moby--moby

mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

History

Stanislav Levin 5d3a9e4319 seccomp: Whitelist `clock_adjtime` This only allows making the syscall. CAP_SYS_TIME is still required for time adjustment (enforced by the kernel): ``` kernel/time/posix-timers.c: 1112 SYSCALL_DEFINE2(clock_adjtime, const clockid_t, which_clock, 1113 struct __kernel_timex __user , utx) ... 1121 err = do_clock_adjtime(which_clock, &ktx); 1100 int do_clock_adjtime(const clockid_t which_clock, struct __kernel_timex ktx) 1101 { ... 1109 return kc->clock_adj(which_clock, ktx); 1299 static const struct k_clock clock_realtime = { ... 1304 .clock_adj = posix_clock_realtime_adj, 188 static int posix_clock_realtime_adj(const clockid_t which_clock, 189 struct __kernel_timex t) 190 { 191 return do_adjtimex(t); kernel/time/timekeeping.c: 2312 int do_adjtimex(struct __kernel_timex txc) 2313 { ... 2321 /* Validate the data before disabling interrupts / 2322 ret = timekeeping_validate_timex(txc); 2246 static int timekeeping_validate_timex(const struct __kernel_timex txc) 2247 { 2248 if (txc->modes & ADJ_ADJTIME) { ... 2252 if (!(txc->modes & ADJ_OFFSET_READONLY) && 2253 !capable(CAP_SYS_TIME)) 2254 return -EPERM; 2255 } else { 2256 /* In order to modify anything, you gotta be super-user! */ 2257 if (txc->modes && !capable(CAP_SYS_TIME)) 2258 return -EPERM; ``` Fixes: https://github.com/moby/moby/issues/40919 Signed-off-by: Stanislav Levin <slev@altlinux.org>	2020-05-08 12:33:25 +03:00
..
apparmor	apparmor: allow readby and tracedby	2019-04-22 09:11:50 -05:00
seccomp	seccomp: Whitelist `clock_adjtime`	2020-05-08 12:33:25 +03:00

Stanislav Levin 5d3a9e4319

seccomp: Whitelist clock_adjtime

This only allows making the syscall. CAP_SYS_TIME is still required
for time adjustment (enforced by the kernel):

```
kernel/time/posix-timers.c:

1112 SYSCALL_DEFINE2(clock_adjtime, const clockid_t, which_clock,
1113                 struct __kernel_timex __user *, utx)
...
1121         err = do_clock_adjtime(which_clock, &ktx);

1100 int do_clock_adjtime(const clockid_t which_clock, struct __kernel_timex * ktx)
1101 {
...
1109         return kc->clock_adj(which_clock, ktx);

1299 static const struct k_clock clock_realtime = {
...
1304         .clock_adj              = posix_clock_realtime_adj,

188 static int posix_clock_realtime_adj(const clockid_t which_clock,
189                                     struct __kernel_timex *t)
190 {
191         return do_adjtimex(t);

kernel/time/timekeeping.c:

2312 int do_adjtimex(struct __kernel_timex *txc)
2313 {
...
2321         /* Validate the data before disabling interrupts */
2322         ret = timekeeping_validate_timex(txc);

2246 static int timekeeping_validate_timex(const struct __kernel_timex *txc)
2247 {
2248         if (txc->modes & ADJ_ADJTIME) {
...
2252                 if (!(txc->modes & ADJ_OFFSET_READONLY) &&
2253                     !capable(CAP_SYS_TIME))
2254                         return -EPERM;
2255         } else {
2256                 /* In order to modify anything, you gotta be super-user! */
2257                 if (txc->modes && !capable(CAP_SYS_TIME))
2258                         return -EPERM;

```

Fixes: https://github.com/moby/moby/issues/40919
Signed-off-by: Stanislav Levin <slev@altlinux.org>

2020-05-08 12:33:25 +03:00

apparmor apparmor: allow readby and tracedby 2019-04-22 09:11:50 -05:00

seccomp seccomp: Whitelist clock_adjtime 2020-05-08 12:33:25 +03:00