net: avoid overflow when rose /proc displays timer information.
authorFrancois Romieu <romieu@fr.zoreil.com>
Tue, 2 Aug 2022 15:07:42 +0000 (17:07 +0200)
committerJakub Kicinski <kuba@kernel.org>
Sat, 6 Aug 2022 02:00:02 +0000 (19:00 -0700)
rose /proc code does not serialize timer accesses.

Initial report by Bernard F6BVP Pidoux exhibits overflow amounting
to 116 ticks on its HZ=250 system.

Full timer access serialization would imho be overkill as rose /proc
does not enforce consistency between displayed ROSE_STATE_XYZ and
timer values during changes of state.

The patch may also fix similar behavior in ax25 /proc, ax25 ioctl
and netrom /proc as they all exhibit the same timer serialization
policy. This point has not been reported though.

The sole remaining use of ax25_display_timer - ax25 rtt valuation -
may also perform marginally better but I have not analyzed it too
deeply.

Cc: Thomas DL9SAU Osterried <thomas@osterried.de>
Link: https://lore.kernel.org/all/d5e93cc7-a91f-13d3-49a1-b50c11f0f811@free.fr/
Signed-off-by: Francois Romieu <romieu@fr.zoreil.com>
Tested-by: Bernard Pidoux <f6bvp@free.fr>
Link: https://lore.kernel.org/r/Yuk9vq7t7VhmnOXu@electric-eye.fr.zoreil.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
net/ax25/ax25_timer.c

index 85865eb..9f7cb0a 100644 (file)
@@ -108,10 +108,12 @@ int ax25_t1timer_running(ax25_cb *ax25)
 
 unsigned long ax25_display_timer(struct timer_list *timer)
 {
+       long delta = timer->expires - jiffies;
+
        if (!timer_pending(timer))
                return 0;
 
-       return timer->expires - jiffies;
+       return max(0L, delta);
 }
 
 EXPORT_SYMBOL(ax25_display_timer);