Linus Torvalds <torva...@linux-foundation.org> wrote: > > David Howells (7): > > Handle leap seconds in mktime64() > > This one is completely wrong. > > Leap seconds are inserted *at* the minute, not at the secodn before the > minute. > > So this code: > > + /* Handle leap seconds */ > + if (sec == 60) > + sec = 59; > > is just complete crap. Making the whole commit bogus and wrong.
I did ask on ksummit-discuss beforehand. The advice was to treat hh:mm:60 as hh:mm:59 rather than hh:mm+1:00. Unless we actually support leap seconds as distinct time_t values, it has to be one or the other. > The code did the right thing wrt leap seconds before, without having > any magical and incorrect special case. That commit makes it instead > have two seconds of xx:xx:59. ... as opposed to two seconds of xx:xx+1:00. You can argue it either way - and arguably both are equally wrong since neither maps correctly to reality. > The fact that people add extra code to make things extra wrong is > annoying. The patch is marked as being cc'd to John Stultz, but I > assume it was never acked, because I doubt he would ack something like > this. > > To make things worse, this whole series seems to have existed for less > than one day, and then it was sent to me as a pull request, however > buggy and non-acked it was. I only asked James to pass the CVE-labelled commit on to you and didn't include it in a patch series. The rest I posted hoping for reviews. > To make things EVEN *more* broken, this crap was marked for stable. It will theoretically need to end up there anyway, since it is technically possible for the bugs to prevent a kernel from booting - just not very likely. -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html