sys_stime() currently sets time directly without using the existing helper
functions. This patch changes sys_stime() to use these functions which
helps LSM place only one security check in do_sys_settimeofday().
Using the helper functions changes this in two ways. First,
last_time_offset is no longer zeroed. This doesn't appear to be an
issue, since last_time_offset is used primarily on IA64, and sys_stime()
is not compiled for IA64. Second, the gettimeofday offset is now accounted
for by moving to the helper function. Does anyone see problems with
this change?
I've tested this patch, and it works for me.
thanks,
-chris
-- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net===== time.c 1.6 vs edited ===== --- 1.6/kernel/time.c Sun Jun 2 11:44:56 2002 +++ edited/time.c Fri Jul 19 17:58:57 2002 @@ -41,6 +41,8 @@ extern rwlock_t xtime_lock; extern unsigned long last_time_offset; +int do_sys_settimeofday(struct timeval *tv, struct timezone *tz); + #if !defined(__alpha__) && !defined(__ia64__) /* @@ -75,21 +77,13 @@ asmlinkage long sys_stime(int * tptr) { int value; + struct timeval tv; - if (!capable(CAP_SYS_TIME)) - return -EPERM; if (get_user(value, tptr)) return -EFAULT; - write_lock_irq(&xtime_lock); - xtime.tv_sec = value; - xtime.tv_usec = 0; - last_time_offset = 0; - time_adjust = 0; /* stop active adjtime() */ - time_status |= STA_UNSYNC; - time_maxerror = NTP_PHASE_LIMIT; - time_esterror = NTP_PHASE_LIMIT; - write_unlock_irq(&xtime_lock); - return 0; + tv.tv_sec = value; + tv.tv_usec = 0; + return do_sys_settimeofday(&tv, NULL); } #endif - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/