mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-16 08:44:21 +08:00
7e8eda734d
Emit an audit record every time selected NTP parameters are modified
from userspace (via adjtimex(2) or clock_adjtime(2)). These parameters
may be used to indirectly change system clock, and thus their
modifications should be audited.
Such events will now generate records of type AUDIT_TIME_ADJNTPVAL
containing the following fields:
- op -- which value was adjusted:
- offset -- corresponding to the time_offset variable
- freq -- corresponding to the time_freq variable
- status -- corresponding to the time_status variable
- adjust -- corresponding to the time_adjust variable
- tick -- corresponding to the tick_usec variable
- tai -- corresponding to the timekeeping's TAI offset
- old -- the old value
- new -- the new value
Example records:
type=TIME_ADJNTPVAL msg=audit(1530616044.507:7): op=status old=64 new=8256
type=TIME_ADJNTPVAL msg=audit(1530616044.511:11): op=freq old=0 new=49180377088000
The records of this type will be associated with the corresponding
syscall records.
An overview of parameter changes that can be done via do_adjtimex()
(based on information from Miroslav Lichvar) and whether they are
audited:
__timekeeping_set_tai_offset() -- sets the offset from the
International Atomic Time
(AUDITED)
NTP variables:
time_offset -- can adjust the clock by up to 0.5 seconds per call
and also speed it up or slow down by up to about
0.05% (43 seconds per day) (AUDITED)
time_freq -- can speed up or slow down by up to about 0.05%
(AUDITED)
time_status -- can insert/delete leap seconds and it also enables/
disables synchronization of the hardware real-time
clock (AUDITED)
time_maxerror, time_esterror -- change error estimates used to
inform userspace applications
(NOT AUDITED)
time_constant -- controls the speed of the clock adjustments that
are made when time_offset is set (NOT AUDITED)
time_adjust -- can temporarily speed up or slow down the clock by up
to 0.05% (AUDITED)
tick_usec -- a more extreme version of time_freq; can speed up or
slow down the clock by up to 10% (AUDITED)
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
||
|---|---|---|
| .. | ||
| alarmtimer.c | ||
| clockevents.c | ||
| clocksource.c | ||
| hrtimer.c | ||
| itimer.c | ||
| jiffies.c | ||
| Kconfig | ||
| Makefile | ||
| ntp_internal.h | ||
| ntp.c | ||
| posix-clock.c | ||
| posix-cpu-timers.c | ||
| posix-stubs.c | ||
| posix-timers.c | ||
| posix-timers.h | ||
| sched_clock.c | ||
| test_udelay.c | ||
| tick-broadcast-hrtimer.c | ||
| tick-broadcast.c | ||
| tick-common.c | ||
| tick-internal.h | ||
| tick-oneshot.c | ||
| tick-sched.c | ||
| tick-sched.h | ||
| time.c | ||
| timeconst.bc | ||
| timeconv.c | ||
| timecounter.c | ||
| timekeeping_debug.c | ||
| timekeeping_internal.h | ||
| timekeeping.c | ||
| timekeeping.h | ||
| timer_list.c | ||
| timer.c | ||