diff options
author | Baolin Wang <baolin.wang@linaro.org> | 2017-11-15 16:38:45 +0000 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2017-11-15 16:38:45 +0000 |
commit | 074d58989569b39f04294c90ef36dd82b8c2cc1a (patch) | |
tree | 81aeddd29a2fbc619ebb1c43fa25134e7c6ebeb8 /security/keys/permission.c | |
parent | be543dd626c0a23829e9cc1a28e1e3af4cd9ced6 (diff) | |
download | blackbird-obmc-linux-074d58989569b39f04294c90ef36dd82b8c2cc1a.tar.gz blackbird-obmc-linux-074d58989569b39f04294c90ef36dd82b8c2cc1a.zip |
security: keys: Replace time_t/timespec with time64_t
The 'struct key' will use 'time_t' which we try to remove in the
kernel, since 'time_t' is not year 2038 safe on 32bit systems.
Also the 'struct keyring_search_context' will use 'timespec' type
to record current time, which is also not year 2038 safe on 32bit
systems.
Thus this patch replaces 'time_t' with 'time64_t' which is year 2038
safe for 'struct key', and replace 'timespec' with 'time64_t' for the
'struct keyring_search_context', since we only look at the the seconds
part of 'timespec' variable. Moreover we also change the codes where
using the 'time_t' and 'timespec', and we can get current time by
ktime_get_real_seconds() instead of current_kernel_time(), and use
'TIME64_MAX' macro to initialize the 'time64_t' type variable.
Especially in proc.c file, we have replaced 'unsigned long' and 'timespec'
type with 'u64' and 'time64_t' type to save the timeout value, which means
user will get one 'u64' type timeout value by issuing proc_keys_show()
function.
Signed-off-by: Baolin Wang <baolin.wang@linaro.org>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security/keys/permission.c')
-rw-r--r-- | security/keys/permission.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/security/keys/permission.c b/security/keys/permission.c index a72b4dd70c8a..f68dc04d614e 100644 --- a/security/keys/permission.c +++ b/security/keys/permission.c @@ -89,7 +89,7 @@ EXPORT_SYMBOL(key_task_permission); int key_validate(const struct key *key) { unsigned long flags = READ_ONCE(key->flags); - time_t expiry = READ_ONCE(key->expiry); + time64_t expiry = READ_ONCE(key->expiry); if (flags & (1 << KEY_FLAG_INVALIDATED)) return -ENOKEY; @@ -101,8 +101,7 @@ int key_validate(const struct key *key) /* check it hasn't expired */ if (expiry) { - struct timespec now = current_kernel_time(); - if (now.tv_sec >= expiry) + if (ktime_get_real_seconds() >= expiry) return -EKEYEXPIRED; } |