On Mon, Dec 02, 2024 at 02:19:13PM +0000, Chuck Lever III wrote:
On Dec 2, 2024, at 4:09 AM, Greg KH gregkh@linuxfoundation.org wrote:
On Wed, Nov 20, 2024 at 02:13:15PM -0500, cel@kernel.org wrote:
From: Chuck Lever chuck.lever@oracle.com
[ Upstream commit 8d915bbf39266bb66082c1e4980e123883f19830 ]
What about kernel versions greater than 5.4? Like 5.10, 5.15, 6.1, and 6.6 for this change? Shouldn't it also be needed there?
Good catch. My rationale is:
Asynchronous COPY offload is needed to implement NFSv4.2 server-to-server COPY offload.
The upstream patches that address the CVE don't apply cleanly to linux-5.4.y. However, 5.4 kernels do not have NFSv4.2 server-to-server COPY offload, thus this change, which simply disables async COPY, has no user-visible impact. So I decided the easy, low-impact way to address the CVE for v5.4 was applying only this patch.
The newer LTS kernels do have server-to-server COPY offload, thus if this patch is applied, they would see a behavior regression whenever CONFIG_NFSD_V4_2_INTER_SSC is enabled. The upstream patches that address the CVE apply cleanly to these kernels, and I've sent those to stable@ already.
As these were separate patch series, there wasn't an obvious place to add a cover letter that explains this.
Ok, that's fine, we'll just leave this as-is, thanks!
greg k-h