From: Cyril Hrubis <chrubis@suse.cz>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH V8] syscalls: clock_settime: Add test around y2038 vulnerability
Date: Wed, 5 Aug 2020 17:11:45 +0200 [thread overview]
Message-ID: <20200805151145.GA631@yuki.lan> (raw)
In-Reply-To: <96ce72a605e365a040b258db9323d3962ab80e29.1596545279.git.viresh.kumar@linaro.org>
Hi!
> This adds a test around the y2038 vulnerability, it sets the system time
> to just before y2038 time (i.e. max value that can be stored in s32),
> and adds a timer to expire just after crossing it.
>
> Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
> ---
> V8:
> - Check compatibility issues for TST_KERN_OLD_TIMESPEC and not the new
> timespec.
> - s/TFAIL/TCONF/ in setup()
> - Use kernel_timer_t
> - rearrange code and don't expect timer to fire before.
>
> runtest/syscalls | 1 +
> testcases/kernel/syscalls/clock_settime/.gitignore | 1 +
> .../syscalls/clock_settime/clock_settime03.c | 123 +++++++++++++++++++++
> 3 files changed, 125 insertions(+)
> create mode 100644 testcases/kernel/syscalls/clock_settime/clock_settime03.c
>
> diff --git a/runtest/syscalls b/runtest/syscalls
> index 3c6e78a4c6d0..3c2f5f6c0b37 100644
> --- a/runtest/syscalls
> +++ b/runtest/syscalls
> @@ -99,6 +99,7 @@ leapsec01 leapsec01
>
> clock_settime01 clock_settime01
> clock_settime02 clock_settime02
> +clock_settime03 clock_settime03
>
> clone01 clone01
> clone02 clone02
> diff --git a/testcases/kernel/syscalls/clock_settime/.gitignore b/testcases/kernel/syscalls/clock_settime/.gitignore
> index 28121755006b..b66169b3eb7b 100644
> --- a/testcases/kernel/syscalls/clock_settime/.gitignore
> +++ b/testcases/kernel/syscalls/clock_settime/.gitignore
> @@ -1,2 +1,3 @@
> clock_settime01
> clock_settime02
> +clock_settime03
> diff --git a/testcases/kernel/syscalls/clock_settime/clock_settime03.c b/testcases/kernel/syscalls/clock_settime/clock_settime03.c
> new file mode 100644
> index 000000000000..da062a8d0333
> --- /dev/null
> +++ b/testcases/kernel/syscalls/clock_settime/clock_settime03.c
> @@ -0,0 +1,123 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (c) 2020 Linaro Limited. All rights reserved.
> + * Author: Viresh Kumar<viresh.kumar@linaro.org>
> + *
> + * Check Year 2038 related vulnerabilities.
> + */
> +
> +#include <signal.h>
> +#include "config.h"
> +#include "tst_timer.h"
> +#include "tst_safe_clocks.h"
> +
> +#define TIMER_DELTA 3
> +#define ALLOWED_DELTA (50 * 1000) /* 50 ms */
> +
> +static struct tst_ts start, end;
> +static struct tst_its its;
> +
> +static struct test_variants {
> + int (*clock_gettime)(clockid_t clk_id, void *ts);
> + int (*clock_settime)(clockid_t clk_id, void *ts);
> + int (*timer_settime)(kernel_timer_t timerid, int flags, void *its,
> + void *old_its);
> + enum tst_ts_type type;
> + char *desc;
> +} variants[] = {
> +#if (__NR_clock_settime != __LTP__NR_INVALID_SYSCALL)
> + { .clock_gettime = sys_clock_gettime, .clock_settime = sys_clock_settime, .timer_settime = sys_timer_settime, .type = TST_KERN_OLD_TIMESPEC, .desc = "syscall with old kernel spec"},
> +#endif
> +
> +#if (__NR_clock_settime64 != __LTP__NR_INVALID_SYSCALL)
> + { .clock_gettime = sys_clock_gettime64, .clock_settime = sys_clock_settime64, .timer_settime = sys_timer_settime64, .type = TST_KERN_TIMESPEC, .desc = "syscall time64 with kernel spec"},
> +#endif
> +};
> +
> +static void setup(void)
> +{
> + struct test_variants *tv = &variants[tst_variant];
> +
> + tst_res(TINFO, "Testing variant: %s", tv->desc);
> + start.type = end.type = its.type = tv->type;
> +
> + /* Check if the kernel is y2038 safe */
> + if (tv->type == TST_KERN_OLD_TIMESPEC &&
> + sizeof(start.ts.kern_old_ts) == 8)
> + tst_brk(TCONF, "Not Y2038 safe to run test");
Thinking of this again, it may be safer to assert the size of the
kernel_old_ts.tv_sec, since the compiler is technically allowed to padd
the structure. So what about sizeof(start.ts.kernel_old_ts.tv_sec) == 4?
> +}
> +
> +static void run(void)
> +{
> + struct test_variants *tv = &variants[tst_variant];
> + unsigned long long time = 0x7FFFFFFE; /* Time just before y2038 */
> + struct sigevent ev = {
> + .sigev_notify = SIGEV_SIGNAL,
> + .sigev_signo = SIGABRT,
> + };
> + long long diff;
> + kernel_timer_t timer;
> + sigset_t set;
> + int sig, ret;
> +
> + if (sigemptyset(&set) == -1)
> + tst_brk(TBROK, "sigemptyset() failed");
> +
> + if (sigaddset(&set, SIGABRT) == -1)
> + tst_brk(TBROK, "sigaddset() failed");
We do have a safe macros for these two now.
Other than that these the code looks good. I can fix these two before
applying if you agree.
--
Cyril Hrubis
chrubis@suse.cz
next prev parent reply other threads:[~2020-08-05 15:11 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-04 12:50 [LTP] [PATCH V8] syscalls: clock_settime: Add test around y2038 vulnerability Viresh Kumar
2020-08-05 15:11 ` Cyril Hrubis [this message]
2020-08-06 4:36 ` Viresh Kumar
2020-08-06 9:21 ` Cyril Hrubis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200805151145.GA631@yuki.lan \
--to=chrubis@suse.cz \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.