From: David Howells <dhowells@redhat.com>
To: linux-security-module@vger.kernel.org
Subject: Re: [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type
Date: Wed, 09 Aug 2017 09:33:53 +0000 [thread overview]
Message-ID: <6767.1502271233@warthog.procyon.org.uk> (raw)
In-Reply-To: <CAK8P3a2WU5uYddGrkWhyfNB4qTEDYne_pyCVG6n5b1w+vb1-OQ@mail.gmail.com>
Arnd Bergmann <arnd@arndb.de> wrote:
> > @@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
> > pptoken = &(*pptoken)->next)
> > continue;
> > *pptoken = token;
> > - if (token->kad->expiry < prep->expiry)
> > - prep->expiry = token->kad->expiry;
> ...
>
> I'm still slightly puzzled by what this function does: it does have four
> timestamps (authtime, starttime, endtime, renew_till) that are all
> transferred as 64-bit values and won't expire, but then it also uses the
> 32-bit expiry field in rxrpc_key_token->kad->expiry instead of the 64-bit
> rxrpc_key_token->k5 fields.
Good catch. This is a cut'n'paste error. It should be using
token->k5->expiry here not token->kad->expiry.
> This appears to overlay the first 32 bits of the
> rxrpc_key_token->k5->starttime field, which is also a time value on
> little-endian architectures by chance, but I would assume that it's always
> in the past, meaning the keys would already be expired.
Yeah - I'm not sure why it works.
David
WARNING: multiple messages have this Message-ID (diff)
From: dhowells@redhat.com (David Howells)
To: linux-security-module@vger.kernel.org
Subject: [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type
Date: Wed, 09 Aug 2017 10:33:53 +0100 [thread overview]
Message-ID: <6767.1502271233@warthog.procyon.org.uk> (raw)
In-Reply-To: <CAK8P3a2WU5uYddGrkWhyfNB4qTEDYne_pyCVG6n5b1w+vb1-OQ@mail.gmail.com>
Arnd Bergmann <arnd@arndb.de> wrote:
> > @@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
> > pptoken = &(*pptoken)->next)
> > continue;
> > *pptoken = token;
> > - if (token->kad->expiry < prep->expiry)
> > - prep->expiry = token->kad->expiry;
> ...
>
> I'm still slightly puzzled by what this function does: it does have four
> timestamps (authtime, starttime, endtime, renew_till) that are all
> transferred as 64-bit values and won't expire, but then it also uses the
> 32-bit expiry field in rxrpc_key_token->kad->expiry instead of the 64-bit
> rxrpc_key_token->k5 fields.
Good catch. This is a cut'n'paste error. It should be using
token->k5->expiry here not token->kad->expiry.
> This appears to overlay the first 32 bits of the
> rxrpc_key_token->k5->starttime field, which is also a time value on
> little-endian architectures by chance, but I would assume that it's always
> in the past, meaning the keys would already be expired.
Yeah - I'm not sure why it works.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: David Howells <dhowells@redhat.com>
To: Arnd Bergmann <arnd@arndb.de>
Cc: dhowells@redhat.com, Baolin Wang <baolin.wang@linaro.org>,
David Miller <davem@davemloft.net>,
james.l.morris@oracle.com, "Serge E. Hallyn" <serge@hallyn.com>,
marc.dionne@auristor.com,
Dan Carpenter <dan.carpenter@oracle.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Mark Brown <broonie@kernel.org>,
keyrings@vger.kernel.org,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
LSM List <linux-security-module@vger.kernel.org>,
Networking <netdev@vger.kernel.org>
Subject: Re: [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type
Date: Wed, 09 Aug 2017 10:33:53 +0100 [thread overview]
Message-ID: <6767.1502271233@warthog.procyon.org.uk> (raw)
In-Reply-To: <CAK8P3a2WU5uYddGrkWhyfNB4qTEDYne_pyCVG6n5b1w+vb1-OQ@mail.gmail.com>
Arnd Bergmann <arnd@arndb.de> wrote:
> > @@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
> > pptoken = &(*pptoken)->next)
> > continue;
> > *pptoken = token;
> > - if (token->kad->expiry < prep->expiry)
> > - prep->expiry = token->kad->expiry;
> ...
>
> I'm still slightly puzzled by what this function does: it does have four
> timestamps (authtime, starttime, endtime, renew_till) that are all
> transferred as 64-bit values and won't expire, but then it also uses the
> 32-bit expiry field in rxrpc_key_token->kad->expiry instead of the 64-bit
> rxrpc_key_token->k5 fields.
Good catch. This is a cut'n'paste error. It should be using
token->k5->expiry here not token->kad->expiry.
> This appears to overlay the first 32 bits of the
> rxrpc_key_token->k5->starttime field, which is also a time value on
> little-endian architectures by chance, but I would assume that it's always
> in the past, meaning the keys would already be expired.
Yeah - I'm not sure why it works.
David
next prev parent reply other threads:[~2017-08-09 9:33 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-09 2:51 [PATCH 0/3] Fix y2038 issues for security/keys subsystem Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` [PATCH 1/3] security: keys: Replace time_t/timespec with time64_t Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` [PATCH 2/3] security: keys: Replace time_t with time64_t for struct key_preparsed_payload Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` [PATCH 3/3] net: rxrpc: Replace time_t type with time64_t type Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 2:51 ` Baolin Wang
2017-08-09 9:01 ` Arnd Bergmann
2017-08-09 9:01 ` Arnd Bergmann
2017-08-09 9:01 ` Arnd Bergmann
2017-08-09 9:33 ` David Howells [this message]
2017-08-09 9:33 ` David Howells
2017-08-09 9:33 ` David Howells
2017-08-09 10:00 ` Arnd Bergmann
2017-08-09 10:00 ` Arnd Bergmann
2017-08-09 10:00 ` Arnd Bergmann
2017-08-09 13:26 ` David Howells
2017-08-09 13:26 ` David Howells
2017-08-09 13:26 ` David Howells
2017-08-09 15:12 ` Arnd Bergmann
2017-08-09 15:12 ` Arnd Bergmann
2017-08-09 15:12 ` Arnd Bergmann
2017-08-09 15:45 ` David Howells
2017-08-09 15:45 ` David Howells
2017-08-09 15:45 ` David Howells
2017-08-09 8:28 ` [PATCH 0/3] Fix y2038 issues for security/keys subsystem David Howells
2017-08-09 8:28 ` David Howells
2017-08-09 8:28 ` David Howells
2017-08-10 1:59 ` Baolin Wang
2017-08-10 1:59 ` Baolin Wang
2017-08-10 1:59 ` Baolin Wang
2017-08-21 12:12 ` Baolin Wang
2017-08-21 12:12 ` Baolin Wang
2017-08-21 12:12 ` Baolin Wang
2017-09-15 8:38 ` Baolin Wang
2017-09-15 8:38 ` Baolin Wang
2017-09-15 8:38 ` Baolin Wang
2017-08-09 8:44 ` Arnd Bergmann
2017-08-09 8:44 ` Arnd Bergmann
2017-08-09 8:44 ` Arnd Bergmann
2017-08-10 2:00 ` Baolin Wang
2017-08-10 2:00 ` Baolin Wang
2017-08-10 2:00 ` Baolin Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6767.1502271233@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.