From e72518128f35856ef65c37f06dc8a1330e0c16a7 Mon Sep 17 00:00:00 2001
From: dlg <dlg@openbsd.org>
Date: Mon, 5 Aug 2024 23:51:11 +0000
Subject: [PATCH] change the nsec argument to timeout_add_nsec from int to
 uint64_t

you can only fit a couple of nanonseconds into an int, which limited
the usefulness of the api. worse, if a large nsec value was passed
in it could be cast to a negative int value which tripped over a
KASSERT at the top of timeout_add that ends up being called. avoid
this footgun by working in the bigger type and doing the same range
checks/fixes for other timeout_add wrappers.

ok claudio@ mvs@
---
 sys/kern/kern_timeout.c | 11 +++++++----
 sys/sys/timeout.h       |  4 ++--
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/sys/kern/kern_timeout.c b/sys/kern/kern_timeout.c
index cdc30cb20c5..04154542902 100644
--- a/sys/kern/kern_timeout.c
+++ b/sys/kern/kern_timeout.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_timeout.c,v 1.97 2024/02/23 16:51:39 cheloha Exp $	*/
+/*	$OpenBSD: kern_timeout.c,v 1.98 2024/08/05 23:51:11 dlg Exp $	*/
 /*
  * Copyright (c) 2001 Thomas Nordin <nordin@openbsd.org>
  * Copyright (c) 2000-2001 Artur Grabowski <art@openbsd.org>
@@ -386,14 +386,17 @@ timeout_add_usec(struct timeout *to, int usecs)
 }
 
 int
-timeout_add_nsec(struct timeout *to, int nsecs)
+timeout_add_nsec(struct timeout *to, uint64_t nsecs)
 {
-	int to_ticks = nsecs / (tick * 1000);
+	uint64_t to_ticks;
 
+	to_ticks = nsecs / (tick * 1000);
+	if (to_ticks > INT_MAX)
+	    to_ticks = INT_MAX;
 	if (to_ticks == 0 && nsecs > 0)
 		to_ticks = 1;
 
-	return timeout_add(to, to_ticks);
+	return timeout_add(to, (int)to_ticks);
 }
 
 int
diff --git a/sys/sys/timeout.h b/sys/sys/timeout.h
index f8f9baf1bb6..0000705b710 100644
--- a/sys/sys/timeout.h
+++ b/sys/sys/timeout.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: timeout.h,v 1.48 2023/10/12 15:32:38 cheloha Exp $	*/
+/*	$OpenBSD: timeout.h,v 1.49 2024/08/05 23:51:11 dlg Exp $	*/
 /*
  * Copyright (c) 2000-2001 Artur Grabowski <art@openbsd.org>
  * All rights reserved. 
@@ -110,7 +110,7 @@ int timeout_add_tv(struct timeout *, const struct timeval *);
 int timeout_add_sec(struct timeout *, int);
 int timeout_add_msec(struct timeout *, int);
 int timeout_add_usec(struct timeout *, int);
-int timeout_add_nsec(struct timeout *, int);
+int timeout_add_nsec(struct timeout *, uint64_t);
 
 int timeout_abs_ts(struct timeout *, const struct timespec *);
 
-- 
2.20.1