[PATCH] hrtimers: prevent possible itimer DoS

Fix potential setitimer DoS with high-res timers by pushing itimer rearm
processing to process context.

[Fixes from: Ingo Molnar <mingo@elte.hu>]
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: john stultz <johnstul@us.ibm.com>
Cc: Roman Zippel <zippel@linux-m68k.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 6 insertions, 8 deletions

diff --git a/kernel/itimer.c b/kernel/itimer.c
index 4fc6c0caf5d4..307c6a632ef6 100644
--- a/kernel/itimer.c
+++ b/kernel/itimer.c
@@ -135,11 +135,6 @@ enum hrtimer_restart it_real_fn(struct hrtimer *timer)
 
         send_group_sig_info(SIGALRM, SEND_SIG_PRIV, sig->tsk);
 
-        if (sig->it_real_incr.tv64 != 0) {
-                hrtimer_forward(timer, hrtimer_cb_get_time(timer),
-                                sig->it_real_incr);
-                return HRTIMER_RESTART;
-        }
         return HRTIMER_NORESTART;
 }
 
@@ -231,11 +226,14 @@ again:
                         spin_unlock_irq(&tsk->sighand->siglock);
                         goto again;
                 }
-                tsk->signal->it_real_incr =
-                        timeval_to_ktime(value->it_interval);
                 expires = timeval_to_ktime(value->it_value);
-                if (expires.tv64 != 0)
+                if (expires.tv64 != 0) {
+                        tsk->signal->it_real_incr =
+                                timeval_to_ktime(value->it_interval);
                         hrtimer_start(timer, expires, HRTIMER_MODE_REL);
+                } else
+                        tsk->signal->it_real_incr.tv64 = 0;
+
                 spin_unlock_irq(&tsk->sighand->siglock);
                 break;
         case ITIMER_VIRTUAL: