[Lucid][CVE-2013-0160][Patch 0/3] TTY: do not update atime/mtime on read/write
Andy Whitcroft
apw at canonical.com
Fri Jan 24 10:58:56 UTC 2014
On Fri, Jan 24, 2014 at 10:07:17AM +0000, Luis Henriques wrote:
> Following this email, I am sending 3 patches for Lucid that backport
> the fix(es) for CVE-2013-0160:
>
> * b0de59b "TTY: do not update atime/mtime on read/write"
> This would be a clean cherry-pick if it wasn't for the file rename:
> file drivers/tty/tty_io.c is drivers/char/tty_io.c in Lucid
>
> * 37b7f3c "TTY: fix atime/mtime regression"
> The 2nd hunk of this patch is dropped in this backport as it is
> already present in Lucid.
>
> * b0b8856 "tty: fix up atime/mtime mess, take three"
> This backport drops the first hunk as it depends on commit ecf081d
> ("vfs: introduce FMODE_NONOTIFY"), which hasn't been backported to
> Lucid.
>
> I've tested these patches incrementally, i.e.:
>
> 1) I was able to verify the 1st one breaks 'w'
> 2) The 2nd one fixes it but 'w' still doesn't provide useful
> information (updates to 'idle' time take a while)
> 3) The 3rd one finally makes 'w' usable again.
>
> (Oh, and I've verified the actual CVE is fixed by running the PoCs
> available here: http://vladz.devzero.fr/013_ptmx-timing.php)
Ok, this looks to be missing a bit, the bit for FMODE_NONOTIFY. There
are two additional commits I think we are going to need here, else the
notify approach will still work:
commit ecf081d1a73b077916f514f2ec744ded32b88ca1
Author: Eric Paris <eparis at redhat.com>
Date: Thu Dec 17 21:24:25 2009 -0500
vfs: introduce FMODE_NONOTIFY
and
commit 12ed2e36c98aec6c41559222e311f4aa15d254b6
Author: Signed-off-by: Wu Fengguang <fengguang.wu at intel.com>
Date: Mon Feb 8 12:31:29 2010 -0500
fanotify: FMODE_NONOTIFY and __O_SYNC in sparc conflict
In better news the support looks very simple and easy to backport if we
only want this use of it.
-apw
More information about the kernel-team
mailing list