From: Steve Grubb <sgrubb@redhat.com>
To: linux-audit@redhat.com
Cc: Deepa Dinamani <deepa.kernel@gmail.com>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
Arnd Bergmann <arnd@arndb.de>,
y2038@lists.linaro.org, Al Viro <viro@zeniv.linux.org.uk>,
Thomas Gleixner <tglx@linutronix.de>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH 17/21] audit: Use timespec64 to represent audit timestamps
Date: Thu, 09 Jun 2016 10:31:33 -0400 [thread overview]
Message-ID: <15760445.1IAucOxmWy@x2> (raw)
In-Reply-To: <1465448705-25055-18-git-send-email-deepa.kernel@gmail.com>
On Wednesday, June 08, 2016 10:05:01 PM Deepa Dinamani wrote:
> struct timespec is not y2038 safe.
> Audit timestamps are recorded in string format into
> an audit buffer for a given context.
> These mark the entry timestamps for the syscalls.
> Use y2038 safe struct timespec64 to represent the times.
> The log strings can handle this transition as strings can
> hold upto 1024 characters.
Have you tested this with ausearch or any audit utilities? As an aside, a time
stamp that is up to 1024 characters long is terribly wasteful considering how
many events we get.
-Steve
> Signed-off-by: Deepa Dinamani <deepa.kernel@gmail.com>
> Cc: Paul Moore <paul@paul-moore.com>
> Cc: Eric Paris <eparis@redhat.com>
> Cc: linux-audit@redhat.com
> ---
> include/linux/audit.h | 4 ++--
> kernel/audit.c | 10 +++++-----
> kernel/audit.h | 2 +-
> kernel/auditsc.c | 6 +++---
> 4 files changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/include/linux/audit.h b/include/linux/audit.h
> index 961a417..2f6a1123 100644
> --- a/include/linux/audit.h
> +++ b/include/linux/audit.h
> @@ -335,7 +335,7 @@ static inline void audit_ptrace(struct task_struct *t)
> /* Private API (for audit.c only) */
> extern unsigned int audit_serial(void);
> extern int auditsc_get_stamp(struct audit_context *ctx,
> - struct timespec *t, unsigned int *serial);
> + struct timespec64 *t, unsigned int *serial);
> extern int audit_set_loginuid(kuid_t loginuid);
>
> static inline kuid_t audit_get_loginuid(struct task_struct *tsk)
> @@ -510,7 +510,7 @@ static inline void __audit_seccomp(unsigned long
> syscall, long signr, int code) static inline void audit_seccomp(unsigned
> long syscall, long signr, int code) { }
> static inline int auditsc_get_stamp(struct audit_context *ctx,
> - struct timespec *t, unsigned int *serial)
> + struct timespec64 *t, unsigned int *serial)
> {
> return 0;
> }
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 22bb4f2..6c2f405 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -1325,10 +1325,10 @@ unsigned int audit_serial(void)
> }
>
> static inline void audit_get_stamp(struct audit_context *ctx,
> - struct timespec *t, unsigned int *serial)
> + struct timespec64 *t, unsigned int *serial)
> {
> if (!ctx || !auditsc_get_stamp(ctx, t, serial)) {
> - *t = CURRENT_TIME;
> + ktime_get_real_ts64(t);
> *serial = audit_serial();
> }
> }
> @@ -1370,7 +1370,7 @@ struct audit_buffer *audit_log_start(struct
> audit_context *ctx, gfp_t gfp_mask, int type)
> {
> struct audit_buffer *ab = NULL;
> - struct timespec t;
> + struct timespec64 t;
> unsigned int uninitialized_var(serial);
> int reserve = 5; /* Allow atomic callers to go up to five
> entries over the normal backlog limit */
> @@ -1422,8 +1422,8 @@ struct audit_buffer *audit_log_start(struct
> audit_context *ctx, gfp_t gfp_mask,
>
> audit_get_stamp(ab->ctx, &t, &serial);
>
> - audit_log_format(ab, "audit(%lu.%03lu:%u): ",
> - t.tv_sec, t.tv_nsec/1000000, serial);
> + audit_log_format(ab, "audit(%llu.%03lu:%u): ",
> + (unsigned long long)t.tv_sec, t.tv_nsec/1000000, serial);
> return ab;
> }
>
> diff --git a/kernel/audit.h b/kernel/audit.h
> index cbbe6bb..029d674 100644
> --- a/kernel/audit.h
> +++ b/kernel/audit.h
> @@ -111,7 +111,7 @@ struct audit_context {
> enum audit_state state, current_state;
> unsigned int serial; /* serial number for record */
> int major; /* syscall number */
> - struct timespec ctime; /* time of syscall entry */
> + struct timespec64 ctime; /* time of syscall entry */
> unsigned long argv[4]; /* syscall arguments */
> long return_code;/* syscall return code */
> u64 prio;
> diff --git a/kernel/auditsc.c b/kernel/auditsc.c
> index 62ab53d..ecebb3c 100644
> --- a/kernel/auditsc.c
> +++ b/kernel/auditsc.c
> @@ -1523,7 +1523,7 @@ void __audit_syscall_entry(int major, unsigned long
> a1, unsigned long a2, return;
>
> context->serial = 0;
> - context->ctime = CURRENT_TIME;
> + ktime_get_real_ts64(&context->ctime);
> context->in_syscall = 1;
> context->current_state = state;
> context->ppid = 0;
> @@ -1932,13 +1932,13 @@ EXPORT_SYMBOL_GPL(__audit_inode_child);
> /**
> * auditsc_get_stamp - get local copies of audit_context values
> * @ctx: audit_context for the task
> - * @t: timespec to store time recorded in the audit_context
> + * @t: timespec64 to store time recorded in the audit_context
> * @serial: serial value that is recorded in the audit_context
> *
> * Also sets the context as auditable.
> */
> int auditsc_get_stamp(struct audit_context *ctx,
> - struct timespec *t, unsigned int *serial)
> + struct timespec64 *t, unsigned int *serial)
> {
> if (!ctx->in_syscall)
> return 0;
next prev parent reply other threads:[~2016-06-09 14:31 UTC|newest]
Thread overview: 140+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-09 5:04 [PATCH 00/21] Delete CURRENT_TIME and CURRENT_TIME_SEC macros Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Ocfs2-devel] " Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Cluster-devel] " Deepa Dinamani
2016-06-09 5:04 ` [PATCH 01/21] fs: Replace CURRENT_TIME_SEC with current_fs_time() Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 7:35 ` Jan Kara
2016-06-09 7:35 ` Jan Kara
2016-06-09 7:35 ` Jan Kara
2016-06-09 19:15 ` Linus Torvalds
2016-06-09 19:15 ` Linus Torvalds
2016-06-09 19:15 ` Linus Torvalds
2016-06-09 20:41 ` Deepa Dinamani
2016-06-09 20:41 ` Deepa Dinamani
2016-06-09 20:41 ` Deepa Dinamani
2016-06-09 12:31 ` Bob Copeland
2016-06-09 12:31 ` Bob Copeland
2016-06-10 22:21 ` Arnd Bergmann
2016-06-10 22:21 ` Arnd Bergmann
2016-06-11 5:03 ` Deepa Dinamani
2016-06-11 5:03 ` Deepa Dinamani
2016-06-11 20:55 ` Arnd Bergmann
2016-06-11 20:55 ` Arnd Bergmann
2016-06-09 5:04 ` [PATCH 02/21] fs: ext4: Use current_fs_time() for inode timestamps Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 18:45 ` Linus Torvalds
2016-06-09 18:45 ` Linus Torvalds
2016-06-09 18:55 ` Linus Torvalds
2016-06-10 22:19 ` Arnd Bergmann
2016-06-10 22:19 ` [Y2038] " Arnd Bergmann
2016-06-14 17:55 ` Deepa Dinamani
2016-06-14 20:59 ` Arnd Bergmann
2016-06-14 20:59 ` [Y2038] " Arnd Bergmann
2016-06-09 5:04 ` [PATCH 03/21] fs: ubifs: " Deepa Dinamani
2016-06-09 5:04 ` [PATCH 04/21] fs: Replace CURRENT_TIME with " Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Ocfs2-devel] " Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Cluster-devel] " Deepa Dinamani
2016-06-09 7:55 ` David Sterba
2016-06-09 7:55 ` David Sterba
2016-06-09 7:55 ` David Sterba
2016-06-09 7:55 ` [Ocfs2-devel] " David Sterba
2016-06-09 7:55 ` David Sterba
2016-06-09 7:55 ` [Cluster-devel] " David Sterba
2016-06-09 10:28 ` Steven Whitehouse
2016-06-09 10:28 ` Steven Whitehouse
2016-06-09 10:28 ` Steven Whitehouse
2016-06-09 10:28 ` [Ocfs2-devel] " Steven Whitehouse
2016-06-09 10:28 ` [Cluster-devel] " Steven Whitehouse
2016-06-09 19:08 ` Linus Torvalds
2016-06-09 19:08 ` Linus Torvalds
2016-06-09 19:08 ` Linus Torvalds
2016-06-09 19:08 ` [Ocfs2-devel] " Linus Torvalds
2016-06-09 19:08 ` Linus Torvalds
2016-06-09 19:08 ` [Cluster-devel] " Linus Torvalds
2016-06-09 20:38 ` Deepa Dinamani
2016-06-09 20:38 ` Deepa Dinamani
2016-06-09 20:38 ` Deepa Dinamani
2016-06-09 20:38 ` [Ocfs2-devel] " Deepa Dinamani
2016-06-09 20:38 ` Deepa Dinamani
2016-06-09 20:38 ` [Cluster-devel] " Deepa Dinamani
2016-06-09 21:02 ` Linus Torvalds
2016-06-09 21:02 ` Linus Torvalds
2016-06-09 21:02 ` Linus Torvalds
2016-06-09 21:02 ` [Ocfs2-devel] " Linus Torvalds
2016-06-09 21:02 ` Linus Torvalds
2016-06-09 21:02 ` [Cluster-devel] " Linus Torvalds
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` [Ocfs2-devel] " Arnd Bergmann
2016-06-10 22:23 ` Arnd Bergmann
2016-06-10 22:23 ` [Cluster-devel] " Arnd Bergmann
2016-06-09 5:04 ` [PATCH 05/21] fs: jfs: Replace CURRENT_TIME_SEC by current_fs_time() Deepa Dinamani
2016-06-09 5:04 ` [PATCH 06/21] fs: udf: Replace CURRENT_TIME with current_fs_time() Deepa Dinamani
2016-06-09 7:41 ` Jan Kara
2016-06-10 0:53 ` Deepa Dinamani
2016-06-09 5:04 ` [PATCH 07/21] fs: cifs: Replace CURRENT_TIME by current_fs_time() Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [PATCH 08/21] fs: cifs: Replace CURRENT_TIME with ktime_get_real_ts() Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [PATCH 09/21] fs: cifs: Replace CURRENT_TIME by get_seconds Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [PATCH 10/21] fs: f2fs: Use ktime_get_real_seconds for sit_info times Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [lustre-devel] [PATCH 11/21] drivers: staging: lustre: Replace CURRENT_TIME with current_fs_time() Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-11 0:36 ` [lustre-devel] " James Simmons
2016-06-11 0:36 ` James Simmons
2016-06-11 1:53 ` Andreas Dilger
2016-06-11 1:53 ` Andreas Dilger
2016-06-09 5:04 ` [PATCH 12/21] block: rbd: Replace non inode " Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Ocfs2-devel] [PATCH 13/21] fs: ocfs2: Use time64_t to represent orphan scan times Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [Ocfs2-devel] [PATCH 14/21] fs: ocfs2: Replace CURRENT_TIME with ktime_get_real_seconds() Deepa Dinamani
2016-06-09 5:04 ` Deepa Dinamani
2016-06-09 5:04 ` [PATCH 15/21] time: Add time64_to_tm() Deepa Dinamani
2016-06-14 21:18 ` John Stultz
2016-06-15 17:44 ` Deepa Dinamani
2016-06-17 20:52 ` John Stultz
2016-06-17 20:59 ` Deepa Dinamani
2016-06-17 21:06 ` Arnd Bergmann
2016-06-09 5:05 ` [PATCH 16/21] fnic: Use time64_t to represent trace timestamps Deepa Dinamani
2016-06-09 5:05 ` [PATCH 17/21] audit: Use timespec64 to represent audit timestamps Deepa Dinamani
2016-06-09 14:31 ` Steve Grubb [this message]
2016-06-09 23:59 ` Richard Guy Briggs
2016-06-09 23:59 ` Richard Guy Briggs
2016-06-10 0:19 ` Steve Grubb
2016-06-10 0:19 ` Steve Grubb
2016-06-10 1:44 ` Richard Guy Briggs
2016-06-10 1:44 ` Richard Guy Briggs
2016-06-15 21:23 ` Paul Moore
2016-06-10 0:45 ` Deepa Dinamani
2016-06-10 0:45 ` Deepa Dinamani
2016-06-09 5:05 ` [PATCH 18/21] fs: nfs: Make nfs boot time y2038 safe Deepa Dinamani
2016-06-09 19:23 ` Trond Myklebust
2016-06-09 19:23 ` Trond Myklebust
2016-06-09 21:10 ` Deepa Dinamani
2016-06-10 13:12 ` Anna Schumaker
2016-06-10 14:02 ` Trond Myklebust
2016-06-10 14:02 ` Trond Myklebust
2016-06-09 5:05 ` [PATCH 19/21] libceph: Remove CURRENT_TIME references Deepa Dinamani
2016-06-09 5:05 ` [PATCH 20/21] libceph: Replace CURRENT_TIME with ktime_get_real_ts Deepa Dinamani
2016-06-09 5:05 ` Deepa Dinamani
2016-06-09 5:05 ` [PATCH 21/21] time: Delete CURRENT_TIME_SEC and CURRENT_TIME macro Deepa Dinamani
2016-06-14 21:20 ` John Stultz
[not found] ` <1465448705-25055-1-git-send-email-deepa.kernel-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2016-06-09 7:51 ` [PATCH 00/21] Delete CURRENT_TIME and CURRENT_TIME_SEC macros Felipe Balbi
2016-06-09 7:51 ` Felipe Balbi
2016-06-09 7:51 ` [Ocfs2-devel] " Felipe Balbi
2016-06-09 7:51 ` Felipe Balbi
2016-06-09 7:51 ` [Cluster-devel] " Felipe Balbi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=15760445.1IAucOxmWy@x2 \
--to=sgrubb@redhat.com \
--cc=arnd@arndb.de \
--cc=deepa.kernel@gmail.com \
--cc=linux-audit@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=y2038@lists.linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.