net: rxrpc: Replace time_t type with time64_t type
Since the 'expiry' variable of 'struct key_preparsed_payload' has been changed to 'time64_t' type, which is year 2038 safe on 32bits system. In net/rxrpc subsystem, we need convert 'u32' type to 'time64_t' type when copying ticket expires time to 'prep->expiry', then this patch introduces two helper functions to help convert 'u32' to 'time64_t' type. This patch also uses ktime_get_real_seconds() to get current time instead of get_seconds() which is not year 2038 safe on 32bits system. Signed-off-by: Baolin Wang <baolin.wang@linaro.org> Signed-off-by: David Howells <dhowells@redhat.com>
This commit is contained in:
parent
c8488a8ad7
commit
10674a03c6
|
@ -127,4 +127,27 @@ struct rxrpc_key_data_v1 {
|
|||
#define AFSTOKEN_K5_ADDRESSES_MAX 16 /* max K5 addresses */
|
||||
#define AFSTOKEN_K5_AUTHDATA_MAX 16 /* max K5 pieces of auth data */
|
||||
|
||||
/*
|
||||
* Truncate a time64_t to the range from 1970 to 2106 as in the network
|
||||
* protocol.
|
||||
*/
|
||||
static inline u32 rxrpc_time64_to_u32(time64_t time)
|
||||
{
|
||||
if (time < 0)
|
||||
return 0;
|
||||
|
||||
if (time > UINT_MAX)
|
||||
return UINT_MAX;
|
||||
|
||||
return (u32)time;
|
||||
}
|
||||
|
||||
/*
|
||||
* Extend u32 back to time64_t using the same 1970-2106 range.
|
||||
*/
|
||||
static inline time64_t rxrpc_u32_to_time64(u32 time)
|
||||
{
|
||||
return (time64_t)time;
|
||||
}
|
||||
|
||||
#endif /* _KEYS_RXRPC_TYPE_H */
|
||||
|
|
|
@ -894,7 +894,7 @@ extern struct key_type key_type_rxrpc_s;
|
|||
|
||||
int rxrpc_request_key(struct rxrpc_sock *, char __user *, int);
|
||||
int rxrpc_server_keyring(struct rxrpc_sock *, char __user *, int);
|
||||
int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time_t,
|
||||
int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time64_t,
|
||||
u32);
|
||||
|
||||
/*
|
||||
|
|
|
@ -92,6 +92,7 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep,
|
|||
const __be32 *xdr, unsigned int toklen)
|
||||
{
|
||||
struct rxrpc_key_token *token, **pptoken;
|
||||
time64_t expiry;
|
||||
size_t plen;
|
||||
u32 tktlen;
|
||||
|
||||
|
@ -158,8 +159,9 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep,
|
|||
pptoken = &(*pptoken)->next)
|
||||
continue;
|
||||
*pptoken = token;
|
||||
if (token->kad->expiry < prep->expiry)
|
||||
prep->expiry = token->kad->expiry;
|
||||
expiry = rxrpc_u32_to_time64(token->kad->expiry);
|
||||
if (expiry < prep->expiry)
|
||||
prep->expiry = expiry;
|
||||
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
|
@ -433,6 +435,7 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
|
|||
struct rxrpc_key_token *token, **pptoken;
|
||||
struct rxk5_key *rxk5;
|
||||
const __be32 *end_xdr = xdr + (toklen >> 2);
|
||||
time64_t expiry;
|
||||
int ret;
|
||||
|
||||
_enter(",{%x,%x,%x,%x},%u",
|
||||
|
@ -533,8 +536,9 @@ static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
|
|||
pptoken = &(*pptoken)->next)
|
||||
continue;
|
||||
*pptoken = token;
|
||||
if (token->kad->expiry < prep->expiry)
|
||||
prep->expiry = token->kad->expiry;
|
||||
expiry = rxrpc_u32_to_time64(token->kad->expiry);
|
||||
if (expiry < prep->expiry)
|
||||
prep->expiry = expiry;
|
||||
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
|
@ -691,6 +695,7 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep)
|
|||
{
|
||||
const struct rxrpc_key_data_v1 *v1;
|
||||
struct rxrpc_key_token *token, **pp;
|
||||
time64_t expiry;
|
||||
size_t plen;
|
||||
u32 kver;
|
||||
int ret;
|
||||
|
@ -777,8 +782,9 @@ static int rxrpc_preparse(struct key_preparsed_payload *prep)
|
|||
while (*pp)
|
||||
pp = &(*pp)->next;
|
||||
*pp = token;
|
||||
if (token->kad->expiry < prep->expiry)
|
||||
prep->expiry = token->kad->expiry;
|
||||
expiry = rxrpc_u32_to_time64(token->kad->expiry);
|
||||
if (expiry < prep->expiry)
|
||||
prep->expiry = expiry;
|
||||
token = NULL;
|
||||
ret = 0;
|
||||
|
||||
|
@ -955,7 +961,7 @@ int rxrpc_server_keyring(struct rxrpc_sock *rx, char __user *optval,
|
|||
*/
|
||||
int rxrpc_get_server_data_key(struct rxrpc_connection *conn,
|
||||
const void *session_key,
|
||||
time_t expiry,
|
||||
time64_t expiry,
|
||||
u32 kvno)
|
||||
{
|
||||
const struct cred *cred = current_cred();
|
||||
|
@ -982,7 +988,7 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn,
|
|||
data.kver = 1;
|
||||
data.v1.security_index = RXRPC_SECURITY_RXKAD;
|
||||
data.v1.ticket_length = 0;
|
||||
data.v1.expiry = expiry;
|
||||
data.v1.expiry = rxrpc_time64_to_u32(expiry);
|
||||
data.v1.kvno = 0;
|
||||
|
||||
memcpy(&data.v1.session_key, session_key, sizeof(data.v1.session_key));
|
||||
|
|
|
@ -854,7 +854,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
|
|||
struct sk_buff *skb,
|
||||
void *ticket, size_t ticket_len,
|
||||
struct rxrpc_crypt *_session_key,
|
||||
time_t *_expiry,
|
||||
time64_t *_expiry,
|
||||
u32 *_abort_code)
|
||||
{
|
||||
struct skcipher_request *req;
|
||||
|
@ -864,7 +864,7 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
|
|||
struct in_addr addr;
|
||||
unsigned int life;
|
||||
const char *eproto;
|
||||
time_t issue, now;
|
||||
time64_t issue, now;
|
||||
bool little_endian;
|
||||
int ret;
|
||||
u32 abort_code;
|
||||
|
@ -960,15 +960,15 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
|
|||
if (little_endian) {
|
||||
__le32 stamp;
|
||||
memcpy(&stamp, p, 4);
|
||||
issue = le32_to_cpu(stamp);
|
||||
issue = rxrpc_u32_to_time64(le32_to_cpu(stamp));
|
||||
} else {
|
||||
__be32 stamp;
|
||||
memcpy(&stamp, p, 4);
|
||||
issue = be32_to_cpu(stamp);
|
||||
issue = rxrpc_u32_to_time64(be32_to_cpu(stamp));
|
||||
}
|
||||
p += 4;
|
||||
now = get_seconds();
|
||||
_debug("KIV ISSUE: %lx [%lx]", issue, now);
|
||||
now = ktime_get_real_seconds();
|
||||
_debug("KIV ISSUE: %llx [%llx]", issue, now);
|
||||
|
||||
/* check the ticket is in date */
|
||||
if (issue > now) {
|
||||
|
@ -1053,7 +1053,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
|||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
struct rxrpc_crypt session_key;
|
||||
const char *eproto;
|
||||
time_t expiry;
|
||||
time64_t expiry;
|
||||
void *ticket;
|
||||
u32 abort_code, version, kvno, ticket_len, level;
|
||||
__be32 csum;
|
||||
|
|
Loading…
Reference in New Issue