base/SOURCES/0737-udev-check-age-against...

From 2b0874a8a0ff4bced5da0c25a4b3f3fbd2595e23 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 1 May 2019 15:58:44 +0200
Subject: [PATCH] udev: check age against both timeouts to prevent integer
 wraparound

If we get back to while loop after timeout_warn (roughly 60s)
expired for the first time, but before age of the event is larger than
second timeout (roughly 120s) we would try to recompute timeout_warn
again. Previously the following code,

if (timeout_warn_usec > 0)
        timeout_warn = ((timeout_warn_usec - age_usec) / USEC_PER_MSEC) + MSEC_PER_SEC;

would cause an integer wraparound because (timeout_warn_usec - age_usec)
is negative however both timeout_warn_usec and age_usec are
unsigned.

This can happen if we get SIGTERM from the main daemon while waiting in
the second poll(), i.e. after timeout_warn already expired, because on
SIGTERM we just take a note of that happening in event->sigterm and
continue.

Related: #1697909
---
 src/udev/udev-event.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c
index 07b82d093e..5550ec93de 100644
--- a/src/udev/udev-event.c
+++ b/src/udev/udev-event.c
@@ -559,7 +559,7 @@ static int spawn_wait(struct udev_event *event,
                         usec_t age_usec;
 
                         age_usec = now(CLOCK_MONOTONIC) - event->birth_usec;
-                        if (age_usec >= timeout_usec)
+                        if (age_usec >= timeout_usec || age_usec >= timeout_warn_usec)
                                 timeout = 1000;
                         else {
                                 if (timeout_warn_usec > 0)
systemd package update Signed-off-by: basebuilder_pel7ppc64lebuilder0 <basebuilder@powerel.org> 5 years ago			`From 2b0874a8a0ff4bced5da0c25a4b3f3fbd2595e23 Mon Sep 17 00:00:00 2001`
			`From: Michal Sekletar <msekleta@redhat.com>`
			`Date: Wed, 1 May 2019 15:58:44 +0200`
			`Subject: [PATCH] udev: check age against both timeouts to prevent integer`
			`wraparound`

			`If we get back to while loop after timeout_warn (roughly 60s)`
			`expired for the first time, but before age of the event is larger than`
			`second timeout (roughly 120s) we would try to recompute timeout_warn`
			`again. Previously the following code,`

			`if (timeout_warn_usec > 0)`
			`timeout_warn = ((timeout_warn_usec - age_usec) / USEC_PER_MSEC) + MSEC_PER_SEC;`

			`would cause an integer wraparound because (timeout_warn_usec - age_usec)`
			`is negative however both timeout_warn_usec and age_usec are`
			`unsigned.`

			`This can happen if we get SIGTERM from the main daemon while waiting in`
			`the second poll(), i.e. after timeout_warn already expired, because on`
			`SIGTERM we just take a note of that happening in event->sigterm and`
			`continue.`

			`Related: #1697909`
			`---`
			`src/udev/udev-event.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/src/udev/udev-event.c b/src/udev/udev-event.c`
			`index 07b82d093e..5550ec93de 100644`
			`--- a/src/udev/udev-event.c`
			`+++ b/src/udev/udev-event.c`
			`@@ -559,7 +559,7 @@ static int spawn_wait(struct udev_event *event,`
			`usec_t age_usec;`

			`age_usec = now(CLOCK_MONOTONIC) - event->birth_usec;`
			`- if (age_usec >= timeout_usec)`
			`+ if (age_usec >= timeout_usec \|\| age_usec >= timeout_warn_usec)`
			`timeout = 1000;`
			`else {`
			`if (timeout_warn_usec > 0)`