upstream commit

Add monotime_ts and monotime_tv that return monotonic
timespec and timeval respectively.  Replace calls to gettimeofday() in packet
timing with monotime_tv so that the callers will work over a clock step.
Should prevent integer overflow during clock steps reported by wangle6 at
huawei.com. "I like" markus@

OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a

misc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.118 2017/10/25 00:17:08 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.119 2017/11/25 06:46:22 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -1259,8 +1259,8 @@ ms_subtract_diff(struct timeval *start, int *ms)
 {
 	struct timeval diff, finish;
 
-	gettimeofday(&finish, NULL);
-	timersub(&finish, start, &diff);	
+	monotime_tv(&finish);
+	timersub(&finish, start, &diff);
 	*ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000);
 }
 
@@ -1273,54 +1273,63 @@ ms_to_timeval(struct timeval *tv, int ms)
 	tv->tv_usec = (ms % 1000) * 1000;
 }
 
-time_t
-monotime(void)
+void
+monotime_ts(struct timespec *ts)
 {
-#if defined(HAVE_CLOCK_GETTIME) && \
-    (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME))
-	struct timespec ts;
+	struct timeval tv;
+#if defined(HAVE_CLOCK_GETTIME) && (defined(CLOCK_BOOTTIME) || \
+    defined(CLOCK_MONOTONIC) || defined(CLOCK_REALTIME))
 	static int gettime_failed = 0;
 
 	if (!gettime_failed) {
-#if defined(CLOCK_BOOTTIME)
-		if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0)
-			return (ts.tv_sec);
-#endif
-#if defined(CLOCK_MONOTONIC)
-		if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
-			return (ts.tv_sec);
-#endif
+# ifdef CLOCK_BOOTTIME
+		if (clock_gettime(CLOCK_BOOTTIME, ts) == 0)
+			return;
+# endif /* CLOCK_BOOTTIME */
+# ifdef CLOCK_MONOTONIC
+		if (clock_gettime(CLOCK_MONOTONIC, ts) == 0)
+			return;
+# endif /* CLOCK_MONOTONIC */
+# ifdef CLOCK_REALTIME
+		/* Not monotonic, but we're almost out of options here. */
+		if (clock_gettime(CLOCK_REALTIME, ts) == 0)
+			return;
+# endif /* CLOCK_REALTIME */
 		debug3("clock_gettime: %s", strerror(errno));
 		gettime_failed = 1;
 	}
-#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */
+#endif /* HAVE_CLOCK_GETTIME && (BOOTTIME || MONOTONIC || REALTIME) */
+	gettimeofday(&tv, NULL);
+	ts->tv_sec = tv.tv_sec;
+	ts->tv_nsec = (long)tv.tv_usec * 1000;
+}
 
-	return time(NULL);
+void
+monotime_tv(struct timeval *tv)
+{
+	struct timespec ts;
+
+	monotime_ts(&ts);
+	tv->tv_sec = ts.tv_sec;
+	tv->tv_usec = ts.tv_nsec / 1000;
+}
+
+time_t
+monotime(void)
+{
+	struct timespec ts;
+
+	monotime_ts(&ts);
+	return ts.tv_sec;
 }
 
 double
 monotime_double(void)
 {
-#if defined(HAVE_CLOCK_GETTIME) && \
-    (defined(CLOCK_MONOTONIC) || defined(CLOCK_BOOTTIME))
 	struct timespec ts;
-	static int gettime_failed = 0;
 
-	if (!gettime_failed) {
-#if defined(CLOCK_BOOTTIME)
-		if (clock_gettime(CLOCK_BOOTTIME, &ts) == 0)
-			return (ts.tv_sec + (double)ts.tv_nsec / 1000000000);
-#endif
-#if defined(CLOCK_MONOTONIC)
-		if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0)
-			return (ts.tv_sec + (double)ts.tv_nsec / 1000000000);
-#endif
-		debug3("clock_gettime: %s", strerror(errno));
-		gettime_failed = 1;
-	}
-#endif /* HAVE_CLOCK_GETTIME && (CLOCK_MONOTONIC || CLOCK_BOOTTIME */
-
-	return (double)time(NULL);
+	monotime_ts(&ts);
+	return ts.tv_sec + ((double)ts.tv_nsec / 1000000000);
 }
 
 void
@@ -1342,7 +1351,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len)
 	struct timespec ts, rm;
 
 	if (!timerisset(&bw->bwstart)) {
-		gettimeofday(&bw->bwstart, NULL);
+		monotime_tv(&bw->bwstart);
 		return;
 	}
 
@@ -1350,7 +1359,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len)
 	if (bw->lamt < bw->thresh)
 		return;
 
-	gettimeofday(&bw->bwend, NULL);
+	monotime_tv(&bw->bwend);
 	timersub(&bw->bwend, &bw->bwstart, &bw->bwend);
 	if (!timerisset(&bw->bwend))
 		return;
@@ -1384,7 +1393,7 @@ bandwidth_limit(struct bwlimit *bw, size_t read_len)
 	}
 
 	bw->lamt = 0;
-	gettimeofday(&bw->bwstart, NULL);
+	monotime_tv(&bw->bwstart);
 }
 
 /* Make a template filename for mk[sd]temp() */

misc.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.67 2017/10/25 00:17:08 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.68 2017/11/25 06:46:22 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -67,6 +67,8 @@ char	*tohex(const void *, size_t);
 void	 sanitise_stdfd(void);
 void	 ms_subtract_diff(struct timeval *, int *);
 void	 ms_to_timeval(struct timeval *, int);
+void	 monotime_ts(struct timespec *);
+void	 monotime_tv(struct timeval *);
 time_t	 monotime(void);
 double	 monotime_double(void);
 void	 lowercase(char *s);

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.266 2017/10/25 00:17:08 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.267 2017/11/25 06:46:22 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1332,7 +1332,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		for (;;) {
 			if (state->packet_timeout_ms != -1) {
 				ms_to_timeval(&timeout, ms_remain);
-				gettimeofday(&start, NULL);
+				monotime_tv(&start);
 			}
 			if ((r = select(state->connection_in + 1, setp,
 			    NULL, NULL, timeoutp)) >= 0)
@@ -1959,7 +1959,7 @@ ssh_packet_write_wait(struct ssh *ssh)
 		for (;;) {
 			if (state->packet_timeout_ms != -1) {
 				ms_to_timeval(&timeout, ms_remain);
-				gettimeofday(&start, NULL);
+				monotime_tv(&start);
 			}
 			if ((ret = select(state->connection_out + 1,
 			    NULL, setp, NULL, timeoutp)) >= 0)

ssh-keyscan.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.115 2017/06/30 04:17:23 dtucker Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.116 2017/11/25 06:46:22 dtucker Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *
@@ -377,7 +377,7 @@ conalloc(char *iname, char *oname, int keytype)
 	fdcon[s].c_len = 4;
 	fdcon[s].c_off = 0;
 	fdcon[s].c_keytype = keytype;
-	gettimeofday(&fdcon[s].c_tv, NULL);
+	monotime_tv(&fdcon[s].c_tv);
 	fdcon[s].c_tv.tv_sec += timeout;
 	TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
 	FD_SET(s, read_wait);
@@ -411,7 +411,7 @@ static void
 contouch(int s)
 {
 	TAILQ_REMOVE(&tq, &fdcon[s], c_link);
-	gettimeofday(&fdcon[s].c_tv, NULL);
+	monotime_tv(&fdcon[s].c_tv);
 	fdcon[s].c_tv.tv_sec += timeout;
 	TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link);
 }
@@ -545,7 +545,7 @@ conloop(void)
 	con *c;
 	int i;
 
-	gettimeofday(&now, NULL);
+	monotime_tv(&now);
 	c = TAILQ_FIRST(&tq);
 
 	if (c && (c->c_tv.tv_sec > now.tv_sec ||

sshconnect.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.287 2017/09/14 04:32:21 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.288 2017/11/25 06:46:22 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -344,7 +344,7 @@ waitrfd(int fd, int *timeoutp)
 	struct timeval t_start;
 	int oerrno, r;
 
-	gettimeofday(&t_start, NULL);
+	monotime_tv(&t_start);
 	pfd.fd = fd;
 	pfd.events = POLLIN;
 	for (; *timeoutp >= 0;) {