hwclock and cron issue

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

hwclock and cron issue

Postby devillinux » Fri Feb 21, 2003 4:19 pm

Hi,

I have a problem with the execution of hwclock from within a cron job.
Cron runs under uid 0 and so does the script which calls hwclock.
When I execute the script on the console it works fine.

grsecurity 1.9.9c
kernel 2.4.20
os devil-linux current CVS version
acls are not used
grsec kernel options http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/devil-linux/build/scripts/config/config_grsecurity?rev=1.8&content-type=text/vnd.viewcvs-markup
grsec proc parameters http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/devil-linux/build/scripts/scripts/grsecurity.proc?rev=1.5&content-type=text/vnd.viewcvs-markup

Setting all proc parameters to 0 doesn't change anything

Thanks for the help
Heiko

Syslog output:
Feb 21 15:10:00 src@carina2 kernel: grsec: denied use of iopl() by (hwclock:22901) UID(0) EUID(0), parent (strace:17564)
UID(0) EUID(0)

strace output:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 0
open("/dev/tty1", O_RDONLY|O_LARGEFILE) = 3
ioctl(3, 0x4b50, 0xbc758ce0) = -1 EINVAL (Invalid argument)
iopl(0x3) = -1 EPERM (Operation not permitted)

working strace:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 3
close(3) = 0
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm

Re: hwclock and cron issue

Postby PaX Team » Sat Feb 22, 2003 6:10 am

devillinux wrote:I have a problem with the execution of hwclock from within a cron job. Cron runs under uid 0 and so does the script which calls hwclock. When I execute the script on the console it works fine.

strace output:
getuid32() = 0
open("/dev/rtc", O_RDONLY|O_LARGEFILE) = 0

this is a bug in hwclock (i checked it in util-linux 2.11w): the function probe_for_rtc_clock() in hwclock/rtc.c has this code in it:

Code: Select all
        int rtc_fd = open_rtc();
        if (rtc_fd > 0) {
                close(rtc_fd);
                return &
        }


obviously that should be a >= check against the fd.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Postby devillinux » Sat Feb 22, 2003 8:57 am

I'll create a patch.
I can test it again next week.

Thx !
Heiko
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm

Re: hwclock and cron issue

Postby devillinux » Sat Feb 22, 2003 3:26 pm

this is a bug in hwclock (i checked it in util-linux 2.11w): the function probe_for_rtc_clock() in hwclock/rtc.c has this code in it:

Code: Select all
        int rtc_fd = open_rtc();
        if (rtc_fd > 0) {
                close(rtc_fd);
                return &
        }


obviously that should be a >= check against the fd.


I'm not a programmer, but shouldn't the file descriptor be >0 when the call to open_rtc was successfull?
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm

Postby spender » Sat Feb 22, 2003 3:43 pm

No, 0 is a valid file descriptor. If open failed, it would return a value < 0.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Postby devillinux » Mon Feb 24, 2003 1:54 pm

It works now, thanks guys !

Here is the patch for util-linux: ftp://ftp.devil-linux.org/pub/devel/sources/0.6/hwclock_rtc_fd.patch.bz2
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm

submitted

Postby devillinux » Sat Mar 01, 2003 10:48 am

The patch for hwclock is submitted to the util-linux maintainer.

Heiko
devillinux
 
Posts: 30
Joined: Tue Dec 24, 2002 6:55 pm


Return to grsecurity support

cron