Subject: x86/tsc: Prevent result truncation on 32 bit From: Chuanhua Lei chuanhua.lei@linux.intel.com Date: Thu Sep 6 18:03:23 2018 +0800

From: Chuanhua Lei chuanhua.lei@linux.intel.com

Commit 17f6bac2249356c795339e03a0742cd79be3cab8 upstream.

Loops per jiffy is calculated by multiplying tsc_khz with 1e3 and then dividing it by HZ.

Both tsc_khz and the temporary variable holding the multiplication result are of type unsigned long, so on 32bit the result is truncated to the lower 32bit.

Use u64 as type for the temporary variable and cast tsc_khz to it before multiplying.

[ tglx: Backport to stable. Due to massive code changes is the upstream commit not applicable anymore. The issue has gone unnoticed in kernels pre 4.19 because the bogus LPJ value gets fixed up in a later stage of early boot, but it still might cause subtle and hard to debug issues between these two points. ]

Fixes: dd759d93f4dd ("x86/timers: Add simple udelay calibration") Signed-off-by: Chuanhua Lei chuanhua.lei@linux.intel.com Signed-off-by: Thomas Gleixner tglx@linutronix.de Cc: yixin.zhu@linux.intel.com Cc: "H. Peter Anvin" hpa@zytor.com Cc: Peter Zijlstra peterz@infradead.org Cc: Len Brown len.brown@intel.com Cc: Pavel Tatashin pavel.tatashin@microsoft.com Cc: Rajvi Jingar rajvi.jingar@intel.com Cc: Dou Liyang douly.fnst@cn.fujitsu.com Cc: Ville Syrjala ville.syrjala@linux.intel.com Link: https://lkml.kernel.org/r/1536228203-18701-1-git-send-email-chuanhua.lei@lin...

--- arch/x86/kernel/tsc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/arch/x86/kernel/tsc.c +++ b/arch/x86/kernel/tsc.c @@ -1343,7 +1343,7 @@ device_initcall(init_tsc_clocksource);

void __init tsc_early_delay_calibrate(void) { - unsigned long lpj; + u64 lpj;

if (!boot_cpu_has(X86_FEATURE_TSC)) return; @@ -1355,7 +1355,7 @@ void __init tsc_early_delay_calibrate(vo if (!tsc_khz) return;

- lpj = tsc_khz * 1000; + lpj = (u64)tsc_khz * 1000; do_div(lpj, HZ); loops_per_jiffy = lpj; }