Subject: [PATCH 0/6] Make ipc y2038 safe
The series aims to transition internal workings of ipc subsystem to use y2038-safe types and apis.
The series is based on Al Viro's #work.ipc branch.
Deepa Dinamani (6): ipc: Make sys_semtimedop() y2038 safe ipc: mqueue: Replace timespec with timespec64 ipc: msg: Make msg_queue timestamps y2038 safe ipc: sem: Make sem_array timestamps y2038 safe ipc: shm: Make shmid_kernel timestamps y2038 safe utimes: Make utimes y2038 safe
fs/utimes.c | 23 ++++++++++++----------- include/linux/audit.h | 6 +++--- include/linux/msg.h | 7 ++++--- include/linux/sem.h | 3 ++- include/linux/shm.h | 6 +++--- include/linux/time.h | 2 +- init/initramfs.c | 2 +- ipc/mqueue.c | 28 ++++++++++++++-------------- ipc/msg.c | 12 ++++++------ ipc/sem.c | 34 +++++++++++++++++----------------- ipc/shm.c | 16 ++++++++-------- kernel/audit.h | 2 +- kernel/auditsc.c | 12 ++++++------ 13 files changed, 78 insertions(+), 75 deletions(-)
struct timespec is not y2038 safe on 32 bit machines. Replace timespec with y2038 safe struct timespec64.
Note that the patch only changes the internals without modifying the syscall interface. This will be part of a separate series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com --- ipc/sem.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/ipc/sem.c b/ipc/sem.c index 8b3b40c54a58..b41cd00d104c 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -1861,7 +1861,7 @@ static struct sem_undo *find_alloc_undo(struct ipc_namespace *ns, int semid) }
static long do_semtimedop(int semid, struct sembuf __user *tsops, - unsigned nsops, const struct timespec *timeout) + unsigned nsops, const struct timespec64 *timeout) { int error = -EINVAL; struct sem_array *sma; @@ -1897,7 +1897,7 @@ static long do_semtimedop(int semid, struct sembuf __user *tsops, error = -EINVAL; goto out_free; } - jiffies_left = timespec_to_jiffies(timeout); + jiffies_left = timespec64_to_jiffies(timeout); }
max = 0; @@ -2116,8 +2116,8 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops, unsigned, nsops, const struct timespec __user *, timeout) { if (timeout) { - struct timespec ts; - if (copy_from_user(&ts, timeout, sizeof(*timeout))) + struct timespec64 ts; + if (get_timespec64(&ts, timeout)) return -EFAULT; return do_semtimedop(semid, tsops, nsops, &ts); } @@ -2130,8 +2130,8 @@ COMPAT_SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsems, const struct compat_timespec __user *, timeout) { if (timeout) { - struct timespec ts; - if (compat_get_timespec(&ts, timeout)) + struct timespec64 ts; + if (compat_get_timespec64(&ts, timeout)) return -EFAULT; return do_semtimedop(semid, tsems, nsops, &ts); }
struct timespec is not y2038 safe. Replace all uses of timespec by y2038 safe struct timespec64.
Even though timespec is used here to represent timeouts, replace these with timespec64 so that it facilitates in verification by creating a y2038 safe kernel image that is free of timespec.
The syscall interfaces themselves are not changed as part of the patch. They will be part of a different series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com Cc: Paul Moore paul@paul-moore.com Cc: Richard Guy Briggs rgb@redhat.com --- include/linux/audit.h | 6 +++--- ipc/mqueue.c | 28 ++++++++++++++-------------- kernel/audit.h | 2 +- kernel/auditsc.c | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/include/linux/audit.h b/include/linux/audit.h index 2150bdccfbab..74d4d4e8e3db 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -351,7 +351,7 @@ extern int __audit_socketcall(int nargs, unsigned long *args); extern int __audit_sockaddr(int len, void *addr); extern void __audit_fd_pair(int fd1, int fd2); extern void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr); -extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout); +extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout); extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification); extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat); extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm, @@ -412,7 +412,7 @@ static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) if (unlikely(!audit_dummy_context())) __audit_mq_open(oflag, mode, attr); } -static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout) +static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec64 *abs_timeout) { if (unlikely(!audit_dummy_context())) __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout); @@ -549,7 +549,7 @@ static inline void audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) { } static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, - const struct timespec *abs_timeout) + const struct timespec64 *abs_timeout) { } static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification) diff --git a/ipc/mqueue.c b/ipc/mqueue.c index c9ff943f19ab..5be1346a9167 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -668,11 +668,11 @@ static void __do_notify(struct mqueue_inode_info *info) }
static int prepare_timeout(const struct timespec __user *u_abs_timeout, - struct timespec *ts) + struct timespec64 *ts) { - if (copy_from_user(ts, u_abs_timeout, sizeof(struct timespec))) + if (get_timespec64(ts, u_abs_timeout)) return -EFAULT; - if (!timespec_valid(ts)) + if (!timespec64_valid(ts)) return -EINVAL; return 0; } @@ -962,7 +962,7 @@ static inline void pipelined_receive(struct wake_q_head *wake_q,
static int do_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr, size_t msg_len, unsigned int msg_prio, - struct timespec *ts) + struct timespec64 *ts) { struct fd f; struct inode *inode; @@ -979,7 +979,7 @@ static int do_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr, return -EINVAL;
if (ts) { - expires = timespec_to_ktime(*ts); + expires = timespec64_to_ktime(*ts); timeout = &expires; }
@@ -1080,7 +1080,7 @@ static int do_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
static int do_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr, size_t msg_len, unsigned int __user *u_msg_prio, - struct timespec *ts) + struct timespec64 *ts) { ssize_t ret; struct msg_msg *msg_ptr; @@ -1092,7 +1092,7 @@ static int do_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr, struct posix_msg_tree_node *new_leaf = NULL;
if (ts) { - expires = timespec_to_ktime(*ts); + expires = timespec64_to_ktime(*ts); timeout = &expires; }
@@ -1184,7 +1184,7 @@ SYSCALL_DEFINE5(mq_timedsend, mqd_t, mqdes, const char __user *, u_msg_ptr, size_t, msg_len, unsigned int, msg_prio, const struct timespec __user *, u_abs_timeout) { - struct timespec ts, *p = NULL; + struct timespec64 ts, *p = NULL; if (u_abs_timeout) { int res = prepare_timeout(u_abs_timeout, &ts); if (res) @@ -1198,7 +1198,7 @@ SYSCALL_DEFINE5(mq_timedreceive, mqd_t, mqdes, char __user *, u_msg_ptr, size_t, msg_len, unsigned int __user *, u_msg_prio, const struct timespec __user *, u_abs_timeout) { - struct timespec ts, *p = NULL; + struct timespec64 ts, *p = NULL; if (u_abs_timeout) { int res = prepare_timeout(u_abs_timeout, &ts); if (res) @@ -1473,11 +1473,11 @@ COMPAT_SYSCALL_DEFINE4(mq_open, const char __user *, u_name, }
static int compat_prepare_timeout(const struct compat_timespec __user *p, - struct timespec *ts) + struct timespec64 *ts) { - if (compat_get_timespec(ts, p)) + if (compat_get_timespec64(ts, p)) return -EFAULT; - if (!timespec_valid(ts)) + if (!timespec64_valid(ts)) return -EINVAL; return 0; } @@ -1487,7 +1487,7 @@ COMPAT_SYSCALL_DEFINE5(mq_timedsend, mqd_t, mqdes, compat_size_t, msg_len, unsigned int, msg_prio, const struct compat_timespec __user *, u_abs_timeout) { - struct timespec ts, *p = NULL; + struct timespec64 ts, *p = NULL; if (u_abs_timeout) { int res = compat_prepare_timeout(u_abs_timeout, &ts); if (res) @@ -1502,7 +1502,7 @@ COMPAT_SYSCALL_DEFINE5(mq_timedreceive, mqd_t, mqdes, compat_size_t, msg_len, unsigned int __user *, u_msg_prio, const struct compat_timespec __user *, u_abs_timeout) { - struct timespec ts, *p = NULL; + struct timespec64 ts, *p = NULL; if (u_abs_timeout) { int res = compat_prepare_timeout(u_abs_timeout, &ts); if (res) diff --git a/kernel/audit.h b/kernel/audit.h index b331d9b83f63..9b110ae17ee3 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -182,7 +182,7 @@ struct audit_context { mqd_t mqdes; size_t msg_len; unsigned int msg_prio; - struct timespec abs_timeout; + struct timespec64 abs_timeout; } mq_sendrecv; struct { int oflag; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 3260ba2312a9..d0870f8e3656 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1235,11 +1235,11 @@ static void show_special(struct audit_context *context, int *call_panic) case AUDIT_MQ_SENDRECV: audit_log_format(ab, "mqdes=%d msg_len=%zd msg_prio=%u " - "abs_timeout_sec=%ld abs_timeout_nsec=%ld", + "abs_timeout_sec=%lld abs_timeout_nsec=%ld", context->mq_sendrecv.mqdes, context->mq_sendrecv.msg_len, context->mq_sendrecv.msg_prio, - context->mq_sendrecv.abs_timeout.tv_sec, + (long long) context->mq_sendrecv.abs_timeout.tv_sec, context->mq_sendrecv.abs_timeout.tv_nsec); break; case AUDIT_MQ_NOTIFY: @@ -2083,15 +2083,15 @@ void __audit_mq_open(int oflag, umode_t mode, struct mq_attr *attr) * */ void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, - const struct timespec *abs_timeout) + const struct timespec64 *abs_timeout) { struct audit_context *context = current->audit_context; - struct timespec *p = &context->mq_sendrecv.abs_timeout; + struct timespec64 *p = &context->mq_sendrecv.abs_timeout;
if (abs_timeout) - memcpy(p, abs_timeout, sizeof(struct timespec)); + memcpy(p, abs_timeout, sizeof(struct timespec64)); else - memset(p, 0, sizeof(struct timespec)); + memset(p, 0, sizeof(struct timespec64));
context->mq_sendrecv.mqdes = mqdes; context->mq_sendrecv.msg_len = msg_len;
time_t is not y2038 safe. Replace all uses of time_t by y2038 safe time64_t.
Similarly, replace the calls to get_seconds() with y2038 safe ktime_get_real_seconds(). Note that this preserves fast access on 64 bit systems, but 32 bit systems need sequence counters.
The syscall interfaces themselves are not changed as part of the patch. They will be part of a different series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com --- include/linux/msg.h | 7 ++++--- ipc/msg.c | 12 ++++++------ 2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/include/linux/msg.h b/include/linux/msg.h index 4e5ec3cbf464..05115342daa3 100644 --- a/include/linux/msg.h +++ b/include/linux/msg.h @@ -2,6 +2,7 @@ #define _LINUX_MSG_H
#include <linux/list.h> +#include <linux/time64.h> #include <uapi/linux/msg.h>
/* one msg_msg structure for each message */ @@ -17,9 +18,9 @@ struct msg_msg { /* one msq_queue structure for each present queue on the system */ struct msg_queue { struct kern_ipc_perm q_perm; - time_t q_stime; /* last msgsnd time */ - time_t q_rtime; /* last msgrcv time */ - time_t q_ctime; /* last change time */ + time64_t q_stime; /* last msgsnd time */ + time64_t q_rtime; /* last msgrcv time */ + time64_t q_ctime; /* last change time */ unsigned long q_cbytes; /* current number of bytes on queue */ unsigned long q_qnum; /* number of messages in queue */ unsigned long q_qbytes; /* max number of bytes on queue */ diff --git a/ipc/msg.c b/ipc/msg.c index 14369ad6c5ca..e967f0e3fe69 100644 --- a/ipc/msg.c +++ b/ipc/msg.c @@ -133,7 +133,7 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params) }
msq->q_stime = msq->q_rtime = 0; - msq->q_ctime = get_seconds(); + msq->q_ctime = ktime_get_real_seconds(); msq->q_cbytes = msq->q_qnum = 0; msq->q_qbytes = ns->msg_ctlmnb; msq->q_lspid = msq->q_lrpid = 0; @@ -406,7 +406,7 @@ static int msgctl_down(struct ipc_namespace *ns, int msqid, int cmd,
msq->q_qbytes = msqid64->msg_qbytes;
- msq->q_ctime = get_seconds(); + msq->q_ctime = ktime_get_real_seconds(); /* * Sleeping receivers might be excluded by * stricter permissions. @@ -1181,7 +1181,7 @@ static int sysvipc_msg_proc_show(struct seq_file *s, void *it) struct msg_queue *msq = it;
seq_printf(s, - "%10d %10d %4o %10lu %10lu %5u %5u %5u %5u %5u %5u %10lu %10lu %10lu\n", + "%10d %10d %4o %10lu %10lu %5u %5u %5u %5u %5u %5u %10llu %10llu %10llu\n", msq->q_perm.key, msq->q_perm.id, msq->q_perm.mode, @@ -1193,9 +1193,9 @@ static int sysvipc_msg_proc_show(struct seq_file *s, void *it) from_kgid_munged(user_ns, msq->q_perm.gid), from_kuid_munged(user_ns, msq->q_perm.cuid), from_kgid_munged(user_ns, msq->q_perm.cgid), - msq->q_stime, - msq->q_rtime, - msq->q_ctime); + (unsigned long long) msq->q_stime, + (unsigned long long) msq->q_rtime, + (unsigned long long) msq->q_ctime);
return 0; }
time_t is not y2038 safe. Replace all uses of time_t by y2038 safe time64_t.
Similarly, replace the calls to get_seconds() with y2038 safe ktime_get_real_seconds(). Note that this preserves fast access on 64 bit systems, but 32 bit systems need sequence counters.
The syscall interface themselves are not changed as part of the patch. They will be part of a different series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com --- include/linux/sem.h | 3 ++- ipc/sem.c | 22 +++++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/include/linux/sem.h b/include/linux/sem.h index 9edec926e9d9..8012ce99f72f 100644 --- a/include/linux/sem.h +++ b/include/linux/sem.h @@ -4,6 +4,7 @@ #include <linux/atomic.h> #include <linux/rcupdate.h> #include <linux/cache.h> +#include <linux/time64.h> #include <uapi/linux/sem.h>
struct task_struct; @@ -11,7 +12,7 @@ struct task_struct; /* One sem_array data structure for each set of semaphores in the system. */ struct sem_array { struct kern_ipc_perm sem_perm; /* permissions .. see ipc.h */ - time_t sem_ctime; /* last change time */ + time64_t sem_ctime; /* last change time */ struct sem *sem_base; /* ptr to first semaphore in array */ struct list_head pending_alter; /* pending operations */ /* that alter the array */ diff --git a/ipc/sem.c b/ipc/sem.c index b41cd00d104c..b1ca22844b98 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -518,7 +518,7 @@ static int newary(struct ipc_namespace *ns, struct ipc_params *params) INIT_LIST_HEAD(&sma->pending_const); INIT_LIST_HEAD(&sma->list_id); sma->sem_nsems = nsems; - sma->sem_ctime = get_seconds(); + sma->sem_ctime = ktime_get_real_seconds();
id = ipc_addid(&sem_ids(ns), &sma->sem_perm, ns->sc_semmni); if (id < 0) { @@ -1169,14 +1169,14 @@ static unsigned long copy_semid_to_user(void __user *buf, struct semid64_ds *in, } }
-static time_t get_semotime(struct sem_array *sma) +static time64_t get_semotime(struct sem_array *sma) { int i; - time_t res; + time64_t res;
res = sma->sem_base[0].sem_otime; for (i = 1; i < sma->sem_nsems; i++) { - time_t to = sma->sem_base[i].sem_otime; + time64_t to = sma->sem_base[i].sem_otime;
if (to > res) res = to; @@ -1316,7 +1316,7 @@ static int semctl_setval(struct ipc_namespace *ns, int semid, int semnum,
curr->semval = val; curr->sempid = task_tgid_vnr(current); - sma->sem_ctime = get_seconds(); + sma->sem_ctime = ktime_get_real_seconds(); /* maybe some queued-up processes were waiting for this */ do_smart_update(sma, NULL, 0, 0, &wake_q); sem_unlock(sma, -1); @@ -1442,7 +1442,7 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum, for (i = 0; i < nsems; i++) un->semadj[i] = 0; } - sma->sem_ctime = get_seconds(); + sma->sem_ctime = ktime_get_real_seconds(); /* maybe some queued-up processes were waiting for this */ do_smart_update(sma, NULL, 0, 0, &wake_q); err = 0; @@ -1552,7 +1552,7 @@ static int semctl_down(struct ipc_namespace *ns, int semid, err = ipc_update_perm(&semid64->sem_perm, ipcp); if (err) goto out_unlock0; - sma->sem_ctime = get_seconds(); + sma->sem_ctime = ktime_get_real_seconds(); break; default: err = -EINVAL; @@ -2297,7 +2297,7 @@ static int sysvipc_sem_proc_show(struct seq_file *s, void *it) { struct user_namespace *user_ns = seq_user_ns(s); struct sem_array *sma = it; - time_t sem_otime; + time64_t sem_otime;
/* * The proc interface isn't aware of sem_lock(), it calls @@ -2310,7 +2310,7 @@ static int sysvipc_sem_proc_show(struct seq_file *s, void *it) sem_otime = get_semotime(sma);
seq_printf(s, - "%10d %10d %4o %10u %5u %5u %5u %5u %10lu %10lu\n", + "%10d %10d %4o %10u %5u %5u %5u %5u %10llu %10llu\n", sma->sem_perm.key, sma->sem_perm.id, sma->sem_perm.mode, @@ -2319,8 +2319,8 @@ static int sysvipc_sem_proc_show(struct seq_file *s, void *it) from_kgid_munged(user_ns, sma->sem_perm.gid), from_kuid_munged(user_ns, sma->sem_perm.cuid), from_kgid_munged(user_ns, sma->sem_perm.cgid), - sem_otime, - sma->sem_ctime); + (unsigned long long) sem_otime, + (unsigned long long) sma->sem_ctime);
complexmode_tryleave(sma);
time_t is not y2038 safe. Replace all uses of time_t by y2038 safe time64_t.
Similarly, replace the calls to get_seconds() with y2038 safe ktime_get_real_seconds(). Note that this preserves fast access on 64 bit systems, but 32 bit systems need sequence counters.
The syscall interfaces themselves are not changed as part of the patch. They will be part of a different series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com --- include/linux/shm.h | 6 +++--- ipc/shm.c | 16 ++++++++-------- 2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/include/linux/shm.h b/include/linux/shm.h index 04e881829625..7bb897b25309 100644 --- a/include/linux/shm.h +++ b/include/linux/shm.h @@ -12,9 +12,9 @@ struct shmid_kernel /* private to the kernel */ struct file *shm_file; unsigned long shm_nattch; unsigned long shm_segsz; - time_t shm_atim; - time_t shm_dtim; - time_t shm_ctim; + time64_t shm_atim; + time64_t shm_dtim; + time64_t shm_ctim; pid_t shm_cprid; pid_t shm_lprid; struct user_struct *mlock_user; diff --git a/ipc/shm.c b/ipc/shm.c index c547388487c1..f4ed20199eb4 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -199,7 +199,7 @@ static int __shm_open(struct vm_area_struct *vma) if (IS_ERR(shp)) return PTR_ERR(shp);
- shp->shm_atim = get_seconds(); + shp->shm_atim = ktime_get_real_seconds(); shp->shm_lprid = task_tgid_vnr(current); shp->shm_nattch++; shm_unlock(shp); @@ -286,7 +286,7 @@ static void shm_close(struct vm_area_struct *vma) goto done; /* no-op */
shp->shm_lprid = task_tgid_vnr(current); - shp->shm_dtim = get_seconds(); + shp->shm_dtim = ktime_get_real_seconds(); shp->shm_nattch--; if (shm_may_destroy(ns, shp)) shm_destroy(ns, shp); @@ -592,7 +592,7 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) shp->shm_cprid = task_tgid_vnr(current); shp->shm_lprid = 0; shp->shm_atim = shp->shm_dtim = 0; - shp->shm_ctim = get_seconds(); + shp->shm_ctim = ktime_get_real_seconds(); shp->shm_segsz = size; shp->shm_nattch = 0; shp->shm_file = file; @@ -848,7 +848,7 @@ static int shmctl_down(struct ipc_namespace *ns, int shmid, int cmd, err = ipc_update_perm(&shmid64->shm_perm, ipcp); if (err) goto out_unlock0; - shp->shm_ctim = get_seconds(); + shp->shm_ctim = ktime_get_real_seconds(); break; default: err = -EINVAL; @@ -1588,7 +1588,7 @@ static int sysvipc_shm_proc_show(struct seq_file *s, void *it)
seq_printf(s, "%10d %10d %4o " SIZE_SPEC " %5u %5u " - "%5lu %5u %5u %5u %5u %10lu %10lu %10lu " + "%5lu %5u %5u %5u %5u %10llu %10llu %10llu " SIZE_SPEC " " SIZE_SPEC "\n", shp->shm_perm.key, shp->shm_perm.id, @@ -1601,9 +1601,9 @@ static int sysvipc_shm_proc_show(struct seq_file *s, void *it) from_kgid_munged(user_ns, shp->shm_perm.gid), from_kuid_munged(user_ns, shp->shm_perm.cuid), from_kgid_munged(user_ns, shp->shm_perm.cgid), - shp->shm_atim, - shp->shm_dtim, - shp->shm_ctim, + (unsigned long long) shp->shm_atim, + (unsigned long long) shp->shm_dtim, + (unsigned long long) shp->shm_ctim, rss * PAGE_SIZE, swp * PAGE_SIZE);
struct timespec is not y2038 safe on 32 bit machines. Replace timespec with y2038 safe struct timespec64.
Note that the patch only changes the internals without modifying the syscall interfaces. This will be part of a separate series.
Signed-off-by: Deepa Dinamani deepa.kernel@gmail.com --- fs/utimes.c | 23 ++++++++++++----------- include/linux/time.h | 2 +- init/initramfs.c | 2 +- 3 files changed, 14 insertions(+), 13 deletions(-)
diff --git a/fs/utimes.c b/fs/utimes.c index 6571d8c848a0..51edb9f9507c 100644 --- a/fs/utimes.c +++ b/fs/utimes.c @@ -22,7 +22,7 @@ */ SYSCALL_DEFINE2(utime, char __user *, filename, struct utimbuf __user *, times) { - struct timespec tv[2]; + struct timespec64 tv[2];
if (times) { if (get_user(tv[0].tv_sec, ×->actime) || @@ -44,7 +44,7 @@ static bool nsec_valid(long nsec) return nsec >= 0 && nsec <= 999999999; }
-static int utimes_common(const struct path *path, struct timespec *times) +static int utimes_common(const struct path *path, struct timespec64 *times) { int error; struct iattr newattrs; @@ -115,7 +115,7 @@ static int utimes_common(const struct path *path, struct timespec *times) * must be owner or have write permission. * Else, update from *times, must be owner or super user. */ -long do_utimes(int dfd, const char __user *filename, struct timespec *times, +long do_utimes(int dfd, const char __user *filename, struct timespec64 *times, int flags) { int error = -EINVAL; @@ -167,10 +167,11 @@ long do_utimes(int dfd, const char __user *filename, struct timespec *times, SYSCALL_DEFINE4(utimensat, int, dfd, const char __user *, filename, struct timespec __user *, utimes, int, flags) { - struct timespec tstimes[2]; + struct timespec64 tstimes[2];
if (utimes) { - if (copy_from_user(&tstimes, utimes, sizeof(tstimes))) + if ((get_timespec64(&tstimes[0], &utimes[0]) || + get_timespec64(&tstimes[1], &utimes[1]))) return -EFAULT;
/* Nothing to do, we must not even check the path. */ @@ -186,7 +187,7 @@ SYSCALL_DEFINE3(futimesat, int, dfd, const char __user *, filename, struct timeval __user *, utimes) { struct timeval times[2]; - struct timespec tstimes[2]; + struct timespec64 tstimes[2];
if (utimes) { if (copy_from_user(×, utimes, sizeof(times))) @@ -224,7 +225,7 @@ SYSCALL_DEFINE2(utimes, char __user *, filename, COMPAT_SYSCALL_DEFINE2(utime, const char __user *, filename, struct compat_utimbuf __user *, t) { - struct timespec tv[2]; + struct timespec64 tv[2];
if (t) { if (get_user(tv[0].tv_sec, &t->actime) || @@ -238,11 +239,11 @@ COMPAT_SYSCALL_DEFINE2(utime, const char __user *, filename,
COMPAT_SYSCALL_DEFINE4(utimensat, unsigned int, dfd, const char __user *, filename, struct compat_timespec __user *, t, int, flags) { - struct timespec tv[2]; + struct timespec64 tv[2];
if (t) { - if (compat_get_timespec(&tv[0], &t[0]) || - compat_get_timespec(&tv[1], &t[1])) + if (compat_get_timespec64(&tv[0], &t[0]) || + compat_get_timespec64(&tv[1], &t[1])) return -EFAULT;
if (tv[0].tv_nsec == UTIME_OMIT && tv[1].tv_nsec == UTIME_OMIT) @@ -253,7 +254,7 @@ COMPAT_SYSCALL_DEFINE4(utimensat, unsigned int, dfd, const char __user *, filena
COMPAT_SYSCALL_DEFINE3(futimesat, unsigned int, dfd, const char __user *, filename, struct compat_timeval __user *, t) { - struct timespec tv[2]; + struct timespec64 tv[2];
if (t) { if (get_user(tv[0].tv_sec, &t[0].tv_sec) || diff --git a/include/linux/time.h b/include/linux/time.h index 4abb32d4c6b8..3d0cd017f0d7 100644 --- a/include/linux/time.h +++ b/include/linux/time.h @@ -178,7 +178,7 @@ extern int do_setitimer(int which, struct itimerval *value, struct itimerval *ovalue); extern int do_getitimer(int which, struct itimerval *value);
-extern long do_utimes(int dfd, const char __user *filename, struct timespec *times, int flags); +extern long do_utimes(int dfd, const char __user *filename, struct timespec64 *times, int flags);
/* * Similar to the struct tm in userspace <time.h>, but it needs to be here so diff --git a/init/initramfs.c b/init/initramfs.c index 8a532050043f..e64bf7b4c1ca 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -110,7 +110,7 @@ static void __init free_hash(void)
static long __init do_utime(char *filename, time_t mtime) { - struct timespec t[2]; + struct timespec64 t[2];
t[0].tv_sec = mtime; t[0].tv_nsec = 0;