| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Nov 2017 11:38:00 -0800
From: Kees Cook <keescook@...omium.org>
To: Arnd Bergmann <arnd@...db.de>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Anton Vorontsov <anton@...msg.org>,
Colin Cross <ccross@...roid.com>,
Tony Luck <tony.luck@...el.com>,
John Stultz <john.stultz@...aro.org>,
Stephen Boyd <sboyd@...eaurora.org>,
Ingo Molnar <mingo@...nel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] [v2] pstore: use ktime_get_real_fast_ns() instead of __getnstimeofday()
On Fri, Nov 10, 2017 at 7:25 AM, Arnd Bergmann <arnd@...db.de> wrote:
> I noticed that __getnstimeofday() is a rather odd interface, with
> a number of quirks:
>
> - The caller may come from NMI context, but the implementation is not NMI safe,
> one way to get there from NMI is
>
> NMI handler:
> something bad
> panic()
> kmsg_dump()
> pstore_dump()
> pstore_record_init()
> __getnstimeofday()
>
> - The calling conventions are different from any other timekeeping functions,
> to deal with returning an error code during suspended timekeeping.
> - The naming doesn't fit into the 'ktime_get_*()' scheme.
>
> This addresses the above issues by using a completely different
> method to get the time: ktime_get_real_fast_ns() is NMI safe and
> has a reasonable behavior when timekeeping is suspended: it returns
> the time at which it got suspended.
> We can easily transform the result into a timespec structure. Since
> ktime_get_real_fast_ns() was not exported to modules, I also add the
> export.
>
> The behavior for the suspended case changes slightly, we now return the
> time if we can find it out rather than setting it to zero. As Thomas
> Gleixner explained, this is still safe, as we won't attempt to
> call into the clocksource driver that might be suspended
>
> I'm not trying to address y2038-safety at this point, but plan to
> do that later with a more complex patch.
>
> Cc: Kees Cook <keescook@...omium.org>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> v2: improved changelog
> ---
> fs/pstore/platform.c | 5 +----
> kernel/time/timekeeping.c | 1 +
> 2 files changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c
> index e3c1332dfb4c..423159abd501 100644
> --- a/fs/pstore/platform.c
> +++ b/fs/pstore/platform.c
> @@ -482,10 +482,7 @@ void pstore_record_init(struct pstore_record *record,
> record->psi = psinfo;
>
> /* Report zeroed timestamp if called before timekeeping has resumed. */
> - if (__getnstimeofday(&record->time)) {
> - record->time.tv_sec = 0;
> - record->time.tv_nsec = 0;
> - }
> + record->time = ns_to_timespec(ktime_get_real_fast_ns());
> }
>
> /*
> diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
> index af139aa615ca..8f0d1857b78d 100644
> --- a/kernel/time/timekeeping.c
> +++ b/kernel/time/timekeeping.c
> @@ -536,6 +536,7 @@ u64 ktime_get_coarse_real_fast_ns(void)
> {
> return __ktime_get_real_fast_ns(&tk_fast_mono, true);
> }
> +EXPORT_SYMBOL_GPL(ktime_get_real_fast_ns);
I was going to add this to the pstore tree, but
ktime_get_real_fast_ns() doesn't exist. In which tree is
ktime_get_real_fast_ns() added? This should be carried there:
Acked-by: Kees Cook <keescook@...omium.org>
Thanks!
-Kees
>
> /**
> * halt_fast_timekeeper - Prevent fast timekeeper from accessing clocksource.
> --
> 2.9.0
>
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists