diff options
| author | Ondrej Mosnacek <omosnace@redhat.com> | 2019-04-10 05:14:20 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2019-04-15 18:14:01 -0400 |
| commit | 7e8eda734d30de81d06a949c9bf9853c445ede4e (patch) | |
| tree | d16d77f902e5e7bc24ce1afcb0589544d5e5e602 /kernel/time/ntp.c | |
| parent | 2d87a0674bd60d855e4008e2d84f5b23d7cb9b7d (diff) | |
ntp: Audit NTP parameters adjustment
Emit an audit record every time selected NTP parameters are modified
from userspace (via adjtimex(2) or clock_adjtime(2)). These parameters
may be used to indirectly change system clock, and thus their
modifications should be audited.
Such events will now generate records of type AUDIT_TIME_ADJNTPVAL
containing the following fields:
- op -- which value was adjusted:
- offset -- corresponding to the time_offset variable
- freq -- corresponding to the time_freq variable
- status -- corresponding to the time_status variable
- adjust -- corresponding to the time_adjust variable
- tick -- corresponding to the tick_usec variable
- tai -- corresponding to the timekeeping's TAI offset
- old -- the old value
- new -- the new value
Example records:
type=TIME_ADJNTPVAL msg=audit(1530616044.507:7): op=status old=64 new=8256
type=TIME_ADJNTPVAL msg=audit(1530616044.511:11): op=freq old=0 new=49180377088000
The records of this type will be associated with the corresponding
syscall records.
An overview of parameter changes that can be done via do_adjtimex()
(based on information from Miroslav Lichvar) and whether they are
audited:
__timekeeping_set_tai_offset() -- sets the offset from the
International Atomic Time
(AUDITED)
NTP variables:
time_offset -- can adjust the clock by up to 0.5 seconds per call
and also speed it up or slow down by up to about
0.05% (43 seconds per day) (AUDITED)
time_freq -- can speed up or slow down by up to about 0.05%
(AUDITED)
time_status -- can insert/delete leap seconds and it also enables/
disables synchronization of the hardware real-time
clock (AUDITED)
time_maxerror, time_esterror -- change error estimates used to
inform userspace applications
(NOT AUDITED)
time_constant -- controls the speed of the clock adjustments that
are made when time_offset is set (NOT AUDITED)
time_adjust -- can temporarily speed up or slow down the clock by up
to 0.05% (AUDITED)
tick_usec -- a more extreme version of time_freq; can speed up or
slow down the clock by up to 10% (AUDITED)
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'kernel/time/ntp.c')
| -rw-r--r-- | kernel/time/ntp.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c index 92a90014a925..ac5555e25733 100644 --- a/kernel/time/ntp.c +++ b/kernel/time/ntp.c | |||
| @@ -17,6 +17,7 @@ | |||
| 17 | #include <linux/mm.h> | 17 | #include <linux/mm.h> |
| 18 | #include <linux/module.h> | 18 | #include <linux/module.h> |
| 19 | #include <linux/rtc.h> | 19 | #include <linux/rtc.h> |
| 20 | #include <linux/audit.h> | ||
| 20 | 21 | ||
| 21 | #include "ntp_internal.h" | 22 | #include "ntp_internal.h" |
| 22 | #include "timekeeping_internal.h" | 23 | #include "timekeeping_internal.h" |
| @@ -709,7 +710,7 @@ static inline void process_adjtimex_modes(const struct __kernel_timex *txc, | |||
| 709 | * kernel time-keeping variables. used by xntpd. | 710 | * kernel time-keeping variables. used by xntpd. |
| 710 | */ | 711 | */ |
| 711 | int __do_adjtimex(struct __kernel_timex *txc, const struct timespec64 *ts, | 712 | int __do_adjtimex(struct __kernel_timex *txc, const struct timespec64 *ts, |
| 712 | s32 *time_tai) | 713 | s32 *time_tai, struct audit_ntp_data *ad) |
| 713 | { | 714 | { |
| 714 | int result; | 715 | int result; |
| 715 | 716 | ||
| @@ -720,14 +721,29 @@ int __do_adjtimex(struct __kernel_timex *txc, const struct timespec64 *ts, | |||
| 720 | /* adjtime() is independent from ntp_adjtime() */ | 721 | /* adjtime() is independent from ntp_adjtime() */ |
| 721 | time_adjust = txc->offset; | 722 | time_adjust = txc->offset; |
| 722 | ntp_update_frequency(); | 723 | ntp_update_frequency(); |
| 724 | |||
| 725 | audit_ntp_set_old(ad, AUDIT_NTP_ADJUST, save_adjust); | ||
| 726 | audit_ntp_set_new(ad, AUDIT_NTP_ADJUST, time_adjust); | ||
| 723 | } | 727 | } |
| 724 | txc->offset = save_adjust; | 728 | txc->offset = save_adjust; |
| 725 | } else { | 729 | } else { |
| 726 | |||
| 727 | /* If there are input parameters, then process them: */ | 730 | /* If there are input parameters, then process them: */ |
| 728 | if (txc->modes) | 731 | if (txc->modes) { |
| 732 | audit_ntp_set_old(ad, AUDIT_NTP_OFFSET, time_offset); | ||
| 733 | audit_ntp_set_old(ad, AUDIT_NTP_FREQ, time_freq); | ||
| 734 | audit_ntp_set_old(ad, AUDIT_NTP_STATUS, time_status); | ||
| 735 | audit_ntp_set_old(ad, AUDIT_NTP_TAI, *time_tai); | ||
| 736 | audit_ntp_set_old(ad, AUDIT_NTP_TICK, tick_usec); | ||
| 737 | |||
| 729 | process_adjtimex_modes(txc, time_tai); | 738 | process_adjtimex_modes(txc, time_tai); |
| 730 | 739 | ||
| 740 | audit_ntp_set_new(ad, AUDIT_NTP_OFFSET, time_offset); | ||
| 741 | audit_ntp_set_new(ad, AUDIT_NTP_FREQ, time_freq); | ||
| 742 | audit_ntp_set_new(ad, AUDIT_NTP_STATUS, time_status); | ||
| 743 | audit_ntp_set_new(ad, AUDIT_NTP_TAI, *time_tai); | ||
| 744 | audit_ntp_set_new(ad, AUDIT_NTP_TICK, tick_usec); | ||
| 745 | } | ||
| 746 | |||
| 731 | txc->offset = shift_right(time_offset * NTP_INTERVAL_FREQ, | 747 | txc->offset = shift_right(time_offset * NTP_INTERVAL_FREQ, |
| 732 | NTP_SCALE_SHIFT); | 748 | NTP_SCALE_SHIFT); |
| 733 | if (!(time_status & STA_NANO)) | 749 | if (!(time_status & STA_NANO)) |