Commit 2115bb25 authored by Deepa Dinamani's avatar Deepa Dinamani Committed by Paul Moore

audit: Use timespec64 to represent audit timestamps

struct timespec is not y2038 safe.
Audit timestamps are recorded in string format into
an audit buffer for a given context.
These mark the entry timestamps for the syscalls.
Use y2038 safe struct timespec64 to represent the times.
The log strings can handle this transition as strings can
hold upto 1024 characters.
Signed-off-by: default avatarDeepa Dinamani <deepa.kernel@gmail.com>
Reviewed-by: default avatarArnd Bergmann <arnd@arndb.de>
Acked-by: default avatarPaul Moore <paul@paul-moore.com>
Acked-by: default avatarRichard Guy Briggs <rgb@redhat.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent b6c7c115
...@@ -331,7 +331,7 @@ static inline void audit_ptrace(struct task_struct *t) ...@@ -331,7 +331,7 @@ static inline void audit_ptrace(struct task_struct *t)
/* Private API (for audit.c only) */ /* Private API (for audit.c only) */
extern unsigned int audit_serial(void); extern unsigned int audit_serial(void);
extern int auditsc_get_stamp(struct audit_context *ctx, extern int auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial); struct timespec64 *t, unsigned int *serial);
extern int audit_set_loginuid(kuid_t loginuid); extern int audit_set_loginuid(kuid_t loginuid);
static inline kuid_t audit_get_loginuid(struct task_struct *tsk) static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
...@@ -510,7 +510,7 @@ static inline void __audit_seccomp(unsigned long syscall, long signr, int code) ...@@ -510,7 +510,7 @@ static inline void __audit_seccomp(unsigned long syscall, long signr, int code)
static inline void audit_seccomp(unsigned long syscall, long signr, int code) static inline void audit_seccomp(unsigned long syscall, long signr, int code)
{ } { }
static inline int auditsc_get_stamp(struct audit_context *ctx, static inline int auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial) struct timespec64 *t, unsigned int *serial)
{ {
return 0; return 0;
} }
......
...@@ -1638,10 +1638,10 @@ unsigned int audit_serial(void) ...@@ -1638,10 +1638,10 @@ unsigned int audit_serial(void)
} }
static inline void audit_get_stamp(struct audit_context *ctx, static inline void audit_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial) struct timespec64 *t, unsigned int *serial)
{ {
if (!ctx || !auditsc_get_stamp(ctx, t, serial)) { if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {
*t = CURRENT_TIME; ktime_get_real_ts64(t);
*serial = audit_serial(); *serial = audit_serial();
} }
} }
...@@ -1665,7 +1665,7 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, ...@@ -1665,7 +1665,7 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask,
int type) int type)
{ {
struct audit_buffer *ab; struct audit_buffer *ab;
struct timespec t; struct timespec64 t;
unsigned int uninitialized_var(serial); unsigned int uninitialized_var(serial);
if (audit_initialized != AUDIT_INITIALIZED) if (audit_initialized != AUDIT_INITIALIZED)
...@@ -1718,8 +1718,8 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, ...@@ -1718,8 +1718,8 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, gfp_t gfp_mask,
} }
audit_get_stamp(ab->ctx, &t, &serial); audit_get_stamp(ab->ctx, &t, &serial);
audit_log_format(ab, "audit(%lu.%03lu:%u): ", audit_log_format(ab, "audit(%llu.%03lu:%u): ",
t.tv_sec, t.tv_nsec/1000000, serial); (unsigned long long)t.tv_sec, t.tv_nsec/1000000, serial);
return ab; return ab;
} }
......
...@@ -112,7 +112,7 @@ struct audit_context { ...@@ -112,7 +112,7 @@ struct audit_context {
enum audit_state state, current_state; enum audit_state state, current_state;
unsigned int serial; /* serial number for record */ unsigned int serial; /* serial number for record */
int major; /* syscall number */ int major; /* syscall number */
struct timespec ctime; /* time of syscall entry */ struct timespec64 ctime; /* time of syscall entry */
unsigned long argv[4]; /* syscall arguments */ unsigned long argv[4]; /* syscall arguments */
long return_code;/* syscall return code */ long return_code;/* syscall return code */
u64 prio; u64 prio;
......
...@@ -1532,7 +1532,7 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2, ...@@ -1532,7 +1532,7 @@ void __audit_syscall_entry(int major, unsigned long a1, unsigned long a2,
return; return;
context->serial = 0; context->serial = 0;
context->ctime = CURRENT_TIME; ktime_get_real_ts64(&context->ctime);
context->in_syscall = 1; context->in_syscall = 1;
context->current_state = state; context->current_state = state;
context->ppid = 0; context->ppid = 0;
...@@ -1941,13 +1941,13 @@ EXPORT_SYMBOL_GPL(__audit_inode_child); ...@@ -1941,13 +1941,13 @@ EXPORT_SYMBOL_GPL(__audit_inode_child);
/** /**
* auditsc_get_stamp - get local copies of audit_context values * auditsc_get_stamp - get local copies of audit_context values
* @ctx: audit_context for the task * @ctx: audit_context for the task
* @t: timespec to store time recorded in the audit_context * @t: timespec64 to store time recorded in the audit_context
* @serial: serial value that is recorded in the audit_context * @serial: serial value that is recorded in the audit_context
* *
* Also sets the context as auditable. * Also sets the context as auditable.
*/ */
int auditsc_get_stamp(struct audit_context *ctx, int auditsc_get_stamp(struct audit_context *ctx,
struct timespec *t, unsigned int *serial) struct timespec64 *t, unsigned int *serial)
{ {
if (!ctx->in_syscall) if (!ctx->in_syscall)
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment