summaryrefslogtreecommitdiff
path: root/sys/kern/kern_time.c
diff options
context:
space:
mode:
authorcheloha <cheloha@cvs.openbsd.org>2019-01-10 17:54:12 +0000
committercheloha <cheloha@cvs.openbsd.org>2019-01-10 17:54:12 +0000
commita4533973a5331713cfa0cb275c4287e1a461189c (patch)
tree9d29de916eb49228d30de271d64c49a101809e5e /sys/kern/kern_time.c
parent53a934c6fb0d8185b12fa44b2c81f513a27b5a47 (diff)
settime: Don't cancel ongoing adjtime(2) until after full permission checks
ok jca@ visa@ guenther@ deraadt@
Diffstat (limited to 'sys/kern/kern_time.c')
-rw-r--r--sys/kern/kern_time.c13
1 files changed, 6 insertions, 7 deletions
diff --git a/sys/kern/kern_time.c b/sys/kern/kern_time.c
index 1e40e8ccd84..1dce61217ce 100644
--- a/sys/kern/kern_time.c
+++ b/sys/kern/kern_time.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_time.c,v 1.105 2018/12/31 18:54:00 cheloha Exp $ */
+/* $OpenBSD: kern_time.c,v 1.106 2019/01/10 17:54:11 cheloha Exp $ */
/* $NetBSD: kern_time.c,v 1.20 1996/02/18 11:57:06 fvdl Exp $ */
/*
@@ -68,12 +68,6 @@ settime(const struct timespec *ts)
struct timespec now;
/*
- * Adjtime in progress is meaningless or harmful after
- * setting the clock. Cancel adjtime and then set new time.
- */
- adjtimedelta = 0;
-
- /*
* Don't allow the time to be set forward so far it will wrap
* and become negative, thus allowing an attacker to bypass
* the next check below. The cutoff is 1 year before rollover
@@ -102,6 +96,11 @@ settime(const struct timespec *ts)
return (EPERM);
}
+ /*
+ * Adjtime in progress is meaningless or harmful after
+ * setting the clock. Cancel adjtime and then set new time.
+ */
+ adjtimedelta = 0;
tc_setrealtimeclock(ts);
resettodr();
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 07:31:39 +0000