summaryrefslogtreecommitdiffstats
path: root/kernel/time
diff options
context:
space:
mode:
authorThomas Gleixner <tglx@linutronix.de>2014-10-20 13:07:50 +0200
committerThomas Gleixner <tglx@linutronix.de>2014-10-25 10:43:15 +0200
commit10632008b9e18b76cbff0ffc69c15e948aa548e0 (patch)
tree4694d20120da394c2d501ef7eb4b9f7d5dd8ec90 /kernel/time
parentposix-timers: Fix stack info leak in timer_create() (diff)
downloadlinux-10632008b9e18b76cbff0ffc69c15e948aa548e0.tar.xz
linux-10632008b9e18b76cbff0ffc69c15e948aa548e0.zip
clockevents: Prevent shift out of bounds
Andrey reported that on a kernel with UBSan enabled he found: UBSan: Undefined behaviour in ../kernel/time/clockevents.c:75:34 I guess it should be 1ULL here instead of 1U: (!ismax || evt->mult <= (1U << evt->shift))) That's indeed the correct solution because shift might be 32. Reported-by: Andrey Ryabinin <a.ryabinin@samsung.com> Cc: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Diffstat (limited to 'kernel/time')
-rw-r--r--kernel/time/clockevents.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/time/clockevents.c b/kernel/time/clockevents.c
index 9c94c19f1305..55449909f114 100644
--- a/kernel/time/clockevents.c
+++ b/kernel/time/clockevents.c
@@ -72,7 +72,7 @@ static u64 cev_delta2ns(unsigned long latch, struct clock_event_device *evt,
* Also omit the add if it would overflow the u64 boundary.
*/
if ((~0ULL - clc > rnd) &&
- (!ismax || evt->mult <= (1U << evt->shift)))
+ (!ismax || evt->mult <= (1ULL << evt->shift)))
clc += rnd;
do_div(clc, evt->mult);