musl is moving to a default of 64-bit time_t on all architectures,
glibc will follow later. This breaks reading timestamps through cmsg
data with the HCI_TIME_STAMP socket option.
Change both copies of hcidump to work on all architectures. This also
fixes x32, which has never worked, and carefully avoids breaking sparc64,
which is another special case.
I have only compiled this on one architecture, please at least test
it to ensure there are no regressions. The toolchain binaries from
http://musl.cc/ should allow testing with a 64-bit time_t, but it may
be hard to build all the dependencies first.
libpcap has the same bug and needs a similar fix to work on future
32-bit Linux systems. Everything else apparently uses the generic
SO_TIMESTAMP timestamps, which work correctly when using new enough
kernels with a time64 libc.
Signed-off-by: Arnd Bergmann <arnd(a)arndb.de>
---
monitor/hcidump.c | 32 +++++++++++++++++++++++++++++++-
tools/hcidump.c | 33 +++++++++++++++++++++++++++++++--
2 files changed, 62 insertions(+), 3 deletions(-)
diff --git a/monitor/hcidump.c b/monitor/hcidump.c
index 8b6f846d3..6d2330287 100644
--- a/monitor/hcidump.c
+++ b/monitor/hcidump.c
@@ -107,6 +107,36 @@ static int open_hci_dev(uint16_t index)
return fd;
}
+static struct timeval hci_tstamp_read(void *data)
+{
+ struct timeval tv;
+
+ /*
+ * On 64-bit architectures, the data matches the timeval
+ * format. Note that on sparc64 this is different from
+ * all others.
+ */
+ if (sizeof(long) == 8) {
+ memcpy(&tv, data, sizeof(tv));
+ }
+
+ /*
+ * On 32-bit architectures, the timeval definition may
+ * use 32-bit or 64-bit members depending on the C
+ * library and architecture.
+ * The cmsg data however always contains a pair of
+ * 32-bit values. Interpret as unsigned to make it work
+ * past y2038.
+ */
+ if (sizeof(long) == 4) {
+ unsigned int *stamp = data;
+ tv.tv_sec = stamp[0];
+ tv.tv_usec = stamp[1];
+ }
+
+ return tv;
+}
+
static void device_callback(int fd, uint32_t events, void *user_data)
{
struct hcidump_data *data = user_data;
@@ -150,7 +180,7 @@ static void device_callback(int fd, uint32_t events, void *user_data)
memcpy(&dir, CMSG_DATA(cmsg), sizeof(dir));
break;
case HCI_CMSG_TSTAMP:
- memcpy(&ctv, CMSG_DATA(cmsg), sizeof(ctv));
+ ctv = hci_tstamp_read(CMSG_DATA(cmsg));
tv = &ctv;
break;
}
diff --git a/tools/hcidump.c b/tools/hcidump.c
index 33d429b6c..be14d0930 100644
--- a/tools/hcidump.c
+++ b/tools/hcidump.c
@@ -136,6 +136,36 @@ static inline int write_n(int fd, char *buf, int len)
return t;
}
+static struct timeval hci_tstamp_read(void *data)
+{
+ struct timeval tv;
+
+ /*
+ * On 64-bit architectures, the data matches the timeval
+ * format. Note that on sparc64 this is different from
+ * all others.
+ */
+ if (sizeof(long) == 8) {
+ memcpy(&tv, data, sizeof(tv));
+ }
+
+ /*
+ * On 32-bit architectures, the timeval definition may
+ * use 32-bit or 64-bit members depending on the C
+ * library and architecture.
+ * The cmsg data however always contains a pair of
+ * 32-bit values. Interpret as unsigned to make it work
+ * past y2038.
+ */
+ if (sizeof(long) == 4) {
+ unsigned int *stamp = data;
+ tv.tv_sec = stamp[0];
+ tv.tv_usec = stamp[1];
+ }
+
+ return tv;
+}
+
static int process_frames(int dev, int sock, int fd, unsigned long flags)
{
struct cmsghdr *cmsg;
@@ -230,8 +260,7 @@ static int process_frames(int dev, int sock, int fd, unsigned long flags)
frm.in = (uint8_t) dir;
break;
case HCI_CMSG_TSTAMP:
- memcpy(&frm.ts, CMSG_DATA(cmsg),
- sizeof(struct timeval));
+ frm.ts = hci_tstamp_read(CMSG_DATA(cmsg));
break;
}
cmsg = CMSG_NXTHDR(&msg, cmsg);
--
2.20.0
I noticed earlier this week that the HCI_CMSG_TSTAMP/HCI_TIME_STAMP
interface has no time64 equivalent, as we apparently missed that when
converting the normal socket timestamps to support both time32 and time64
variants of the sockopt and cmsg data.
The interface was originally added back in 2002 by Maksim Krasnyanskiy
when bluetooth support first became non-experimental.
When using HCI_TIME_STAMP on a 32-bit system with a time64
libc, users will interpret the { s32 tv_sec; s32 tv_usec } layout of
the kernel as { s64 tv_sec; ... }, which puts complete garbage
into the timestamp regardless of whether this code runs before or
after y2038. From looking at codesearch.debian.org, I found two
users of this: libpcap and hcidump. There are probably others that
are not part of Debian.
Fixing this the same was as normal socket timestamps is not possible
because include/net/bluetooth/hci.h is not an exported UAPI header.
This means any changes to it for defining HCI_TIME_STAMP conditionally
would be ignored by applications that use a different copy of the
header.
I can see three possible ways forward:
1. move include/net/bluetooth/hci.h to include/uapi/, add a conditional
definition of HCI_TIME_STAMP and make the kernel code support
both formats. Then change applications to rely on that version of
header file to get the correct definition but not change application code.
2. Leave the kernel completely unchanged and modify only the users
to not expect the output to be a 'struct timeval' but interpret as
as { uint32_t tv_sec; int32_t tv_usec; } structure on 32-bit architectures,
which will work until the unsigned time overflows 86 years from now
in 2106 (same as the libpcap on-disk format).
3. Add support for the normal SO_TIMESTAMPNS_NEW sockopt in
HCI, providing timestamps in the unambiguous { long long tv_sec;
long long tv_nsec; } format to user space, and change applications
to use that if supported by the kernel.
Arnd
Hi Andrew,
Can you add these to your patches for linux-5.6?
I have y2038 cleanups for sound, v4l, nfsd, scsi and xfs that are
merged in the respective subsystem trees, as well as another
series of individual patches queued up in my own y2038 tree.
With all that work merged, most of include/linux/time32.h
and some other related code can be removed from the kernel,
so it would be good to send these at the end of the coming
merge window, and to give them some more testing in linux-next
to make sure we don't gain any new users.
Arnd
Arnd Bergmann (3):
y2038: remove ktime to/from timespec/timeval conversion
y2038: remove unused time32 interfaces
y2038: hide timeval/timespec/itimerval/itimerspec types
include/linux/compat.h | 29 -----
include/linux/ktime.h | 37 ------
include/linux/time32.h | 154 +------------------------
include/linux/timekeeping32.h | 32 -----
include/linux/types.h | 5 -
include/uapi/asm-generic/posix_types.h | 2 +
include/uapi/linux/time.h | 22 ++--
kernel/compat.c | 64 ----------
kernel/time/time.c | 43 -------
9 files changed, 15 insertions(+), 373 deletions(-)
--
Cc: y2038(a)lists.linaro.org
Cc: linux-kernel(a)vger.kernel.org
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Deepa Dinamani <deepa.kernel(a)gmail.com>
2.20.0
The compat_time_t type has been removed everywhere else,
as most users rely on old_time32_t for both native and
compat mode handling of 32-bit time_t.
Remove the last one in xfs.
Reviewed-by: Darrick J. Wong <darrick.wong(a)oracle.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Arnd Bergmann <arnd(a)arndb.de>
---
As explained in https://www.spinics.net/lists/linux-xfs/msg35524.html
I've dropped the patch "xfs: disallow broken ioctls without
compat-32-bit-time" for this submission but will get to that later
when doing that as a treewide change.
Please apply these two for v5.6 in the meantime so we can kill off
compat_time_t, time_t and get_seconds() for good.
fs/xfs/xfs_ioctl32.c | 2 +-
fs/xfs/xfs_ioctl32.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/xfs/xfs_ioctl32.c b/fs/xfs/xfs_ioctl32.c
index bd07a79ca3c0..9ab0263586da 100644
--- a/fs/xfs/xfs_ioctl32.c
+++ b/fs/xfs/xfs_ioctl32.c
@@ -108,7 +108,7 @@ xfs_ioctl32_bstime_copyin(
xfs_bstime_t *bstime,
compat_xfs_bstime_t __user *bstime32)
{
- compat_time_t sec32; /* tv_sec differs on 64 vs. 32 */
+ old_time32_t sec32; /* tv_sec differs on 64 vs. 32 */
if (get_user(sec32, &bstime32->tv_sec) ||
get_user(bstime->tv_nsec, &bstime32->tv_nsec))
diff --git a/fs/xfs/xfs_ioctl32.h b/fs/xfs/xfs_ioctl32.h
index 8c7743cd490e..053de7d894cd 100644
--- a/fs/xfs/xfs_ioctl32.h
+++ b/fs/xfs/xfs_ioctl32.h
@@ -32,7 +32,7 @@
#endif
typedef struct compat_xfs_bstime {
- compat_time_t tv_sec; /* seconds */
+ old_time32_t tv_sec; /* seconds */
__s32 tv_nsec; /* and nanoseconds */
} compat_xfs_bstime_t;
--
2.20.0
Hi Martin, James,
If this version seems ok to everyone, please pull into
the scsi tree.
The following changes since commit e42617b825f8073569da76dc4510bfa019b1c35a:
Linux 5.5-rc4 (2019-12-08 14:57:55 -0800)
are available in the Git repository at:
git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground.git tags/block-ioctl-cleanup-5.6
for you to fetch changes up to d1329555e914109846283e469b5077e7500ecfaf
Documentation: document ioctl interfaces better (2019-12-17 22:45:18 +0100)
----------------------------------------------------------------
block, scsi: final compat_ioctl cleanup
This series concludes the work I did for linux-5.5 on the compat_ioctl()
cleanup, killing off fs/compat_ioctl.c and block/compat_ioctl.c by moving
everything into drivers.
Overall this would be a reduction both in complexity and line count, but
as I'm also adding documentation the overall number of lines increases
in the end.
My plan was originally to keep the SCSI and block parts separate.
This did not work easily because of interdependencies: I cannot
do the final SCSI cleanup in a good way without first addressing the
CDROM ioctls, so this is one series that I hope could be merged through
either the block or the scsi git trees, or possibly both if you can
pull in the same branch.
The series comes in these steps:
1. clean up the sg v3 interface as suggested by Linus. I have
talked about this with Doug Gilbert as well, and he would
rebase his sg v4 patches on top of "compat: scsi: sg: fix v3
compat read/write interface"
2. Actually moving handlers out of block/compat_ioctl.c and
block/scsi_ioctl.c into drivers, mixed in with cleanup
patches
3. Document how to do this right. I keep getting asked about this,
and it helps to point to some documentation file.
The branch is based on another one that fixes a couple of bugs found
during the creation of this series.
Changes since v2:
- Rebase to v5.5-rc4, which contains the earlier bugfixes
- Fix sr_block_compat_ioctl() error handling bug found by
Ben Hutchings
- Fix idecd_locked_compat_ioctl() compat_ptr() bug
- Don't try to handle HDIO_DRIVE_TASKFILE in drivers/ide
- More documentation improvements
Changes since v1:
- move out the bugfixes into a branch for itself
- clean up scsi sg driver further as suggested by Christoph Hellwig
- avoid some ifdefs by moving compat_ptr() out of asm/compat.h
- split out the blkdev_compat_ptr_ioctl function; bug spotted by
Ben Hutchings
- Improve formatting of documentation
[1] https://lore.kernel.org/linux-block/20191211204306.1207817-1-arnd@arndb.de/…
----------------------------------------------------------------
Arnd Bergmann (22):
compat: ARM64: always include asm-generic/compat.h
compat: provide compat_ptr() on all architectures
compat: scsi: sg: fix v3 compat read/write interface
compat_ioctl: block: add blkdev_compat_ptr_ioctl
compat_ioctl: ubd, aoe: use blkdev_compat_ptr_ioctl
compat_ioctl: move CDROM_SEND_PACKET handling into scsi
compat_ioctl: move CDROMREADADIO to cdrom.c
compat_ioctl: cdrom: handle CDROM_LAST_WRITTEN
compat_ioctl: block: handle cdrom compat ioctl in non-cdrom drivers
compat_ioctl: add scsi_compat_ioctl
compat_ioctl: bsg: add handler
compat_ioctl: ide: floppy: add handler
compat_ioctl: scsi: move ioctl handling into drivers
compat_ioctl: move sys_compat_ioctl() to ioctl.c
compat_ioctl: simplify the implementation
compat_ioctl: move cdrom commands into cdrom.c
compat_ioctl: scsi: handle HDIO commands from drivers
compat_ioctl: move HDIO ioctl handling into drivers/ide
compat_ioctl: block: move blkdev_compat_ioctl() into ioctl.c
compat_ioctl: block: simplify compat_blkpg_ioctl()
compat_ioctl: simplify up block/ioctl.c
Documentation: document ioctl interfaces better
Documentation/core-api/index.rst | 1 +
Documentation/core-api/ioctl.rst | 253 +++++++++++++++
arch/arm64/include/asm/compat.h | 22 +-
arch/mips/include/asm/compat.h | 18 --
arch/parisc/include/asm/compat.h | 17 -
arch/powerpc/include/asm/compat.h | 17 -
arch/powerpc/oprofile/backtrace.c | 2 +-
arch/s390/include/asm/compat.h | 6 +-
arch/sparc/include/asm/compat.h | 17 -
arch/um/drivers/ubd_kern.c | 1 +
arch/x86/include/asm/compat.h | 17 -
block/Makefile | 1 -
block/bsg.c | 1 +
block/compat_ioctl.c | 427 -------------------------
block/ioctl.c | 319 ++++++++++++++----
block/scsi_ioctl.c | 214 ++++++++-----
drivers/ata/libata-scsi.c | 9 +
drivers/block/aoe/aoeblk.c | 1 +
drivers/block/floppy.c | 3 +
drivers/block/paride/pcd.c | 3 +
drivers/block/paride/pd.c | 1 +
drivers/block/paride/pf.c | 1 +
drivers/block/pktcdvd.c | 26 +-
drivers/block/sunvdc.c | 1 +
drivers/block/virtio_blk.c | 3 +
drivers/block/xen-blkfront.c | 1 +
drivers/cdrom/cdrom.c | 35 +-
drivers/cdrom/gdrom.c | 3 +
drivers/ide/ide-cd.c | 38 +++
drivers/ide/ide-disk.c | 1 +
drivers/ide/ide-floppy.c | 4 +
drivers/ide/ide-floppy.h | 2 +
drivers/ide/ide-floppy_ioctl.c | 35 ++
drivers/ide/ide-gd.c | 17 +
drivers/ide/ide-ioctls.c | 47 ++-
drivers/ide/ide-tape.c | 11 +
drivers/scsi/aic94xx/aic94xx_init.c | 3 +
drivers/scsi/ch.c | 9 +-
drivers/scsi/hisi_sas/hisi_sas_v1_hw.c | 3 +
drivers/scsi/hisi_sas/hisi_sas_v2_hw.c | 3 +
drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 3 +
drivers/scsi/ipr.c | 3 +
drivers/scsi/isci/init.c | 3 +
drivers/scsi/mvsas/mv_init.c | 3 +
drivers/scsi/pm8001/pm8001_init.c | 3 +
drivers/scsi/scsi_ioctl.c | 54 +++-
drivers/scsi/sd.c | 50 ++-
drivers/scsi/sg.c | 170 +++++-----
drivers/scsi/sr.c | 53 ++-
drivers/scsi/st.c | 51 +--
fs/Makefile | 2 +-
fs/compat_ioctl.c | 261 ---------------
fs/internal.h | 6 -
fs/ioctl.c | 131 ++++++--
include/linux/blkdev.h | 7 +
include/linux/compat.h | 18 ++
include/linux/falloc.h | 2 -
include/linux/fs.h | 4 -
include/linux/ide.h | 2 +
include/linux/libata.h | 6 +
include/scsi/scsi_ioctl.h | 1 +
include/scsi/sg.h | 30 ++
62 files changed, 1269 insertions(+), 1187 deletions(-)
create mode 100644 Documentation/core-api/ioctl.rst
delete mode 100644 block/compat_ioctl.c
delete mode 100644 fs/compat_ioctl.c
--
2.20.0
Cc: linux-scsi(a)vger.kernel.org
Cc: linux-block(a)vger.kernel.org
Cc: y2038(a)lists.linaro.org
Cc: linux-kernel(a)vger.kernel.org
Cc: Christoph Hellwig <hch(a)lst.de>
Cc: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
Cc: linux-doc(a)vger.kernel.org
Cc: corbet(a)lwn.net
Cc: viro(a)zeniv.linux.org.uk
Cc: linux-fsdevel(a)vger.kernel.org
Cc: Jens Axboe <axboe(a)kernel.dk>
Good luck, try to answer immediately, you have good news
.................................................................................................
Boa sorte, tente responder imediatamente, você tem boas notícias
Hi Bruce, Chuck,
NFSd is one of the last areas of the kernel that is not y2038 safe
yet, this series addresses the remaining issues here.
I did not get any comments for the first version I posted [1], and
I hope this just means that everything was fine and you plan to
merge this soon ;-)
I uploaded a git branch to [2] for testing.
Please review and merge for linux-5.6 so we can remove the 32-bit
time handling from that release.
Arnd
Changes from v1:
- separate nfs and nfsd, as most of the nfs changes are merged now
- rebase to v5.5
[1] https://lore.kernel.org/lkml/20191111201639.2240623-1-arnd@arndb.de/
[2] https://git.kernel.org/pub/scm/linux/kernel/git/arnd/playground.git/log/?h=…
Arnd Bergmann (12):
nfsd: use ktime_get_seconds() for timestamps
nfsd: print 64-bit timestamps in client_info_show
nfsd: handle nfs3 timestamps as unsigned
nfsd: use timespec64 in encode_time_delta
nfsd: make 'boot_time' 64-bit wide
nfsd: pass a 64-bit guardtime to nfsd_setattr()
nfsd: use time64_t in nfsd_proc_setattr() check
nfsd: fix delay timer on 32-bit architectures
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: use boottime for lease expiry alculation
nfsd: use ktime_get_real_seconds() in nfs4_verifier
nfsd: remove nfs4_reset_lease() declarations
fs/nfsd/netns.h | 6 ++--
fs/nfsd/nfs3xdr.c | 20 +++++--------
fs/nfsd/nfs4callback.c | 7 ++++-
fs/nfsd/nfs4layouts.c | 2 +-
fs/nfsd/nfs4proc.c | 2 +-
fs/nfsd/nfs4recover.c | 8 ++---
fs/nfsd/nfs4state.c | 68 ++++++++++++++++++++----------------------
fs/nfsd/nfs4xdr.c | 4 +--
fs/nfsd/nfsctl.c | 6 ++--
fs/nfsd/nfsd.h | 2 --
fs/nfsd/nfsfh.h | 4 +--
fs/nfsd/nfsproc.c | 6 ++--
fs/nfsd/state.h | 10 +++----
fs/nfsd/vfs.c | 4 +--
fs/nfsd/vfs.h | 2 +-
fs/nfsd/xdr3.h | 2 +-
16 files changed, 74 insertions(+), 79 deletions(-)
--
2.20.0
I'm in the process of finishing up the last bits on y2038-unsafe
code in the kernel, this series is for v4l2, which has no problem
with overflow, but has multiple ioctls that break with user space
built against a new 32-bit libc.
I posted similar patches as part of a series back in 2015, the
new version was rewritten from scratch and I double-checked with
the old version to make sure I did not miss anything I had already
taken care of before.
Hans Verkuil worked on a different patch set in 2017, but this
also did not get to the point of being merged.
My new version contains compat-ioctl support, which the old one
did not and should be complete, but given its size likely contains
bugs. I did randconfig build tests, but no runtime test, so
careful review as well as testing would be much appreciated.
With this version, the newly added code takes care of the existing
ABI, while the existing code got moved to the 64-bit time_t
interface and is used internally. This means that testing with
existing binaries should exercise most of the modifications
and if that works and doesn't get shot down in review, we can
probably live without testing the new ABI explicitly.
I'm not entirely happy with the compat-ioctl implementation that
adds quite a bit of code duplication, but I hope this is
acceptable anyway, as a better implementation would likely
require a larger refactoring of the compat-ioctl file, while
my approach simply adds support for the additional data structure
variants.
I uploaded git branch on top of the v4l2/dvb branch to [2].
Arnd
Changes since v4:
- Move non-public contents out of uapi header
- split out __kernel_v4l2_timeval into separate struct
- use compound initializers for v4l2_event_time32 and
v4l2_buffer_time32 conversion
- add comment for v4l2_buffer_get_timestamp()
Changes since v3:
- This is a minor update compared to version 3 of this series,
with bugfixes for small mistakes that I found or that were
reported by automated build bots.
[1] https://lwn.net/Articles/657754/
[2] https://git.kernel.org/pub/scm/linux/kernel/git/arnd/playground.git/log/?h=…
Arnd Bergmann (8):
media: documentation: fix video_event description
media: v4l2: abstract timeval handling in v4l2_buffer
media: v4l2-core: compat: ignore native command codes
media: v4l2-core: split out data copy from video_usercopy
media: v4l2-core: fix VIDIOC_DQEVENT for time64 ABI
media: v4l2-core: fix v4l2_buffer handling for time64 ABI
media: v4l2-core: fix compat VIDIOC_DQEVENT for time64 ABI
media: v4l2-core: fix compat v4l2_buffer handling for time64 ABI
.../media/uapi/dvb/video-get-event.rst | 2 +-
Documentation/media/uapi/dvb/video_types.rst | 2 +-
.../media/common/videobuf2/videobuf2-v4l2.c | 4 +-
drivers/media/pci/meye/meye.c | 4 +-
drivers/media/usb/cpia2/cpia2_v4l.c | 4 +-
drivers/media/usb/stkwebcam/stk-webcam.c | 2 +-
drivers/media/usb/usbvision/usbvision-video.c | 4 +-
drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 470 +++++++++++++++---
drivers/media/v4l2-core/v4l2-event.c | 5 +-
drivers/media/v4l2-core/v4l2-ioctl.c | 209 ++++++--
drivers/media/v4l2-core/v4l2-subdev.c | 26 +-
drivers/media/v4l2-core/videobuf-core.c | 5 +-
include/media/v4l2-common.h | 21 +
include/media/v4l2-ioctl.h | 55 ++
include/trace/events/v4l2.h | 2 +-
include/uapi/linux/videodev2.h | 29 ++
16 files changed, 709 insertions(+), 135 deletions(-)
--
2.20.0
