summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorBaolin Wang <baolin.wang@linaro.org>2016-04-08 14:02:11 +0800
committerJohn Stultz <john.stultz@linaro.org>2016-04-22 11:48:30 -0700
commit457db29bfcfd1d9cc717587c446a89d60499d4a9 (patch)
tree2416285b5a4c69e386e136df9e649825c5fab6fd /security
parent02fad5e9b433da3829d39f0afb3c51b4b6409ed5 (diff)
security: Introduce security_settime64()
security_settime() uses a timespec, which is not year 2038 safe on 32bit systems. Thus this patch introduces the security_settime64() function with timespec64 type. We also convert the cap_settime() helper function to use the 64bit types. This patch then moves security_settime() to the header file as an inline helper function so that existing users can be iteratively converted. None of the existing hooks is using the timespec argument and therefor the patch is not making any functional changes. Cc: Serge Hallyn <serge.hallyn@canonical.com>, Cc: James Morris <james.l.morris@oracle.com>, Cc: "Serge E. Hallyn" <serge@hallyn.com>, Cc: Paul Moore <pmoore@redhat.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Kees Cook <keescook@chromium.org> Cc: Prarit Bhargava <prarit@redhat.com> Cc: Richard Cochran <richardcochran@gmail.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@kernel.org> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Baolin Wang <baolin.wang@linaro.org> [jstultz: Reworded commit message] Signed-off-by: John Stultz <john.stultz@linaro.org>
Diffstat (limited to 'security')
-rw-r--r--security/commoncap.c2
-rw-r--r--security/security.c2
2 files changed, 2 insertions, 2 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 48071ed7c445..2074bf6a2fe3 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -111,7 +111,7 @@ int cap_capable(const struct cred *cred, struct user_namespace *targ_ns,
* Determine whether the current process may set the system clock and timezone
* information, returning 0 if permission granted, -ve if denied.
*/
-int cap_settime(const struct timespec *ts, const struct timezone *tz)
+int cap_settime(const struct timespec64 *ts, const struct timezone *tz)
{
if (!capable(CAP_SYS_TIME))
return -EPERM;
diff --git a/security/security.c b/security/security.c
index 3644b0344d29..8c44a64f191d 100644
--- a/security/security.c
+++ b/security/security.c
@@ -208,7 +208,7 @@ int security_syslog(int type)
return call_int_hook(syslog, 0, type);
}
-int security_settime(const struct timespec *ts, const struct timezone *tz)
+int security_settime64(const struct timespec64 *ts, const struct timezone *tz)
{
return call_int_hook(settime, 0, ts, tz);
}