futimens(2), futimes(2), utimensat(2), utimes(2): Validate input at copyin
Currently we validate time input for all four of these syscalls in the
workhorse function dovutimens(). This is bad because both futimes(2)
and utimes(2) have input as timevals that need to be converted to
timespecs. This multiplication can overflow to create a "valid"
input, e.g. if tv_usec is equal to 2^61 (invalid value) on a platform
with 64-bit longs, the resulting tv_nsec is equal to zero (valid value).
This is also a bit wasteful. We aquire a vnode and do other work
under KERNEL_LOCK only to release the vnode when the time input is
invalid.
So, duplicate a bit of code to validate the time inputs before we do
any conversions or real VFS work.
probably still ok tedu@ deraadt@
UnifiedSplitRaw