[BACK]Return to secmodel_securelevel.c CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / sys / secmodel / securelevel

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/sys/secmodel/securelevel/secmodel_securelevel.c between version 1.8.6.1 and 1.9

version 1.8.6.1, 2009/01/17 13:29:40 version 1.9, 2008/11/12 12:36:28
Line 173  secmodel_securelevel_system_cb(kauth_cre
Line 173  secmodel_securelevel_system_cb(kauth_cre
   
                 case KAUTH_REQ_SYSTEM_TIME_SYSTEM: {                  case KAUTH_REQ_SYSTEM_TIME_SYSTEM: {
                         struct timespec *ts = arg1;                          struct timespec *ts = arg1;
                         struct timespec *delta = arg2;                          struct timeval *delta = arg2;
   
                         /*                          /*
                          * Don't allow the time to be set forward so far it                           * Don't allow the time to be set forward so far it will wrap
                          * will wrap and become negative, thus allowing an                           * and become negative, thus allowing an attacker to bypass
                          * attacker to bypass the next check below.  The                           * the next check below.  The cutoff is 1 year before rollover
                          * cutoff is 1 year before rollover occurs, so even                           * occurs, so even if the attacker uses adjtime(2) to move
                          * if the attacker uses adjtime(2) to move the time                           * the time past the cutoff, it will take a very long time
                          * past the cutoff, it will take a very long time  
                          * to get to the wrap point.                           * to get to the wrap point.
                            *
                            * XXX: we check against INT_MAX since on 64-bit
                            *      platforms, sizeof(int) != sizeof(long) and
                            *      time_t is 32 bits even when atv.tv_sec is 64 bits.
                          */                           */
                         if (securelevel > 1 &&                          if (securelevel > 1 &&
                             ((ts->tv_sec > LLONG_MAX - 365*24*60*60) ||                              ((ts->tv_sec > INT_MAX - 365*24*60*60) ||
                              (delta->tv_sec < 0 || delta->tv_nsec < 0)))                               (delta->tv_sec < 0 || delta->tv_usec < 0)))
                                 result = KAUTH_RESULT_DENY;                                  result = KAUTH_RESULT_DENY;
   
                         break;                          break;
                 }                  }
   

Legend:
Removed from v.1.8.6.1  
changed lines
  Added in v.1.9

CVSweb <webmaster@jp.NetBSD.org>