subject:"\[PATCH 1\/3\] security\: keys\: Replace time_t\/timespec with time64

[PATCH 1/3] security: keys: Replace time_t/timespec with time64_t

2017-08-08 Thread Baolin Wang

The 'struct key' will use 'time_t' which we try to remove in the
kernel, since 'time_t' is not year 2038 safe on 32bit systems.
Also the 'struct keyring_search_context' will use 'timespec' type
to record current time, which is also not year 2038 safe on 32bit
systems.

Thus this patch replaces 'time_t' with 'time64_t' which is year 2038
safe for 'struct key', and replace 'timespec' with 'time64_t' for the
'struct keyring_search_context', since we only look at the the seconds
part of 'timespec' variable. Moreover we also change the codes where
using the 'time_t' and 'timespec', and we can get current time by
ktime_get_real_seconds() instead of current_kernel_time(), and use
'TIME64_MAX' macro to initialize the 'time64_t' type variable.

Especially in proc.c file, we have replaced 'unsigned long' and 'timespec'
type with 'u64' and 'time64_t' type to save the timeout value, which means
user will get one 'u64' type timeout value by issuing proc_keys_show()
function.

Signed-off-by: Baolin Wang 
---
 include/linux/key.h  |7 ---
 security/keys/gc.c   |   20 ++--
 security/keys/internal.h |8 
 security/keys/key.c  |   19 ++-
 security/keys/keyring.c  |   18 +-
 security/keys/permission.c   |3 +--
 security/keys/proc.c |   20 ++--
 security/keys/process_keys.c |2 +-
 8 files changed, 45 insertions(+), 52 deletions(-)

diff --git a/include/linux/key.h b/include/linux/key.h
index 0441141..6d10f84 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -24,6 +24,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #ifdef __KERNEL__
 #include 
@@ -157,10 +158,10 @@ struct key {
struct key_user *user;  /* owner of this key */
void*security;  /* security data for this key */
union {
-   time_t  expiry; /* time at which key expires 
(or 0) */
-   time_t  revoked_at; /* time at which key was 
revoked */
+   time64_texpiry; /* time at which key expires 
(or 0) */
+   time64_trevoked_at; /* time at which key was 
revoked */
};
-   time_t  last_used_at;   /* last time used for LRU 
keyring discard */
+   time64_tlast_used_at;   /* last time used for LRU 
keyring discard */
kuid_t  uid;
kgid_t  gid;
key_perm_t  perm;   /* access permissions */
diff --git a/security/keys/gc.c b/security/keys/gc.c
index 87cb260..c99700e 100644
--- a/security/keys/gc.c
+++ b/security/keys/gc.c
@@ -32,7 +32,7 @@
 static void key_gc_timer_func(unsigned long);
 static DEFINE_TIMER(key_gc_timer, key_gc_timer_func, 0, 0);
 
-static time_t key_gc_next_run = LONG_MAX;
+static time64_t key_gc_next_run = TIME64_MAX;
 static struct key_type *key_gc_dead_keytype;
 
 static unsigned long key_gc_flags;
@@ -53,12 +53,12 @@ struct key_type key_type_dead = {
  * Schedule a garbage collection run.
  * - time precision isn't particularly important
  */
-void key_schedule_gc(time_t gc_at)
+void key_schedule_gc(time64_t gc_at)
 {
unsigned long expires;
-   time_t now = current_kernel_time().tv_sec;
+   time64_t now = ktime_get_real_seconds();
 
-   kenter("%ld", gc_at - now);
+   kenter("%lld", gc_at - now);
 
if (gc_at <= now || test_bit(KEY_GC_REAP_KEYTYPE, _gc_flags)) {
kdebug("IMMEDIATE");
@@ -87,7 +87,7 @@ void key_schedule_gc_links(void)
 static void key_gc_timer_func(unsigned long data)
 {
kenter("");
-   key_gc_next_run = LONG_MAX;
+   key_gc_next_run = TIME64_MAX;
key_schedule_gc_links();
 }
 
@@ -184,11 +184,11 @@ static void key_garbage_collector(struct work_struct 
*work)
 
struct rb_node *cursor;
struct key *key;
-   time_t new_timer, limit;
+   time64_t new_timer, limit;
 
kenter("[%lx,%x]", key_gc_flags, gc_state);
 
-   limit = current_kernel_time().tv_sec;
+   limit = ktime_get_real_seconds();
if (limit > key_gc_delay)
limit -= key_gc_delay;
else
@@ -204,7 +204,7 @@ static void key_garbage_collector(struct work_struct *work)
gc_state |= KEY_GC_REAPING_DEAD_1;
kdebug("new pass %x", gc_state);
 
-   new_timer = LONG_MAX;
+   new_timer = TIME64_MAX;
 
/* As only this function is permitted to remove things from the key
 * serial tree, if cursor is non-NULL then it will always point to a
@@ -235,7 +235,7 @@ static void key_garbage_collector(struct work_struct *work)
 
if (gc_state & KEY_GC_SET_TIMER) {
if (key->expiry > limit && key->expiry < new_timer) {
-   kdebug("will expire %x in %ld",
+   kdebug("will expire %x in

[PATCH 1/3] security: keys: Replace time_t/timespec with time64_t

2017-08-08 Thread Baolin Wang

The 'struct key' will use 'time_t' which we try to remove in the
kernel, since 'time_t' is not year 2038 safe on 32bit systems.
Also the 'struct keyring_search_context' will use 'timespec' type
to record current time, which is also not year 2038 safe on 32bit
systems.

Thus this patch replaces 'time_t' with 'time64_t' which is year 2038
safe for 'struct key', and replace 'timespec' with 'time64_t' for the
'struct keyring_search_context', since we only look at the the seconds
part of 'timespec' variable. Moreover we also change the codes where
using the 'time_t' and 'timespec', and we can get current time by
ktime_get_real_seconds() instead of current_kernel_time(), and use
'TIME64_MAX' macro to initialize the 'time64_t' type variable.

Especially in proc.c file, we have replaced 'unsigned long' and 'timespec'
type with 'u64' and 'time64_t' type to save the timeout value, which means
user will get one 'u64' type timeout value by issuing proc_keys_show()
function.

Signed-off-by: Baolin Wang 
---
 include/linux/key.h  |7 ---
 security/keys/gc.c   |   20 ++--
 security/keys/internal.h |8 
 security/keys/key.c  |   19 ++-
 security/keys/keyring.c  |   18 +-
 security/keys/permission.c   |3 +--
 security/keys/proc.c |   20 ++--
 security/keys/process_keys.c |2 +-
 8 files changed, 45 insertions(+), 52 deletions(-)

diff --git a/include/linux/key.h b/include/linux/key.h
index 0441141..6d10f84 100644
--- a/include/linux/key.h
+++ b/include/linux/key.h
@@ -24,6 +24,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #ifdef __KERNEL__
 #include 
@@ -157,10 +158,10 @@ struct key {
struct key_user *user;  /* owner of this key */
void*security;  /* security data for this key */
union {
-   time_t  expiry; /* time at which key expires 
(or 0) */
-   time_t  revoked_at; /* time at which key was 
revoked */
+   time64_texpiry; /* time at which key expires 
(or 0) */
+   time64_trevoked_at; /* time at which key was 
revoked */
};
-   time_t  last_used_at;   /* last time used for LRU 
keyring discard */
+   time64_tlast_used_at;   /* last time used for LRU 
keyring discard */
kuid_t  uid;
kgid_t  gid;
key_perm_t  perm;   /* access permissions */
diff --git a/security/keys/gc.c b/security/keys/gc.c
index 87cb260..c99700e 100644
--- a/security/keys/gc.c
+++ b/security/keys/gc.c
@@ -32,7 +32,7 @@
 static void key_gc_timer_func(unsigned long);
 static DEFINE_TIMER(key_gc_timer, key_gc_timer_func, 0, 0);
 
-static time_t key_gc_next_run = LONG_MAX;
+static time64_t key_gc_next_run = TIME64_MAX;
 static struct key_type *key_gc_dead_keytype;
 
 static unsigned long key_gc_flags;
@@ -53,12 +53,12 @@ struct key_type key_type_dead = {
  * Schedule a garbage collection run.
  * - time precision isn't particularly important
  */
-void key_schedule_gc(time_t gc_at)
+void key_schedule_gc(time64_t gc_at)
 {
unsigned long expires;
-   time_t now = current_kernel_time().tv_sec;
+   time64_t now = ktime_get_real_seconds();
 
-   kenter("%ld", gc_at - now);
+   kenter("%lld", gc_at - now);
 
if (gc_at <= now || test_bit(KEY_GC_REAP_KEYTYPE, _gc_flags)) {
kdebug("IMMEDIATE");
@@ -87,7 +87,7 @@ void key_schedule_gc_links(void)
 static void key_gc_timer_func(unsigned long data)
 {
kenter("");
-   key_gc_next_run = LONG_MAX;
+   key_gc_next_run = TIME64_MAX;
key_schedule_gc_links();
 }
 
@@ -184,11 +184,11 @@ static void key_garbage_collector(struct work_struct 
*work)
 
struct rb_node *cursor;
struct key *key;
-   time_t new_timer, limit;
+   time64_t new_timer, limit;
 
kenter("[%lx,%x]", key_gc_flags, gc_state);
 
-   limit = current_kernel_time().tv_sec;
+   limit = ktime_get_real_seconds();
if (limit > key_gc_delay)
limit -= key_gc_delay;
else
@@ -204,7 +204,7 @@ static void key_garbage_collector(struct work_struct *work)
gc_state |= KEY_GC_REAPING_DEAD_1;
kdebug("new pass %x", gc_state);
 
-   new_timer = LONG_MAX;
+   new_timer = TIME64_MAX;
 
/* As only this function is permitted to remove things from the key
 * serial tree, if cursor is non-NULL then it will always point to a
@@ -235,7 +235,7 @@ static void key_garbage_collector(struct work_struct *work)
 
if (gc_state & KEY_GC_SET_TIMER) {
if (key->expiry > limit && key->expiry < new_timer) {
-   kdebug("will expire %x in %ld",
+   kdebug("will expire %x in %lld",

[PATCH 1/3] security: keys: Replace time_t/timespec with time64_t

[PATCH 1/3] security: keys: Replace time_t/timespec with time64_t

2 matches

Site Navigation

Mail list logo

Footer information