| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6672135f7db2ae6481b605d7d33f2265a562712f.camel@linux.ibm.com>
Date: Tue, 22 Aug 2023 12:59:15 +1000
From: Andrew Donnellan <ajd@...ux.ibm.com>
To: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@...il.com>,
masahiroy@...nel.org, bgray@...ux.ibm.com, n.schier@....de
Cc: linux-kernel@...r.kernel.org, keescook@...omium.org
Subject: Re: [PATCH v2] [next] initramfs: Parse KBUILD_BUILD_TIMESTAMP as
UTC date
On Tue, 2023-08-22 at 09:13 +1200, Paulo Miguel Almeida wrote:
> When KBUILD_BUILD_TIMESTAMP is specified, the date command will parse
> it to Unix Epoch time in UTC. However, the date command is
> timezone-aware so it will convert from the local timezone to UTC
> first
> which hits some of the sanity checks added on commit 5efb685bb3af1
> ("initramfs: Check negative timestamp to prevent broken cpio
> archive")
>
> This creates an edge case for the UTC+<N> part of the world. For
> instance
>
> - In New Zealand (UTC+12:00):
> $ date -d"1970-01-01" +%s
> -43200
>
> $ make KBUILD_BUILD_TIMESTAMP=1970-01-01
> make[1]: Entering directory '<snip>/linux/'
> GEN Makefile
> DESCEND objtool
> INSTALL libsubcmd_headers
> CALL ../scripts/checksyscalls.sh
> GEN usr/initramfs_data.cpio
> ERROR: Timestamp out of range for cpio format
> make[4]: *** [../usr/Makefile:76: usr/initramfs_data.cpio] Error
> 1
>
> - In Seattle, WA (UTC-07:00):
> $ date -d"1970-01-01" +%s
> 32400
>
> $ make KBUILD_BUILD_TIMESTAMP=1970-01-01
> <builds fine>
>
> Parse KBUILD_BUILD_TIMESTAMP date string as UTC so no localtime
> conversion is done, which fixes the edge case aforementioned
>
> Signed-off-by: Paulo Miguel Almeida
> <paulo.miguel.almeida.rodenas@...il.com>
Thanks!
Reviewed-by: Andrew Donnellan <ajd@...ux.ibm.com>
> ---
> Changelog:
>
> - v2: Document behaviour and way to override it on
> Documentation/kbuild/kbuild.rst. (Req: Andrew Donnellan)
>
> - v1:
> https://lore.kernel.org/lkml/ZMSdUS37BD5b%2Fdn7@mail.google.com/
> ---
> Documentation/kbuild/kbuild.rst | 9 ++++++++-
> usr/gen_initramfs.sh | 2 +-
> 2 files changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/kbuild/kbuild.rst
> b/Documentation/kbuild/kbuild.rst
> index bd906407e307..8c204186c762 100644
> --- a/Documentation/kbuild/kbuild.rst
> +++ b/Documentation/kbuild/kbuild.rst
> @@ -296,7 +296,14 @@ KBUILD_BUILD_TIMESTAMP
> Setting this to a date string overrides the timestamp used in the
> UTS_VERSION definition (uname -v in the running kernel). The value
> has to
> be a string that can be passed to date -d. The default value
> -is the output of the date command at one point during build.
> +is the output of the date command at one point during build. E.g.::
> +
> + $ make KBUILD_BUILD_TIMESTAMP="1991-08-25"
> +
> +By default, the value is interpreted as UTC. To override this,
> append
> +the desired timezone. E.g.::
> +
> + $ make KBUILD_BUILD_TIMESTAMP="1991-08-25 UTC+03:00"
>
> KBUILD_BUILD_USER, KBUILD_BUILD_HOST
> ------------------------------------
> diff --git a/usr/gen_initramfs.sh b/usr/gen_initramfs.sh
> index 14b5782f961a..a90316d9a080 100755
> --- a/usr/gen_initramfs.sh
> +++ b/usr/gen_initramfs.sh
> @@ -221,7 +221,7 @@ while [ $# -gt 0 ]; do
> shift
> ;;
> "-d") # date for file mtimes
> - timestamp="$(date -d"$1" +%s || :)"
> + timestamp="$(date -d"$1" -u +%s || :)"
> if test -n "$timestamp"; then
> timestamp="-t $timestamp"
> fi
--
Andrew Donnellan OzLabs, ADL Canberra
ajd@...ux.ibm.com IBM Australia Limited
Powered by blists - more mailing lists