commit e046bf8db7bd4cf1bdaf518a12fe7559a86912f3
Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Date:   Sat Jun 1 17:20:05 2019 +0800

    sched/core: Check quota and period overflow at usec to nsec conversion

    [ Upstream commit 1a8b4540db732ca16c9e43ac7c08b1b8f0b252d8 ]

    Large values could overflow u64 and pass following sanity checks.

     # echo 18446744073750000 > cpu.cfs_period_us
     # cat cpu.cfs_period_us
     40448

     # echo 18446744073750000 > cpu.cfs_quota_us
     # cat cpu.cfs_quota_us
     40448

    After this patch they will fail with -EINVAL.

    Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
    Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Link: http://lkml.kernel.org/r/155125502079.293431.3947497929372138600.stgit@buzz
    Signed-off-by: Ingo Molnar <mingo@kernel.org>
    Signed-off-by: Sasha Levin <sashal@kernel.org>
    Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index c68880ed0590..16cbc1f58a63 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6620,8 +6620,10 @@ int tg_set_cfs_quota(struct task_group *tg, long cfs_quota_us)
        period = ktime_to_ns(tg->cfs_bandwidth.period);
        if (cfs_quota_us < 0)
                quota = RUNTIME_INF;
-       else
+       else if ((u64)cfs_quota_us <= U64_MAX / NSEC_PER_USEC)
                quota = (u64)cfs_quota_us * NSEC_PER_USEC;
+       else
+               return -EINVAL;

        return tg_set_cfs_bandwidth(tg, period, quota);
 }
@@ -6643,6 +6645,9 @@ int tg_set_cfs_period(struct task_group *tg, long cfs_period_us)
 {
        u64 quota, period;

+       if ((u64)cfs_period_us > U64_MAX / NSEC_PER_USEC)
+               return -EINVAL;
+
        period = (u64)cfs_period_us * NSEC_PER_USEC;
        quota = tg->cfs_bandwidth.quota;