From patchwork Wed Aug 9 02:51:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "\(Exiting\) Baolin Wang" X-Patchwork-Id: 109688 Delivered-To: patch@linaro.org Received: by 10.140.95.78 with SMTP id h72csp282262qge; Tue, 8 Aug 2017 19:52:28 -0700 (PDT) X-Received: by 10.84.177.131 with SMTP id x3mr7117176plb.280.1502247148288; Tue, 08 Aug 2017 19:52:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1502247148; cv=none; d=google.com; s=arc-20160816; b=t1lpfYGsggOqKMdjH9fxJfbElotBrZ5Q3nHBGL3qDNt9QfzJtP9vARFnqmwqeNJ/vS T3UpI1GhTz9OJz4etS5yggMYWqZ+WX0MGs/cDi+vtHmM5mr85rzlmmEiq+179ec0Cd4z 1bmUdvi1XaYeiCk/jN/WNZuhHp6JkGj9+O6Yu8o2t/2DYZvLMJrBaXNO4r/wSjLZT+Z2 3p9iycqmG5ZrVjoLTMCuYF0SWETPST7//p6t5XWmtiZGhSAbuHL/x7nhIyl4z7BRyOo7 MHd6U4VRA/gquBmVYlNBGWvSqtYBD8oGOyNyaFtFPo2HvcC7+noOtfoCwmTd7w074et2 qe+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=wbinPBINF1U0UiGsg9TDap/8Cf7Ybf+c1no5ZDIuhz02l2Jl8QeexJxE+nSO3AQV0D Ob8ny1haNmFXXPHlSYiiyHDqz6s/QekbxMd93pd9VTGku19xtOxzCWpyWmzRH9AsnCHb THS53ebIJvvExXzR+qGA9XG5FYQO/73PUjXVNeQt0KH9oboL+ZtpnKzLYGk49+v8cPOe FS4v8dL9ITkfrFHqvFOaRTt4GzJq+YTBRCBrReER9DJQCPkA5+NSVJtuXtyqkPY1EfSy hyYmvWsA8CPbvu02SpiOwgsT4SyxMOQ3bOdr2yRozCt+G1qyaOevl7/Nj/an+Gr9x/m7 aOZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VAyzpjmd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b10si1914576pll.558.2017.08.08.19.52.27; Tue, 08 Aug 2017 19:52:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VAyzpjmd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752664AbdHICwZ (ORCPT + 25 others); Tue, 8 Aug 2017 22:52:25 -0400 Received: from mail-pg0-f45.google.com ([74.125.83.45]:36233 "EHLO mail-pg0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752665AbdHICwT (ORCPT ); Tue, 8 Aug 2017 22:52:19 -0400 Received: by mail-pg0-f45.google.com with SMTP id v77so22272631pgb.3 for ; Tue, 08 Aug 2017 19:52:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=VAyzpjmdVwfUbAdIMw3nR7IET6ficyakjebCAPY9ppAzjTIOhFvlIUbvaO1s4m8v3m GatgbYtewlJt52HUJW8B69OdNEqV/O01yJY1pTgw/bAaqf/Kr2KiXnpsO6lJJLb79uk+ igDtZggFVnXVeoODesxogtBGKuiDfyAlBNB3E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=PqrUJRhQvbG9A1juyjgkUlMzZXPrBlnCxU2ZDMRtJM97PG9xfeH+1qCj7E77A02kIO dRGArF4i1vKwcFmT/3d87NY4QeRcYFJiFg8gSKctUD22SW8T+6aa3BedTFbUs6EH/rKH uNnk33y4SvUc0wC54/fd8WsKN3Z0NRiINCiaDdrw4wRqr0+nUFmYVrJJXNjV/YU//BYE +waPnx9hau1F9hYXq3vBu/iKlCU9HKyjk/sUs5NfBSQNyX81/9g3JUNX6D9XQJlSKW/9 KsNKSzw1LWC7ALOaYEAULmC0eKTDJTfsc80fE/9CGEU0a7fn1Lsdnw65PMwnrj7jfait 5o2g== X-Gm-Message-State: AHYfb5g00ZvhaSPTh9k6K8yBO/Ut+szaAOtC39b5+sTkLcuABNRTCAvn ChC6IbykI/deltri X-Received: by 10.98.72.90 with SMTP id v87mr6745078pfa.337.1502247139221; Tue, 08 Aug 2017 19:52:19 -0700 (PDT) Received: from baolinwangubtpc.spreadtrum.com ([117.18.48.82]) by smtp.gmail.com with ESMTPSA id t64sm4435558pgd.80.2017.08.08.19.52.15 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 08 Aug 2017 19:52:18 -0700 (PDT) From: Baolin Wang To: dhowells@redhat.com, davem@davemloft.net Cc: james.l.morris@oracle.com, serge@hallyn.com, marc.dionne@auristor.com, dan.carpenter@oracle.com, Jason@zx2c4.com, arnd@arndb.de, broonie@kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, netdev@vger.kernel.org, baolin.wang@linaro.org Subject: [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type Date: Wed, 9 Aug 2017 10:51:32 +0800 Message-Id: <8ac57c96bf5a0695ecc67fd230440b0b9d15740f.1502246502.git.baolin.wang@linaro.org> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Since the 'expiry' variable of 'struct key_preparsed_payload' has been changed to 'time64_t' type, which is year 2038 safe on 32bits system. In net/rxrpc subsystem, we need convert 'u32' type to 'time64_t' type when copying ticket expires time to 'prep->expiry', then this patch introduces two helper functions to help convert 'u32' to 'time64_t' type. This patch also uses ktime_get_real_seconds() to get current time instead of get_seconds() which is not year 2038 safe on 32bits system. Signed-off-by: Baolin Wang --- include/keys/rxrpc-type.h | 21 +++++++++++++++++++++ net/rxrpc/ar-internal.h | 2 +- net/rxrpc/key.c | 22 ++++++++++++++-------- net/rxrpc/rxkad.c | 14 +++++++------- 4 files changed, 43 insertions(+), 16 deletions(-) -- 1.7.9.5 diff --git a/include/keys/rxrpc-type.h b/include/keys/rxrpc-type.h index 5de0673..76421e2 100644 --- a/include/keys/rxrpc-type.h +++ b/include/keys/rxrpc-type.h @@ -127,4 +127,25 @@ struct rxrpc_key_data_v1 { #define AFSTOKEN_K5_ADDRESSES_MAX 16 /* max K5 addresses */ #define AFSTOKEN_K5_AUTHDATA_MAX 16 /* max K5 pieces of auth data */ +/* + * truncate a time64_t to the range from 1970 to 2106 as + * in the network protocol + */ +static inline u32 rxrpc_time64_to_u32(time64_t time) +{ + if (time < 0) + return 0; + + if (time > UINT_MAX) + return UINT_MAX; + + return (u32)time; +} + +/* extend u32 back to time64_t using the same 1970-2106 range */ +static inline time64_t rxrpc_u32_to_time64(u32 time) +{ + return (time64_t)time; +} + #endif /* _KEYS_RXRPC_TYPE_H */ diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h index 69b9733..3c11443 100644 --- a/net/rxrpc/ar-internal.h +++ b/net/rxrpc/ar-internal.h @@ -894,7 +894,7 @@ void rxrpc_new_incoming_connection(struct rxrpc_sock *, int rxrpc_request_key(struct rxrpc_sock *, char __user *, int); int rxrpc_server_keyring(struct rxrpc_sock *, char __user *, int); -int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time_t, +int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time64_t, u32); /* diff --git a/net/rxrpc/key.c b/net/rxrpc/key.c index 5436922..e2d3661 100644 --- a/net/rxrpc/key.c +++ b/net/rxrpc/key.c @@ -92,6 +92,7 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep, const __be32 *xdr, unsigned int toklen) { struct rxrpc_key_token *token, **pptoken; + time64_t expiry; size_t plen; u32 tktlen; @@ -158,8 +159,9 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep, pptoken = &(*pptoken)->next) continue; *pptoken = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; _leave(" = 0"); return 0; @@ -433,6 +435,7 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep, struct rxrpc_key_token *token, **pptoken; struct rxk5_key *rxk5; const __be32 *end_xdr = xdr + (toklen >> 2); + time64_t expiry; int ret; _enter(",{%x,%x,%x,%x},%u", @@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep, pptoken = &(*pptoken)->next) continue; *pptoken = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; _leave(" = 0"); return 0; @@ -691,6 +695,7 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep) { const struct rxrpc_key_data_v1 *v1; struct rxrpc_key_token *token, **pp; + time64_t expiry; size_t plen; u32 kver; int ret; @@ -777,8 +782,9 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep) while (*pp) pp = &(*pp)->next; *pp = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; token = NULL; ret = 0; @@ -955,7 +961,7 @@ int rxrpc_server_keyring(struct rxrpc_sock *rx, char __user *optval, */ int rxrpc_get_server_data_key(struct rxrpc_connection *conn, const void *session_key, - time_t expiry, + time64_t expiry, u32 kvno) { const struct cred *cred = current_cred(); @@ -982,7 +988,7 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn, data.kver = 1; data.v1.security_index = RXRPC_SECURITY_RXKAD; data.v1.ticket_length = 0; - data.v1.expiry = expiry; + data.v1.expiry = rxrpc_time64_to_u32(expiry); data.v1.kvno = 0; memcpy(&data.v1.session_key, session_key, sizeof(data.v1.session_key)); diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 46d1a1f..34c86d2 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -854,7 +854,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, struct sk_buff *skb, void *ticket, size_t ticket_len, struct rxrpc_crypt *_session_key, - time_t *_expiry, + time64_t *_expiry, u32 *_abort_code) { struct skcipher_request *req; @@ -864,7 +864,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, struct in_addr addr; unsigned int life; const char *eproto; - time_t issue, now; + time64_t issue, now; bool little_endian; int ret; u32 abort_code; @@ -960,15 +960,15 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, if (little_endian) { __le32 stamp; memcpy(&stamp, p, 4); - issue = le32_to_cpu(stamp); + issue = rxrpc_u32_to_time64(le32_to_cpu(stamp)); } else { __be32 stamp; memcpy(&stamp, p, 4); - issue = be32_to_cpu(stamp); + issue = rxrpc_u32_to_time64(be32_to_cpu(stamp)); } p += 4; - now = get_seconds(); - _debug("KIV ISSUE: %lx [%lx]", issue, now); + now = ktime_get_real_seconds(); + _debug("KIV ISSUE: %llx [%llx]", issue, now); /* check the ticket is in date */ if (issue > now) { @@ -1053,7 +1053,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn, struct rxrpc_skb_priv *sp = rxrpc_skb(skb); struct rxrpc_crypt session_key; const char *eproto; - time_t expiry; + time64_t expiry; void *ticket; u32 abort_code, version, kvno, ticket_len, level; __be32 csum;