From patchwork Wed Aug 9 02:51:30 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "\(Exiting\) Baolin Wang" X-Patchwork-Id: 109687 Delivered-To: patch@linaro.org Received: by 10.140.95.78 with SMTP id h72csp282181qge; Tue, 8 Aug 2017 19:52:22 -0700 (PDT) X-Received: by 10.84.134.129 with SMTP id 1mr7273278plh.449.1502247141948; Tue, 08 Aug 2017 19:52:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1502247141; cv=none; d=google.com; s=arc-20160816; b=iW2dANT8ZUmrZOLgcAE5cixAWtRDaYA5wnSaj7suOgqGhWKJdXPRjzGbI4g6IQuKj1 5n3fmNW8OAbrPZklSyI8kdbxC9HY/BP5pu5FnGX/+/k/EI7kT7l1qVaIhrv0UQ19zrPj VIQW7h4F3dqTiZ7iYTqJO7JnBp9JnwqYBOUWcSnlqAzeSCx1Amf7DJOk38ZhS5IizM8G MNcZruzIX1cGekRrV+EZAyvdaC6x0/lwZ+jO1HfdkRmwjdhqwB/l1Z8oPl6pv6OKqF8h eaX1z7nsjwjHU4Qris1UANm33foG+QCUGsOo8QcwSEOhlZ2DhBc+EV5iDI60C7Idfyvj WwSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=pWx2FW7vkRgSneSG4M7i3KvrB4Rai63otuf6+gdO1qk=; b=B7dQ8a8LQI70BHPzRERReQFuTrD5jNukFE/7NcgxaELCWwfjhqsIbk3RJy7b5w+TZE yqdSTTHZ+MC1iN1sx19g9aJ/iOqUKKnIFelD1tZcqmQ1ZgCk19h1QjZ87D1awH9d3QHo SqDmvUCTGmsf4UUQbuBhPJV9BlGkPQAtOME+EPu43dowDqP9m9Q04JVUaVueLnRAE3S0 qrXEm0+qUNOQUzY7MsdFeEPBa+tNjLraDCGdu1LlBsY6DyRL5xx8hwiuyfV7kfAX6Amh JJoP1CcOCvtMmnTCTIfz5a0jCH7W3c63SMde1G8D7qyQZDTVkZjtH3v39TGXFPJ7eWYS rxig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MT3T2yGz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 91si1943022plb.241.2017.08.08.19.52.21; Tue, 08 Aug 2017 19:52:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=MT3T2yGz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752661AbdHICwQ (ORCPT + 25 others); Tue, 8 Aug 2017 22:52:16 -0400 Received: from mail-pg0-f51.google.com ([74.125.83.51]:34300 "EHLO mail-pg0-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752568AbdHICwK (ORCPT ); Tue, 8 Aug 2017 22:52:10 -0400 Received: by mail-pg0-f51.google.com with SMTP id u185so22353150pgb.1 for ; Tue, 08 Aug 2017 19:52:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=pWx2FW7vkRgSneSG4M7i3KvrB4Rai63otuf6+gdO1qk=; b=MT3T2yGzrpcjlWQzBeACsjFbdNrLUCPGz6FW+3KOgK3aLXHdcyZOxfucuHdVvUNO1C p34oOmx+ycEUzxA8MftY29mTC2usXbG27m4MroUk815wFT+NVllHUVz21nYR8Cn6p+iM fNGefGMEQi2c9HCxFFNfRCb2Tql3QylleLMP4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=pWx2FW7vkRgSneSG4M7i3KvrB4Rai63otuf6+gdO1qk=; b=Drq2RFQNmxEyfeH8AUZIXtrc4I/s1r51l46mQjkal4+/CvH5sOZQR7nbpJ32CUijyp cr7INatxjAkHD+H0LlYJpPq6Ncjh1TcGQ8zTAryiZOBEH9MqN2FimekwM9tu8mHP/W1F Ohs0CISXkSpR+r/kktGWBKCVuCX3bprrWt3H2BdXOMDlNY0OR0XIgY6bqQk2u7tXtT0A K+aXC1EkA3eb9B4dqYdis/0+fmQz/TtvowMTXYQJTxqKgrtMCxfgNsMAJ37DSkA9fzdX I+HyMJo4y7tfApSXjd6LJoPf5GuP0JEW7mgtnyr4vQ0Ar8AYQHM5pdbaovjmzlnEKZAb YKsQ== X-Gm-Message-State: AHYfb5jHRWmcgHkshw5XbDUQLnL88GRjdsmOwEcfx/9C+yedEwoEaBj/ G2s1zYLbJAB+dHn3 X-Received: by 10.84.195.131 with SMTP id j3mr7019040pld.147.1502247130054; Tue, 08 Aug 2017 19:52:10 -0700 (PDT) Received: from baolinwangubtpc.spreadtrum.com ([117.18.48.82]) by smtp.gmail.com with ESMTPSA id t64sm4435558pgd.80.2017.08.08.19.52.05 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 08 Aug 2017 19:52:09 -0700 (PDT) From: Baolin Wang To: dhowells@redhat.com, davem@davemloft.net Cc: james.l.morris@oracle.com, serge@hallyn.com, marc.dionne@auristor.com, dan.carpenter@oracle.com, Jason@zx2c4.com, arnd@arndb.de, broonie@kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, netdev@vger.kernel.org, baolin.wang@linaro.org Subject: [PATCH 1/3] security: keys: Replace time_t/timespec with time64_t Date: Wed, 9 Aug 2017 10:51:30 +0800 Message-Id: X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The 'struct key' will use 'time_t' which we try to remove in the kernel, since 'time_t' is not year 2038 safe on 32bit systems. Also the 'struct keyring_search_context' will use 'timespec' type to record current time, which is also not year 2038 safe on 32bit systems. Thus this patch replaces 'time_t' with 'time64_t' which is year 2038 safe for 'struct key', and replace 'timespec' with 'time64_t' for the 'struct keyring_search_context', since we only look at the the seconds part of 'timespec' variable. Moreover we also change the codes where using the 'time_t' and 'timespec', and we can get current time by ktime_get_real_seconds() instead of current_kernel_time(), and use 'TIME64_MAX' macro to initialize the 'time64_t' type variable. Especially in proc.c file, we have replaced 'unsigned long' and 'timespec' type with 'u64' and 'time64_t' type to save the timeout value, which means user will get one 'u64' type timeout value by issuing proc_keys_show() function. Signed-off-by: Baolin Wang --- include/linux/key.h | 7 ++++--- security/keys/gc.c | 20 ++++++++++---------- security/keys/internal.h | 8 ++++---- security/keys/key.c | 19 ++++++------------- security/keys/keyring.c | 18 +++++++++--------- security/keys/permission.c | 3 +-- security/keys/proc.c | 20 ++++++++++---------- security/keys/process_keys.c | 2 +- 8 files changed, 45 insertions(+), 52 deletions(-) -- 1.7.9.5 diff --git a/include/linux/key.h b/include/linux/key.h index 0441141..6d10f84 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -24,6 +24,7 @@ #include #include #include +#include #ifdef __KERNEL__ #include @@ -157,10 +158,10 @@ struct key { struct key_user *user; /* owner of this key */ void *security; /* security data for this key */ union { - time_t expiry; /* time at which key expires (or 0) */ - time_t revoked_at; /* time at which key was revoked */ + time64_t expiry; /* time at which key expires (or 0) */ + time64_t revoked_at; /* time at which key was revoked */ }; - time_t last_used_at; /* last time used for LRU keyring discard */ + time64_t last_used_at; /* last time used for LRU keyring discard */ kuid_t uid; kgid_t gid; key_perm_t perm; /* access permissions */ diff --git a/security/keys/gc.c b/security/keys/gc.c index 87cb260..c99700e 100644 --- a/security/keys/gc.c +++ b/security/keys/gc.c @@ -32,7 +32,7 @@ static void key_gc_timer_func(unsigned long); static DEFINE_TIMER(key_gc_timer, key_gc_timer_func, 0, 0); -static time_t key_gc_next_run = LONG_MAX; +static time64_t key_gc_next_run = TIME64_MAX; static struct key_type *key_gc_dead_keytype; static unsigned long key_gc_flags; @@ -53,12 +53,12 @@ struct key_type key_type_dead = { * Schedule a garbage collection run. * - time precision isn't particularly important */ -void key_schedule_gc(time_t gc_at) +void key_schedule_gc(time64_t gc_at) { unsigned long expires; - time_t now = current_kernel_time().tv_sec; + time64_t now = ktime_get_real_seconds(); - kenter("%ld", gc_at - now); + kenter("%lld", gc_at - now); if (gc_at <= now || test_bit(KEY_GC_REAP_KEYTYPE, &key_gc_flags)) { kdebug("IMMEDIATE"); @@ -87,7 +87,7 @@ void key_schedule_gc_links(void) static void key_gc_timer_func(unsigned long data) { kenter(""); - key_gc_next_run = LONG_MAX; + key_gc_next_run = TIME64_MAX; key_schedule_gc_links(); } @@ -184,11 +184,11 @@ static void key_garbage_collector(struct work_struct *work) struct rb_node *cursor; struct key *key; - time_t new_timer, limit; + time64_t new_timer, limit; kenter("[%lx,%x]", key_gc_flags, gc_state); - limit = current_kernel_time().tv_sec; + limit = ktime_get_real_seconds(); if (limit > key_gc_delay) limit -= key_gc_delay; else @@ -204,7 +204,7 @@ static void key_garbage_collector(struct work_struct *work) gc_state |= KEY_GC_REAPING_DEAD_1; kdebug("new pass %x", gc_state); - new_timer = LONG_MAX; + new_timer = TIME64_MAX; /* As only this function is permitted to remove things from the key * serial tree, if cursor is non-NULL then it will always point to a @@ -235,7 +235,7 @@ static void key_garbage_collector(struct work_struct *work) if (gc_state & KEY_GC_SET_TIMER) { if (key->expiry > limit && key->expiry < new_timer) { - kdebug("will expire %x in %ld", + kdebug("will expire %x in %lld", key_serial(key), key->expiry - limit); new_timer = key->expiry; } @@ -276,7 +276,7 @@ static void key_garbage_collector(struct work_struct *work) */ kdebug("pass complete"); - if (gc_state & KEY_GC_SET_TIMER && new_timer != (time_t)LONG_MAX) { + if (gc_state & KEY_GC_SET_TIMER && new_timer != (time64_t)TIME64_MAX) { new_timer += key_gc_delay; key_schedule_gc(new_timer); } diff --git a/security/keys/internal.h b/security/keys/internal.h index 91bc621..e23ffbc 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -130,7 +130,7 @@ struct keyring_search_context { int skipped_ret; bool possessed; key_ref_t result; - struct timespec now; + time64_t now; }; extern bool key_default_cmp(const struct key *key, @@ -169,10 +169,10 @@ extern key_ref_t lookup_user_key(key_serial_t id, unsigned long flags, extern struct work_struct key_gc_work; extern unsigned key_gc_delay; -extern void keyring_gc(struct key *keyring, time_t limit); +extern void keyring_gc(struct key *keyring, time64_t limit); extern void keyring_restriction_gc(struct key *keyring, struct key_type *dead_type); -extern void key_schedule_gc(time_t gc_at); +extern void key_schedule_gc(time64_t gc_at); extern void key_schedule_gc_links(void); extern void key_gc_keytype(struct key_type *ktype); @@ -211,7 +211,7 @@ extern struct key *request_key_auth_new(struct key *target, /* * Determine whether a key is dead. */ -static inline bool key_is_dead(const struct key *key, time_t limit) +static inline bool key_is_dead(const struct key *key, time64_t limit) { return key->flags & ((1 << KEY_FLAG_DEAD) | diff --git a/security/keys/key.c b/security/keys/key.c index 83da68d..291a67c 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -556,7 +556,6 @@ int key_reject_and_link(struct key *key, struct key *authkey) { struct assoc_array_edit *edit; - struct timespec now; int ret, awaken, link_ret = 0; key_check(key); @@ -582,8 +581,7 @@ int key_reject_and_link(struct key *key, smp_wmb(); set_bit(KEY_FLAG_NEGATIVE, &key->flags); set_bit(KEY_FLAG_INSTANTIATED, &key->flags); - now = current_kernel_time(); - key->expiry = now.tv_sec + timeout; + key->expiry = ktime_get_real_seconds() + timeout; key_schedule_gc(key->expiry + key_gc_delay); if (test_and_clear_bit(KEY_FLAG_USER_CONSTRUCT, &key->flags)) @@ -699,16 +697,13 @@ struct key_type *key_type_lookup(const char *type) void key_set_timeout(struct key *key, unsigned timeout) { - struct timespec now; - time_t expiry = 0; + time64_t expiry = 0; /* make the changes with the locks held to prevent races */ down_write(&key->sem); - if (timeout > 0) { - now = current_kernel_time(); - expiry = now.tv_sec + timeout; - } + if (timeout > 0) + expiry = ktime_get_real_seconds() + timeout; key->expiry = expiry; key_schedule_gc(key->expiry + key_gc_delay); @@ -1007,8 +1002,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) */ void key_revoke(struct key *key) { - struct timespec now; - time_t time; + time64_t time; key_check(key); @@ -1023,8 +1017,7 @@ void key_revoke(struct key *key) key->type->revoke(key); /* set the death time to no more than the expiry time */ - now = current_kernel_time(); - time = now.tv_sec; + time = ktime_get_real_seconds(); if (key->revoked_at == 0 || key->revoked_at > time) { key->revoked_at = time; key_schedule_gc(key->revoked_at + key_gc_delay); diff --git a/security/keys/keyring.c b/security/keys/keyring.c index de81793..2d82088 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -576,7 +576,7 @@ static int keyring_search_iterator(const void *object, void *iterator_data) goto skipped; } - if (key->expiry && ctx->now.tv_sec >= key->expiry) { + if (key->expiry && ctx->now >= key->expiry) { if (!(ctx->flags & KEYRING_SEARCH_SKIP_EXPIRED)) ctx->result = ERR_PTR(-EKEYEXPIRED); kleave(" = %d [expire]", ctx->skipped_ret); @@ -837,10 +837,10 @@ static bool search_nested_keyrings(struct key *keyring, key = key_ref_to_ptr(ctx->result); key_check(key); if (!(ctx->flags & KEYRING_SEARCH_NO_UPDATE_TIME)) { - key->last_used_at = ctx->now.tv_sec; - keyring->last_used_at = ctx->now.tv_sec; + key->last_used_at = ctx->now; + keyring->last_used_at = ctx->now; while (sp > 0) - stack[--sp].keyring->last_used_at = ctx->now.tv_sec; + stack[--sp].keyring->last_used_at = ctx->now; } kleave(" = true"); return true; @@ -901,7 +901,7 @@ key_ref_t keyring_search_aux(key_ref_t keyring_ref, } rcu_read_lock(); - ctx->now = current_kernel_time(); + ctx->now = ktime_get_real_seconds(); if (search_nested_keyrings(keyring, ctx)) __key_get(key_ref_to_ptr(ctx->result)); rcu_read_unlock(); @@ -1147,7 +1147,7 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check) * (ie. it has a zero usage count) */ if (!refcount_inc_not_zero(&keyring->usage)) continue; - keyring->last_used_at = current_kernel_time().tv_sec; + keyring->last_used_at = ktime_get_real_seconds(); goto out; } } @@ -1487,7 +1487,7 @@ static void keyring_revoke(struct key *keyring) static bool keyring_gc_select_iterator(void *object, void *iterator_data) { struct key *key = keyring_ptr_to_key(object); - time_t *limit = iterator_data; + time64_t *limit = iterator_data; if (key_is_dead(key, *limit)) return false; @@ -1498,7 +1498,7 @@ static bool keyring_gc_select_iterator(void *object, void *iterator_data) static int keyring_gc_check_iterator(const void *object, void *iterator_data) { const struct key *key = keyring_ptr_to_key(object); - time_t *limit = iterator_data; + time64_t *limit = iterator_data; key_check(key); return key_is_dead(key, *limit); @@ -1510,7 +1510,7 @@ static int keyring_gc_check_iterator(const void *object, void *iterator_data) * Not called with any locks held. The keyring's key struct will not be * deallocated under us as only our caller may deallocate it. */ -void keyring_gc(struct key *keyring, time_t limit) +void keyring_gc(struct key *keyring, time64_t limit) { int result; diff --git a/security/keys/permission.c b/security/keys/permission.c index 732cc0b..507b1d41 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c @@ -100,8 +100,7 @@ int key_validate(const struct key *key) /* check it hasn't expired */ if (key->expiry) { - struct timespec now = current_kernel_time(); - if (now.tv_sec >= key->expiry) + if (ktime_get_real_seconds() >= key->expiry) return -EKEYEXPIRED; } diff --git a/security/keys/proc.c b/security/keys/proc.c index bf08d02..95c8720 100644 --- a/security/keys/proc.c +++ b/security/keys/proc.c @@ -178,8 +178,8 @@ static int proc_keys_show(struct seq_file *m, void *v) { struct rb_node *_p = v; struct key *key = rb_entry(_p, struct key, serial_node); - struct timespec now; - unsigned long timo; + time64_t now; + u64 timo; key_ref_t key_ref, skey_ref; char xbuf[16]; int rc; @@ -216,28 +216,28 @@ static int proc_keys_show(struct seq_file *m, void *v) if (rc < 0) return 0; - now = current_kernel_time(); + now = ktime_get_real_seconds(); rcu_read_lock(); /* come up with a suitable timeout value */ if (key->expiry == 0) { memcpy(xbuf, "perm", 5); - } else if (now.tv_sec >= key->expiry) { + } else if (now >= key->expiry) { memcpy(xbuf, "expd", 5); } else { - timo = key->expiry - now.tv_sec; + timo = key->expiry - now; if (timo < 60) - sprintf(xbuf, "%lus", timo); + sprintf(xbuf, "%llus", timo); else if (timo < 60*60) - sprintf(xbuf, "%lum", timo / 60); + sprintf(xbuf, "%llum", div_u64(timo, 60)); else if (timo < 60*60*24) - sprintf(xbuf, "%luh", timo / (60*60)); + sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60)); else if (timo < 60*60*24*7) - sprintf(xbuf, "%lud", timo / (60*60*24)); + sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24)); else - sprintf(xbuf, "%luw", timo / (60*60*24*7)); + sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7)); } #define showflag(KEY, LETTER, FLAG) \ diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index 86bced9..c691e09 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -736,7 +736,7 @@ key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, if (ret < 0) goto invalid_key; - key->last_used_at = current_kernel_time().tv_sec; + key->last_used_at = ktime_get_real_seconds(); error: put_cred(ctx.cred); From patchwork Wed Aug 9 02:51:31 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "\(Exiting\) Baolin Wang" X-Patchwork-Id: 109689 Delivered-To: patch@linaro.org Received: by 10.140.95.78 with SMTP id h72csp282567qge; Tue, 8 Aug 2017 19:52:55 -0700 (PDT) X-Received: by 10.84.215.211 with SMTP id g19mr7056563plj.438.1502247175771; Tue, 08 Aug 2017 19:52:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1502247175; cv=none; d=google.com; s=arc-20160816; b=QobkbaWxkN1tinkiJos0fkSIBWeQ75+xFxqBVT3hmr/ihebpjdLQQyHXExu3HFjfgg fQcxZkQxlw5jPreXAW8oGOgn3YAm52WamcJncoTAnuylTg2xBbTG+MO7sR3Ewk1D882U /xlaCrr6XrT+fjlM7Gp6yPokSj2mg/rM1XFJ/T0x7ObowbwoseR5rnqD3Gb0rSe51sQP FX2TuXwV2V5PELK3RyRiSNkDT0T46fI1ZwEgFtirpvK+UrZmdrBZDVPdSkuiTAH+yGdq 7w0yqZNLKdGe/WRPnpBt8yH7exEAYPEVOr3LO1RwHX7BkcifcU7aMbW1oGJRmrCTs64c g+sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=Gq3bRmvHcaHZWUw5yT962ygllDHyu02n/ryR9eZnMnE=; b=wN16fvT7f1dTGkLHxspx67SYWgFcY25a0a13jIL74UJa0zCXehzSH3aJcTKXdBlMv4 c+D2rwRqjqKAlowpDmWe6XFFMm3XAgmLXrcr4EY7fm137kS4j5pV46AfsaCAUuhNljl+ TotqK3VZzdvanOq1roWwW/ky4nWWImLm+URqaeIg4KTqsdb8e+iE4xitI7TuDTsOT7q4 LPDZ19iaCXqfJo10YRJRodhGDcyBeGyUKNbjtN33oiTwyxRugHchN+7MD1AmGgOxrVFg F7aRgdDcp7bovaz+a2OaQePt6fQ5WjpXT9bLzY2BaQS8iVUBbOdInJ1tEXMljRHjVzcu OWhg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aKWDdzKT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f12si740142plj.451.2017.08.08.19.52.55; Tue, 08 Aug 2017 19:52:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aKWDdzKT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752583AbdHICwx (ORCPT + 25 others); Tue, 8 Aug 2017 22:52:53 -0400 Received: from mail-pf0-f177.google.com ([209.85.192.177]:35968 "EHLO mail-pf0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752602AbdHICwP (ORCPT ); Tue, 8 Aug 2017 22:52:15 -0400 Received: by mail-pf0-f177.google.com with SMTP id c28so22049347pfe.3 for ; Tue, 08 Aug 2017 19:52:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=Gq3bRmvHcaHZWUw5yT962ygllDHyu02n/ryR9eZnMnE=; b=aKWDdzKTr2F9SnPqzkfFXM+5FpJ/mQpz+nQuFOtx+ZIHYoXke3Vvabv02axx/UYJaW MvynBupiMbU8y/kdP4E6LMFFxz0T5pvP8ZagUVM+tj695eWAam/UA5qmGOeaAWut9sv/ 8UvsOweOKD0lMujYtduXLohPntjiYEJJkbx6s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=Gq3bRmvHcaHZWUw5yT962ygllDHyu02n/ryR9eZnMnE=; b=d+/2NFnSXczczD7n0MQ6SYWdbQavLIdGvlcR/iov5Rl2ivWI8qZXaEeoMhZdstDxR3 ZlY0i1H4dtyIFTethr1ie7qhN2llzQC3/AaryAoL5pALFGFPUtHQBuQ7qeAAH7Wn26Hn oyl7luq/DiPSsJf8mzBYikbyYDiJbS3vgqP12f10p61PwB8oGmb0Yi3KaU4ojYZ58XrY o2XG6tSm5b3MN/C+/VrdUsdcKga+RUWJ0/tgJfXkjDEHLNk9iP7xl7ePeZWwdgI0t/sQ CebIAC0ADJQ5gCuoHWF9pjz4GyThv90lzNV3l8+JHxQ2Z70/BnimDqwHMofYjx8mgcR5 ufZw== X-Gm-Message-State: AHYfb5iKqDJdQ7eTwbgDc2HZmCOn34NGf3OIoh0kIWwutKqa46D3qAcp afn6urjgnQ44wqi3 X-Received: by 10.98.89.66 with SMTP id n63mr6547060pfb.137.1502247135097; Tue, 08 Aug 2017 19:52:15 -0700 (PDT) Received: from baolinwangubtpc.spreadtrum.com ([117.18.48.82]) by smtp.gmail.com with ESMTPSA id t64sm4435558pgd.80.2017.08.08.19.52.10 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 08 Aug 2017 19:52:14 -0700 (PDT) From: Baolin Wang To: dhowells@redhat.com, davem@davemloft.net Cc: james.l.morris@oracle.com, serge@hallyn.com, marc.dionne@auristor.com, dan.carpenter@oracle.com, Jason@zx2c4.com, arnd@arndb.de, broonie@kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, netdev@vger.kernel.org, baolin.wang@linaro.org Subject: [PATCH 2/3] security: keys: Replace time_t with time64_t for struct key_preparsed_payload Date: Wed, 9 Aug 2017 10:51:31 +0800 Message-Id: X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The 'struct key_preparsed_payload' will use 'time_t' which we will try to remove in the kernel, since 'time_t' is not year 2038 safe on 32bits systems. Thus this patch replaces 'time_t' with 'time64_t' which is year 2038 safe on 32 bits system for 'struct key_preparsed_payload', moreover we should use the 'TIME64_MAX' macro to initialize the 'time64_t' type variable. Signed-off-by: Baolin Wang --- include/linux/key-type.h | 2 +- security/keys/key.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) -- 1.7.9.5 diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 8496cf6..4beb006 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -44,7 +44,7 @@ struct key_preparsed_payload { const void *data; /* Raw data */ size_t datalen; /* Raw datalen */ size_t quotalen; /* Quota length for proposed payload */ - time_t expiry; /* Expiry time of key */ + time64_t expiry; /* Expiry time of key */ }; typedef int (*request_key_actor_t)(struct key_construction *key, diff --git a/security/keys/key.c b/security/keys/key.c index 291a67c..d5c8941 100644 --- a/security/keys/key.c +++ b/security/keys/key.c @@ -446,7 +446,7 @@ static int __key_instantiate_and_link(struct key *key, if (authkey) key_revoke(authkey); - if (prep->expiry != TIME_T_MAX) { + if (prep->expiry != TIME64_MAX) { key->expiry = prep->expiry; key_schedule_gc(prep->expiry + key_gc_delay); } @@ -492,7 +492,7 @@ int key_instantiate_and_link(struct key *key, prep.data = data; prep.datalen = datalen; prep.quotalen = key->type->def_datalen; - prep.expiry = TIME_T_MAX; + prep.expiry = TIME64_MAX; if (key->type->preparse) { ret = key->type->preparse(&prep); if (ret < 0) @@ -834,7 +834,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref, prep.data = payload; prep.datalen = plen; prep.quotalen = index_key.type->def_datalen; - prep.expiry = TIME_T_MAX; + prep.expiry = TIME64_MAX; if (index_key.type->preparse) { ret = index_key.type->preparse(&prep); if (ret < 0) { @@ -968,7 +968,7 @@ int key_update(key_ref_t key_ref, const void *payload, size_t plen) prep.data = payload; prep.datalen = plen; prep.quotalen = key->type->def_datalen; - prep.expiry = TIME_T_MAX; + prep.expiry = TIME64_MAX; if (key->type->preparse) { ret = key->type->preparse(&prep); if (ret < 0) From patchwork Wed Aug 9 02:51:32 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "\(Exiting\) Baolin Wang" X-Patchwork-Id: 109688 Delivered-To: patch@linaro.org Received: by 10.140.95.78 with SMTP id h72csp282262qge; Tue, 8 Aug 2017 19:52:28 -0700 (PDT) X-Received: by 10.84.177.131 with SMTP id x3mr7117176plb.280.1502247148288; Tue, 08 Aug 2017 19:52:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1502247148; cv=none; d=google.com; s=arc-20160816; b=t1lpfYGsggOqKMdjH9fxJfbElotBrZ5Q3nHBGL3qDNt9QfzJtP9vARFnqmwqeNJ/vS T3UpI1GhTz9OJz4etS5yggMYWqZ+WX0MGs/cDi+vtHmM5mr85rzlmmEiq+179ec0Cd4z 1bmUdvi1XaYeiCk/jN/WNZuhHp6JkGj9+O6Yu8o2t/2DYZvLMJrBaXNO4r/wSjLZT+Z2 3p9iycqmG5ZrVjoLTMCuYF0SWETPST7//p6t5XWmtiZGhSAbuHL/x7nhIyl4z7BRyOo7 MHd6U4VRA/gquBmVYlNBGWvSqtYBD8oGOyNyaFtFPo2HvcC7+noOtfoCwmTd7w074et2 qe+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=wbinPBINF1U0UiGsg9TDap/8Cf7Ybf+c1no5ZDIuhz02l2Jl8QeexJxE+nSO3AQV0D Ob8ny1haNmFXXPHlSYiiyHDqz6s/QekbxMd93pd9VTGku19xtOxzCWpyWmzRH9AsnCHb THS53ebIJvvExXzR+qGA9XG5FYQO/73PUjXVNeQt0KH9oboL+ZtpnKzLYGk49+v8cPOe FS4v8dL9ITkfrFHqvFOaRTt4GzJq+YTBRCBrReER9DJQCPkA5+NSVJtuXtyqkPY1EfSy hyYmvWsA8CPbvu02SpiOwgsT4SyxMOQ3bOdr2yRozCt+G1qyaOevl7/Nj/an+Gr9x/m7 aOZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VAyzpjmd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b10si1914576pll.558.2017.08.08.19.52.27; Tue, 08 Aug 2017 19:52:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VAyzpjmd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752664AbdHICwZ (ORCPT + 25 others); Tue, 8 Aug 2017 22:52:25 -0400 Received: from mail-pg0-f45.google.com ([74.125.83.45]:36233 "EHLO mail-pg0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752665AbdHICwT (ORCPT ); Tue, 8 Aug 2017 22:52:19 -0400 Received: by mail-pg0-f45.google.com with SMTP id v77so22272631pgb.3 for ; Tue, 08 Aug 2017 19:52:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :in-reply-to:references; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=VAyzpjmdVwfUbAdIMw3nR7IET6ficyakjebCAPY9ppAzjTIOhFvlIUbvaO1s4m8v3m GatgbYtewlJt52HUJW8B69OdNEqV/O01yJY1pTgw/bAaqf/Kr2KiXnpsO6lJJLb79uk+ igDtZggFVnXVeoODesxogtBGKuiDfyAlBNB3E= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:in-reply-to:references; bh=n6IZCWpBcWhrlrLH6i7DXGUYNOCzQIjscxwddHaEKbQ=; b=PqrUJRhQvbG9A1juyjgkUlMzZXPrBlnCxU2ZDMRtJM97PG9xfeH+1qCj7E77A02kIO dRGArF4i1vKwcFmT/3d87NY4QeRcYFJiFg8gSKctUD22SW8T+6aa3BedTFbUs6EH/rKH uNnk33y4SvUc0wC54/fd8WsKN3Z0NRiINCiaDdrw4wRqr0+nUFmYVrJJXNjV/YU//BYE +waPnx9hau1F9hYXq3vBu/iKlCU9HKyjk/sUs5NfBSQNyX81/9g3JUNX6D9XQJlSKW/9 KsNKSzw1LWC7ALOaYEAULmC0eKTDJTfsc80fE/9CGEU0a7fn1Lsdnw65PMwnrj7jfait 5o2g== X-Gm-Message-State: AHYfb5g00ZvhaSPTh9k6K8yBO/Ut+szaAOtC39b5+sTkLcuABNRTCAvn ChC6IbykI/deltri X-Received: by 10.98.72.90 with SMTP id v87mr6745078pfa.337.1502247139221; Tue, 08 Aug 2017 19:52:19 -0700 (PDT) Received: from baolinwangubtpc.spreadtrum.com ([117.18.48.82]) by smtp.gmail.com with ESMTPSA id t64sm4435558pgd.80.2017.08.08.19.52.15 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 08 Aug 2017 19:52:18 -0700 (PDT) From: Baolin Wang To: dhowells@redhat.com, davem@davemloft.net Cc: james.l.morris@oracle.com, serge@hallyn.com, marc.dionne@auristor.com, dan.carpenter@oracle.com, Jason@zx2c4.com, arnd@arndb.de, broonie@kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, netdev@vger.kernel.org, baolin.wang@linaro.org Subject: [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type Date: Wed, 9 Aug 2017 10:51:32 +0800 Message-Id: <8ac57c96bf5a0695ecc67fd230440b0b9d15740f.1502246502.git.baolin.wang@linaro.org> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Since the 'expiry' variable of 'struct key_preparsed_payload' has been changed to 'time64_t' type, which is year 2038 safe on 32bits system. In net/rxrpc subsystem, we need convert 'u32' type to 'time64_t' type when copying ticket expires time to 'prep->expiry', then this patch introduces two helper functions to help convert 'u32' to 'time64_t' type. This patch also uses ktime_get_real_seconds() to get current time instead of get_seconds() which is not year 2038 safe on 32bits system. Signed-off-by: Baolin Wang --- include/keys/rxrpc-type.h | 21 +++++++++++++++++++++ net/rxrpc/ar-internal.h | 2 +- net/rxrpc/key.c | 22 ++++++++++++++-------- net/rxrpc/rxkad.c | 14 +++++++------- 4 files changed, 43 insertions(+), 16 deletions(-) -- 1.7.9.5 diff --git a/include/keys/rxrpc-type.h b/include/keys/rxrpc-type.h index 5de0673..76421e2 100644 --- a/include/keys/rxrpc-type.h +++ b/include/keys/rxrpc-type.h @@ -127,4 +127,25 @@ struct rxrpc_key_data_v1 { #define AFSTOKEN_K5_ADDRESSES_MAX 16 /* max K5 addresses */ #define AFSTOKEN_K5_AUTHDATA_MAX 16 /* max K5 pieces of auth data */ +/* + * truncate a time64_t to the range from 1970 to 2106 as + * in the network protocol + */ +static inline u32 rxrpc_time64_to_u32(time64_t time) +{ + if (time < 0) + return 0; + + if (time > UINT_MAX) + return UINT_MAX; + + return (u32)time; +} + +/* extend u32 back to time64_t using the same 1970-2106 range */ +static inline time64_t rxrpc_u32_to_time64(u32 time) +{ + return (time64_t)time; +} + #endif /* _KEYS_RXRPC_TYPE_H */ diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h index 69b9733..3c11443 100644 --- a/net/rxrpc/ar-internal.h +++ b/net/rxrpc/ar-internal.h @@ -894,7 +894,7 @@ void rxrpc_new_incoming_connection(struct rxrpc_sock *, int rxrpc_request_key(struct rxrpc_sock *, char __user *, int); int rxrpc_server_keyring(struct rxrpc_sock *, char __user *, int); -int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time_t, +int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time64_t, u32); /* diff --git a/net/rxrpc/key.c b/net/rxrpc/key.c index 5436922..e2d3661 100644 --- a/net/rxrpc/key.c +++ b/net/rxrpc/key.c @@ -92,6 +92,7 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep, const __be32 *xdr, unsigned int toklen) { struct rxrpc_key_token *token, **pptoken; + time64_t expiry; size_t plen; u32 tktlen; @@ -158,8 +159,9 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep, pptoken = &(*pptoken)->next) continue; *pptoken = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; _leave(" = 0"); return 0; @@ -433,6 +435,7 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep, struct rxrpc_key_token *token, **pptoken; struct rxk5_key *rxk5; const __be32 *end_xdr = xdr + (toklen >> 2); + time64_t expiry; int ret; _enter(",{%x,%x,%x,%x},%u", @@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep, pptoken = &(*pptoken)->next) continue; *pptoken = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; _leave(" = 0"); return 0; @@ -691,6 +695,7 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep) { const struct rxrpc_key_data_v1 *v1; struct rxrpc_key_token *token, **pp; + time64_t expiry; size_t plen; u32 kver; int ret; @@ -777,8 +782,9 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep) while (*pp) pp = &(*pp)->next; *pp = token; - if (token->kad->expiry < prep->expiry) - prep->expiry = token->kad->expiry; + expiry = rxrpc_u32_to_time64(token->kad->expiry); + if (expiry < prep->expiry) + prep->expiry = expiry; token = NULL; ret = 0; @@ -955,7 +961,7 @@ int rxrpc_server_keyring(struct rxrpc_sock *rx, char __user *optval, */ int rxrpc_get_server_data_key(struct rxrpc_connection *conn, const void *session_key, - time_t expiry, + time64_t expiry, u32 kvno) { const struct cred *cred = current_cred(); @@ -982,7 +988,7 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn, data.kver = 1; data.v1.security_index = RXRPC_SECURITY_RXKAD; data.v1.ticket_length = 0; - data.v1.expiry = expiry; + data.v1.expiry = rxrpc_time64_to_u32(expiry); data.v1.kvno = 0; memcpy(&data.v1.session_key, session_key, sizeof(data.v1.session_key)); diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index 46d1a1f..34c86d2 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -854,7 +854,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, struct sk_buff *skb, void *ticket, size_t ticket_len, struct rxrpc_crypt *_session_key, - time_t *_expiry, + time64_t *_expiry, u32 *_abort_code) { struct skcipher_request *req; @@ -864,7 +864,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, struct in_addr addr; unsigned int life; const char *eproto; - time_t issue, now; + time64_t issue, now; bool little_endian; int ret; u32 abort_code; @@ -960,15 +960,15 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn, if (little_endian) { __le32 stamp; memcpy(&stamp, p, 4); - issue = le32_to_cpu(stamp); + issue = rxrpc_u32_to_time64(le32_to_cpu(stamp)); } else { __be32 stamp; memcpy(&stamp, p, 4); - issue = be32_to_cpu(stamp); + issue = rxrpc_u32_to_time64(be32_to_cpu(stamp)); } p += 4; - now = get_seconds(); - _debug("KIV ISSUE: %lx [%lx]", issue, now); + now = ktime_get_real_seconds(); + _debug("KIV ISSUE: %llx [%llx]", issue, now); /* check the ticket is in date */ if (issue > now) { @@ -1053,7 +1053,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn, struct rxrpc_skb_priv *sp = rxrpc_skb(skb); struct rxrpc_crypt session_key; const char *eproto; - time_t expiry; + time64_t expiry; void *ticket; u32 abort_code, version, kvno, ticket_len, level; __be32 csum;