From patchwork Thu Oct 19 09:53:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 116352 Delivered-To: patch@linaro.org Received: by 10.140.22.164 with SMTP id 33csp293411qgn; Thu, 19 Oct 2017 02:54:35 -0700 (PDT) X-Google-Smtp-Source: ABhQp+T5bqHsQjO2wH3TDkdJ3VXVoDA4xHfGmzYqKL5ebE54WUIZHiYzTa4S+xi53lxVg8enMf84 X-Received: by 10.98.68.144 with SMTP id m16mr959647pfi.343.1508406875911; Thu, 19 Oct 2017 02:54:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1508406875; cv=none; d=google.com; s=arc-20160816; b=u/uOUH1PkM8gzPIgLAt2yW7EnuV0pyC/Ilawh9X8VY2QzsCb0+c0IccEFpy5P4zplC JymNvZRjILSJXM6ft6AXacErS5WKb0q+1SPW2yjmqlZG3O6YRBd0DHwjECWVgivXzqPE PJqa2NHWoh3HkH4n+aKgCbWPr59j8qMJVpTmyd4YHGCaBvo89g9fclH8wyPGbI5OUCu1 1+XFYp5HKuCDwcf+qqsN4vaXc8UuDNxXBDcrYjSDhPLOUUZAKqU8239Pn67/RzAthGu7 9edmqHMSkV6xOyDE7qOHNRoDiPBAG3Nrr+Vv6ZRvWEY5ZVL7J2kiFwHo7isbzDZp6m3x lb4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :arc-authentication-results; bh=qUqEaP+RZVgAizXbRfNEspMnCsj77yicLCmWzeyNfjw=; b=byb/mOulfK7dzQKZ4j0o0viQjDGgstZgPpV/J4kavDSh7tXK/odqwfrSTHeNfSed8B 7HmA0pVwkV0SAEdCl+CWgL7RKWn73dpqC1/Tum0hTtR+DP0XDCYQC7RiBBkccsXYArK8 mhMFaWaQrkCCRy7neBsUHH5evL2knCnKSQuqF7f+788gfzsJSjJ02ctyvOqMU0Dy09Kw B0tGw4tJCgzRCqLoqR/a/p0iVyqoRT+tP3nKqKiRZgLSo0cr/ZpA3mMqFpGMDl9Ed6/j hJ4OCfSLUe0c0bTdRdQZwlekoRgTCJy7dU2ryL16kvQCmJcobGRvlXnqUSsPOzhzlwi/ ZdtA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v84si8274465pgb.825.2017.10.19.02.54.35; Thu, 19 Oct 2017 02:54:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752707AbdJSJyd (ORCPT + 27 others); Thu, 19 Oct 2017 05:54:33 -0400 Received: from mout.kundenserver.de ([212.227.126.134]:57847 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752118AbdJSJyb (ORCPT ); Thu, 19 Oct 2017 05:54:31 -0400 Received: from wuerfel.lan ([46.223.139.202]) by mrelayeu.kundenserver.de (mreue007 [212.227.15.129]) with ESMTPA (Nemesis) id 0Ld8Mf-1dNVFi19hR-00iXQU; Thu, 19 Oct 2017 11:54:11 +0200 From: Arnd Bergmann To: Kentaro Takeda , Tetsuo Handa , James Morris , "Serge E. Hallyn" Cc: y2038@lists.linaro.org, Deepa Dinamani , Arnd Bergmann , Ingo Molnar , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] tomoyo: fix timestamping for y2038 Date: Thu, 19 Oct 2017 11:53:40 +0200 Message-Id: <20171019095405.689783-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 X-Provags-ID: V03:K0:0ZoMa8/mIFmyFoEqg/up87V908h0fbIAtizvvn6frJ5IPX5Ekei RjlmmRyUa4iuv2leygxm32H5DoIu9cQhhesUc9jpM5EhQOGpQtBOUCMk80Yr3FT/RTOZ1ko mPKW3XYTT4MruKdJZjobSc5cnWlXJ7xTRKMpCzN4TUwiw1mTs9fxTZJyq6evGvyUOOUMjyA UwZUyvYOItr9+eZFqYN/Q== X-UI-Out-Filterresults: notjunk:1; V01:K0:qHFLHt73v98=:1V3RolG6IFI5H3qSrw87Am Om/u7p47XdsNwl4+Jv+SHftHrvTcVRY4G6q5C2Kisgb5xt3CsR9uvrud89WK4YVaurt32Uq1+ Lb6nAQoDk+B1z+/5Lzi/qxkD30rooEbPbnZghmcFOjG58nVQQ01oVWJHbRT4HrYddFDg7nAr7 g6uIywBVtz3z4SjtGh57AMqr/Yo2P5J7SBYU99NDTNgclKyWEAiW6bVwxWNz7McDBsiPiB3R6 V7w6IsQBFus7jqnZ2zPgtOwkbbcxf59naOoia/LjLSfEr+3f5W1IMMkANzwyMDutfUR3SFZiq rCO5J2V/jeOWbEGy4+IPpBIEHLi3K6yzSjL1IdM12Cl0ws9U3CHNLnrDySc/jWJGVSudEvlTy 6uTC0MSRrybiJQt5iEDxYDQPseZeSND6lHYPd8QhU/7QGlyLTowpvILlEm9O2VceIJ1BpPWeV 1bXOEHPcbuKAiao2qEQmy5akQsRsqANY5aLpOeuCIh+AI4KD8D4ateMraFCpWRtTSv0Vdd8F6 btvW5afQtxuQTFATIwFkXvIK+EVb3phW5N/i/7KSGNTfi+C/Yiv083PhsScsWP/1NWlOGGtFX jfSyuAESGg8rcekyFP/bw5/S5RNwBHjYtyIYtpUne/rpPhjT3LuNDuELYMon9KG/U+l972+ko N31Gtr8wj8Yi+96fEODTjuM3uUqjlGzQSRZ/OIvscopDh5Z8tTfXXzN1CR1DMPjcZQlCGKbFQ apPDMrc9JTndsNhDPwgWmcEHZZsWu/FNaTfpCg== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Tomoyo uses an open-coded version of time_to_tm() to create a timestamp from the current time as read by get_seconds(). This will overflow and give wrong results on 32-bit systems in 2038. To correct this, this changes the code to use ktime_get_real_seconds() and the generic time64_to_tm() function that are both y2038-safe. Using the library function avoids adding an expensive 64-bit division in this code and can benefit from any optimizations we do in common code. Signed-off-by: Arnd Bergmann --- security/tomoyo/audit.c | 2 +- security/tomoyo/common.c | 4 ++-- security/tomoyo/common.h | 2 +- security/tomoyo/util.c | 39 +++++++++------------------------------ 4 files changed, 13 insertions(+), 34 deletions(-) -- 2.9.0 Acked-by: Tetsuo Handa diff --git a/security/tomoyo/audit.c b/security/tomoyo/audit.c index 3ffa4f5509d8..a51edfbe593b 100644 --- a/security/tomoyo/audit.c +++ b/security/tomoyo/audit.c @@ -156,7 +156,7 @@ static char *tomoyo_print_header(struct tomoyo_request_info *r) if (!buffer) return NULL; - tomoyo_convert_time(get_seconds(), &stamp); + tomoyo_convert_time(ktime_get_real_seconds(), &stamp); pos = snprintf(buffer, tomoyo_buffer_len - 1, "#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s " diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index e0fb75052550..c19970db89c4 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -2256,7 +2256,7 @@ static const char * const tomoyo_memory_headers[TOMOYO_MAX_MEMORY_STAT] = { /* Timestamp counter for last updated. */ static unsigned int tomoyo_stat_updated[TOMOYO_MAX_POLICY_STAT]; /* Counter for number of updates. */ -static unsigned int tomoyo_stat_modified[TOMOYO_MAX_POLICY_STAT]; +static time64_t tomoyo_stat_modified[TOMOYO_MAX_POLICY_STAT]; /** * tomoyo_update_stat - Update statistic counters. @@ -2271,7 +2271,7 @@ void tomoyo_update_stat(const u8 index) * I don't use atomic operations because race condition is not fatal. */ tomoyo_stat_updated[index]++; - tomoyo_stat_modified[index] = get_seconds(); + tomoyo_stat_modified[index] = ktime_get_real_seconds(); } /** diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index 361e7a284699..d9628d1635b2 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h @@ -1036,7 +1036,7 @@ void tomoyo_check_acl(struct tomoyo_request_info *r, bool (*check_entry) (struct tomoyo_request_info *, const struct tomoyo_acl_info *)); void tomoyo_check_profile(void); -void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp); +void tomoyo_convert_time(time64_t time, struct tomoyo_time *stamp); void tomoyo_del_condition(struct list_head *element); void tomoyo_fill_path_info(struct tomoyo_path_info *ptr); void tomoyo_get_attributes(struct tomoyo_obj_info *obj); diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 848317fea704..db7a978ab4a4 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -86,38 +86,17 @@ const u8 tomoyo_index2category[TOMOYO_MAX_MAC_INDEX] = { * @stamp: Pointer to "struct tomoyo_time". * * Returns nothing. - * - * This function does not handle Y2038 problem. */ -void tomoyo_convert_time(time_t time, struct tomoyo_time *stamp) +void tomoyo_convert_time(time64_t time64, struct tomoyo_time *stamp) { - static const u16 tomoyo_eom[2][12] = { - { 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365 }, - { 31, 60, 91, 121, 152, 182, 213, 244, 274, 305, 335, 366 } - }; - u16 y; - u8 m; - bool r; - stamp->sec = time % 60; - time /= 60; - stamp->min = time % 60; - time /= 60; - stamp->hour = time % 24; - time /= 24; - for (y = 1970; ; y++) { - const unsigned short days = (y & 3) ? 365 : 366; - if (time < days) - break; - time -= days; - } - r = (y & 3) == 0; - for (m = 0; m < 11 && time >= tomoyo_eom[r][m]; m++) - ; - if (m) - time -= tomoyo_eom[r][m - 1]; - stamp->year = y; - stamp->month = ++m; - stamp->day = ++time; + struct tm tm; + time64_to_tm(time64, 0, &tm); + stamp->sec = tm.tm_sec; + stamp->min = tm.tm_min; + stamp->hour = tm.tm_hour; + stamp->day = tm.tm_mday; + stamp->month = tm.tm_mon + 1; + stamp->year = tm.tm_year - (1970 - 1900); } /**