grsecurity forums


http://forums.grsecurity.net/

hwclock and cron issue

http://forums.grsecurity.net/viewtopic.php?f=3&t=309

Page 1 of 1

hwclock and cron issue

PostPosted: Fri Feb 21, 2003 4:19 pm
by devillinux
Hi,

I have a problem with the execution of hwclock from within a cron job.
Cron runs under uid 0 and so does the script which calls hwclock.
When I execute the script on the console it works fine.

grsecurity 1.9.9c
kernel 2.4.20
os devil-linux current CVS version
acls are not used
grsec kernel options http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/devil-linux/build/scripts/config/config_grsecurity?rev=1.8&content-type=text/vnd.viewcvs-markup
grsec proc parameters http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/devil-linux/build/scripts/scripts/grsecurity.proc?rev=1.5&content-type=text/vnd.viewcvs-markup

Setting all proc parameters to 0 doesn't change anything

Thanks for the help
Heiko

Syslog output:
Feb 21 15:10:00 src@carina2 kernel: grsec: denied use of iopl() by (hwclock:22901) UID(0) EUID(0), parent (strace:17564)
UID(0) EUID(0)

strace output:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 0
open("/dev/tty1", O_RDONLY|O_LARGEFILE) = 3
ioctl(3, 0x4b50, 0xbc758ce0) = -1 EINVAL (Invalid argument)
iopl(0x3) = -1 EPERM (Operation not permitted)

working strace:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 3
close(3) = 0

Re: hwclock and cron issue

PostPosted: Sat Feb 22, 2003 6:10 am
by PaX Team
devillinux wrote:I have a problem with the execution of hwclock from within a cron job. Cron runs under uid 0 and so does the script which calls hwclock. When I execute the script on the console it works fine.

strace output:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 0

this is a bug in hwclock (i checked it in util-linux 2.11w): the function probe_for_rtc_clock() in hwclock/rtc.c has this code in it:

Code: Select all
        int rtc_fd = open_rtc();
        if (rtc_fd > 0) {
                close(rtc_fd);
                return &
        }


obviously that should be a >= check against the fd.

PostPosted: Sat Feb 22, 2003 8:57 am
by devillinux
I'll create a patch.
I can test it again next week.

Thx !
Heiko

Re: hwclock and cron issue

PostPosted: Sat Feb 22, 2003 3:26 pm
by devillinux
this is a bug in hwclock (i checked it in util-linux 2.11w): the function probe_for_rtc_clock() in hwclock/rtc.c has this code in it:

Code: Select all
        int rtc_fd = open_rtc();
        if (rtc_fd > 0) {
                close(rtc_fd);
                return &
        }


obviously that should be a >= check against the fd.


I'm not a programmer, but shouldn't the file descriptor be >0 when the call to open_rtc was successfull?

PostPosted: Sat Feb 22, 2003 3:43 pm
by spender
No, 0 is a valid file descriptor. If open failed, it would return a value < 0.

-Brad

PostPosted: Mon Feb 24, 2003 1:54 pm
by devillinux
It works now, thanks guys !

Here is the patch for util-linux: ftp://ftp.devil-linux.org/pub/devel/sources/0.6/hwclock_rtc_fd.patch.bz2

submitted

PostPosted: Sat Mar 01, 2003 10:48 am
by devillinux
The patch for hwclock is submitted to the util-linux maintainer.

Heiko
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/