Re: [PATCH 2/3] xfs: disallow broken ioctls without compat-32-bit-time
From: Arnd Bergmann
Date: Thu Jan 02 2020 - 15:35:30 EST
On Thu, Jan 2, 2020 at 10:16 AM Arnd Bergmann <arnd@xxxxxxxx> wrote:
> On Tue, Dec 24, 2019 at 9:45 AM Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
> > On Wed, Dec 18, 2019 at 05:39:29PM +0100, Arnd Bergmann wrote:
> > > +/* disallow y2038-unsafe ioctls with CONFIG_COMPAT_32BIT_TIME=n */
> > > +static bool xfs_have_compat_bstat_time32(unsigned int cmd)
> > > +{
> > > + if (IS_ENABLED(CONFIG_COMPAT_32BIT_TIME))
> > > + return true;
> > > +
> > > + if (IS_ENABLED(CONFIG_64BIT) && !in_compat_syscall())
> > > + return true;
> > > +
> > > + if (cmd == XFS_IOC_FSBULKSTAT_SINGLE ||
> > > + cmd == XFS_IOC_FSBULKSTAT ||
> > > + cmd == XFS_IOC_SWAPEXT)
> > > + return false;
> > > +
> > > + return true;
> >
> > I think the check for the individual command belongs into the callers,
> > which laves us with:
> >
> > static inline bool have_time32(void)
> > {
> > return IS_ENABLED(CONFIG_COMPAT_32BIT_TIME) ||
> > (IS_ENABLED(CONFIG_64BIT) && !in_compat_syscall());
> > }
> >
> > and that looks like it should be in a generic helper somewhere.
>
> Yes, makes sense.
>
> I was going for something XFS specific here because XFS is unique in the
> kernel in completely deprecating a set of ioctl commands (replacing
> the old interface with a v5) rather than allowing the user space to be
> compiled with 64-bit time_t.
I tried adding the helper now but ran into a stupid problem: the best
place to put it would be linux/time32.h, but then I have to include
linux/compat.h from there, which in turn pulls in tons of other
headers in any file using linux/time.h.
I considered making it a macro instead, but that's also really ugly.
I now think we should just defer this change until after v5.6, once I
have separated linux/time.h from linux/time32.h.
In the meantime I'll resend the other two patches that I know we
need in v5.6 in order to get there, so Darrick can apply them to his
tree.
Arnd