lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAGXu5jJ9OR0zATfz60PZq3wZU=ptm4kdDFG10DcSy=_ZeftRnA@mail.gmail.com>
Date:	Fri, 5 Jun 2015 13:04:09 -0700
From:	Kees Cook <keescook@...omium.org>
To:	Baolin Wang <baolin.wang@...aro.org>
Cc:	Serge Hallyn <serge.hallyn@...onical.com>,
	Arnd Bergmann <arnd@...db.de>,
	Greg KH <gregkh@...uxfoundation.org>,
	LKML <linux-kernel@...r.kernel.org>,
	James Morris <james.l.morris@...cle.com>,
	"Serge E. Hallyn" <serge@...lyn.com>,
	Paul Moore <pmoore@...hat.com>, Takashi Iwai <tiwai@...e.de>,
	Jeffrey Vander Stoep <jeffv@...gle.com>,
	jlayton@...marydata.com, Stephen Smalley <sds@...ho.nsa.gov>,
	mark.d.rustad@...el.com,
	linux-security-module <linux-security-module@...r.kernel.org>,
	y2038@...ts.linaro.org
Subject: Re: [PATCH v4 04/25] security/security: Introduce security_settime64()
 function with timespec64 type

On Mon, Jun 1, 2015 at 4:52 AM, Baolin Wang <baolin.wang@...aro.org> wrote:
> For introducing the do_sys_settimeofday64() function with
> timespec64 type to make it ready for 2038 issue, it need to
> introduce the security_settime64() function with timespec64
> type firstly.
>
> Also introduce a default security_settime64() function with
> timespec64 type when it hasn't defined the CONFIG_SECURITY macro.
>
> Also this patch changes the "settime" pointer's argument with
> timespec64 type in security_operations structure for introducing
> the the security_settime64() function.
>
> Meanwhile moves the security_settime() defined in
> security/security.c file to include/linux/security.h file as a
> static function, that makes it convenient to delete the
> security_settime() later.
>
> And change the cap_settime() function's argument with timespec64
> type to make it ready for 2038 issue, which is only used by
> security_settime64()/security_settime() function.
>
> Signed-off-by: Baolin Wang <baolin.wang@...aro.org>
> ---
>  include/linux/security.h |   25 ++++++++++++++++++++-----
>  security/commoncap.c     |    2 +-
>  security/security.c      |    2 +-
>  3 files changed, 22 insertions(+), 7 deletions(-)

We certainly want this in, but this area has been rather radically
refactored recently. Can you rebase this patch against security-next?

Thanks!

-Kees

>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index a1b7dbd..5288794 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -75,7 +75,7 @@ struct timezone;
>   */
>  extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
>                        int cap, int audit);
> -extern int cap_settime(const struct timespec *ts, const struct timezone *tz);
> +extern int cap_settime(const struct timespec64 *ts, const struct timezone *tz);
>  extern int cap_ptrace_access_check(struct task_struct *child, unsigned int mode);
>  extern int cap_ptrace_traceme(struct task_struct *parent);
>  extern int cap_capget(struct task_struct *target, kernel_cap_t *effective, kernel_cap_t *inheritable, kernel_cap_t *permitted);
> @@ -1353,7 +1353,8 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
>   *     Return 0 if permission is granted.
>   * @settime:
>   *     Check permission to change the system time.
> - *     struct timespec and timezone are defined in include/linux/time.h
> + *     struct timespec64 is defined in include/linux/time64.h and timezone is
> + *     defined in include/linux/time.h
>   *     @ts contains new time
>   *     @tz contains new timezone
>   *     Return 0 if permission is granted.
> @@ -1483,7 +1484,7 @@ struct security_operations {
>         int (*quotactl) (int cmds, int type, int id, struct super_block *sb);
>         int (*quota_on) (struct dentry *dentry);
>         int (*syslog) (int type);
> -       int (*settime) (const struct timespec *ts, const struct timezone *tz);
> +       int (*settime) (const struct timespec64 *ts, const struct timezone *tz);
>         int (*vm_enough_memory) (struct mm_struct *mm, long pages);
>
>         int (*bprm_set_creds) (struct linux_binprm *bprm);
> @@ -1790,7 +1791,13 @@ int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns,
>  int security_quotactl(int cmds, int type, int id, struct super_block *sb);
>  int security_quota_on(struct dentry *dentry);
>  int security_syslog(int type);
> -int security_settime(const struct timespec *ts, const struct timezone *tz);
> +int security_settime64(const struct timespec64 *ts, const struct timezone *tz);
> +static int security_settime(const struct timespec *ts, const struct timezone *tz)
> +{
> +       struct timespec64 ts64 = timespec_to_timespec64(*ts);
> +
> +       return security_settime64(&ts64, tz);
> +}
>  int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
>  int security_bprm_set_creds(struct linux_binprm *bprm);
>  int security_bprm_check(struct linux_binprm *bprm);
> @@ -2040,10 +2047,18 @@ static inline int security_syslog(int type)
>         return 0;
>  }
>
> +static inline int security_settime64(const struct timespec64 *ts,
> +                                    const struct timezone *tz)
> +{
> +       return cap_settime(ts, tz);
> +}
> +
>  static inline int security_settime(const struct timespec *ts,
>                                    const struct timezone *tz)
>  {
> -       return cap_settime(ts, tz);
> +       struct timsepc64 ts64 = timespec_to_timespec64(*ts);
> +
> +       return cap_settime(&ts64, tz);
>  }
>
>  static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
> diff --git a/security/commoncap.c b/security/commoncap.c
> index f66713b..bdb8ec0 100644
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> @@ -116,7 +116,7 @@ int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
>   * Determine whether the current process may set the system clock and timezone
>   * information, returning 0 if permission granted, -ve if denied.
>   */
> -int cap_settime(const struct timespec *ts, const struct timezone *tz)
> +int cap_settime(const struct timespec64 *ts, const struct timezone *tz)
>  {
>         if (!capable(CAP_SYS_TIME))
>                 return -EPERM;
> diff --git a/security/security.c b/security/security.c
> index e81d5bb..0be5032 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -224,7 +224,7 @@ int security_syslog(int type)
>         return security_ops->syslog(type);
>  }
>
> -int security_settime(const struct timespec *ts, const struct timezone *tz)
> +int security_settime64(const struct timespec64 *ts, const struct timezone *tz)
>  {
>         return security_ops->settime(ts, tz);
>  }
> --
> 1.7.9.5
>



-- 
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ