
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'kernel/itimer.c')
| -rw-r--r-- | kernel/itimer.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/kernel/itimer.c b/kernel/itimer.c index 379be2f8c84c..a2dc375927d8 100644 --- a/kernel/itimer.c +++ b/kernel/itimer.c | |||
| @@ -226,6 +226,43 @@ again: | |||
| 226 | return 0; | 226 | return 0; |
| 227 | } | 227 | } |
| 228 | 228 | ||
| 229 | /** | ||
| 230 | * alarm_setitimer - set alarm in seconds | ||
| 231 | * | ||
| 232 | * @seconds: number of seconds until alarm | ||
| 233 | * 0 disables the alarm | ||
| 234 | * | ||
| 235 | * Returns the remaining time in seconds of a pending timer or 0 when | ||
| 236 | * the timer is not active. | ||
| 237 | * | ||
| 238 | * On 32 bit machines the seconds value is limited to (INT_MAX/2) to avoid | ||
| 239 | * negative timeval settings which would cause immediate expiry. | ||
| 240 | */ | ||
| 241 | unsigned int alarm_setitimer(unsigned int seconds) | ||
| 242 | { | ||
| 243 | struct itimerval it_new, it_old; | ||
| 244 | |||
| 245 | #if BITS_PER_LONG < 64 | ||
| 246 | if (seconds > INT_MAX) | ||
| 247 | seconds = INT_MAX; | ||
| 248 | #endif | ||
| 249 | it_new.it_value.tv_sec = seconds; | ||
| 250 | it_new.it_value.tv_usec = 0; | ||
| 251 | it_new.it_interval.tv_sec = it_new.it_interval.tv_usec = 0; | ||
| 252 | |||
| 253 | do_setitimer(ITIMER_REAL, &it_new, &it_old); | ||
| 254 | |||
| 255 | /* | ||
| 256 | * We can't return 0 if we have an alarm pending ... And we'd | ||
| 257 | * better return too much than too little anyway | ||
| 258 | */ | ||
| 259 | if ((!it_old.it_value.tv_sec && it_old.it_value.tv_usec) || | ||
| 260 | it_old.it_value.tv_usec >= 500000) | ||
| 261 | it_old.it_value.tv_sec++; | ||
| 262 | |||
| 263 | return it_old.it_value.tv_sec; | ||
| 264 | } | ||
| 265 | |||
| 229 | asmlinkage long sys_setitimer(int which, | 266 | asmlinkage long sys_setitimer(int which, |
| 230 | struct itimerval __user *value, | 267 | struct itimerval __user *value, |
| 231 | struct itimerval __user *ovalue) | 268 | struct itimerval __user *ovalue) |