seccomp: Whitelist `clock_adjtime`
This only allows making the syscall. CAP_SYS_TIME is still required
for time adjustment (enforced by the kernel):
```
kernel/time/posix-timers.c:
1112 SYSCALL_DEFINE2(clock_adjtime, const clockid_t, which_clock,
1113 struct __kernel_timex __user *, utx)
...
1121 err = do_clock_adjtime(which_clock, &ktx);
1100 int do_clock_adjtime(const clockid_t which_clock, struct __kernel_timex * ktx)
1101 {
...
1109 return kc->clock_adj(which_clock, ktx);
1299 static const struct k_clock clock_realtime = {
...
1304 .clock_adj = posix_clock_realtime_adj,
188 static int posix_clock_realtime_adj(const clockid_t which_clock,
189 struct __kernel_timex *t)
190 {
191 return do_adjtimex(t);
kernel/time/timekeeping.c:
2312 int do_adjtimex(struct __kernel_timex *txc)
2313 {
...
2321 /* Validate the data before disabling interrupts */
2322 ret = timekeeping_validate_timex(txc);
2246 static int timekeeping_validate_timex(const struct __kernel_timex *txc)
2247 {
2248 if (txc->modes & ADJ_ADJTIME) {
...
2252 if (!(txc->modes & ADJ_OFFSET_READONLY) &&
2253 !capable(CAP_SYS_TIME))
2254 return -EPERM;
2255 } else {
2256 /* In order to modify anything, you gotta be super-user! */
2257 if (txc->modes && !capable(CAP_SYS_TIME))
2258 return -EPERM;
```
Fixes: https://github.com/moby/moby/issues/40919
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Stanislav Levin authored on 2020/05/08 16:58:16Showing 2 changed files