[Lucid][CVE-2013-0160][PATCH 3/3] tty: fix up atime/mtime mess, take three

[Luis Henriques]

From: Linus Torvalds <torvalds at linux-foundation.org>

CVE-2013-0160

BugLink: http://bugs.launchpad.net/bugs/1097680

We first tried to avoid updating atime/mtime entirely (commit
b0de59b5733d: "TTY: do not update atime/mtime on read/write"), and then
limited it to only update it occasionally (commit 37b7f3c76595: "TTY:
fix atime/mtime regression"), but it turns out that this was both
insufficient and overkill.

It was insufficient because we let people attach to the shared ptmx node
to see activity without even reading atime/mtime, and it was overkill
because the "only once a minute" means that you can't really tell an
idle person from an active one with 'w'.

So this tries to fix the problem properly.  It marks the shared ptmx
node as un-notifiable, and it lowers the "only once a minute" to a few
seconds instead - still long enough that you can't time individual
keystrokes, but short enough that you can tell whether somebody is
active or not.

Reported-by: Simon Kirby <sim at hostway.ca>
Acked-by: Jiri Slaby <jslaby at suse.cz>
Cc: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
Cc: stable at vger.kernel.org
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
(back ported from commit b0b885657b6c8ef63a46bc9299b2a7715d19acde)
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 drivers/char/tty_io.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index 3dd0586..ad8c374 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -856,10 +856,10 @@ void start_tty(struct tty_struct *tty)
 
 EXPORT_SYMBOL(start_tty);
 
+/* We limit tty time update visibility to every 8 seconds or so. */
 static void tty_update_time(struct timespec *time)
 {
-	unsigned long sec = get_seconds();
-	sec -= sec % 60;
+	unsigned long sec = get_seconds() & ~7;
 	if ((long)(sec - time->tv_sec) > 0)
 		time->tv_sec = sec;
 }
-- 
1.8.3.2