Sasha, Greg,
Can you please backport CONFIG_LEGACY_TIOCSTI support into stable kernels?
This, perhaps, would include there mainline commits:
83efeeeb3d04b22aaed1df99bc70a48fe9d22c4d tty: Allow TIOCSTI to be disabled 5c30f3e4a6e67c88c979ad30554bf4ef9b24fbd0 tty: Move TIOCSTI toggle variable before kerndoc b2ea273a477cd6e83daedbfa1981cd1a7468f73a tty: Fix typo in LEGACY_TIOCSTI Kconfig description 690c8b804ad2eafbd35da5d3c95ad325ca7d5061 TIOCSTI: always enable for CAP_SYS_ADMIN 3f29d9ee323ae5cda59d144d1f8b0b10ea065be0 TIOCSTI: Document CAP_SYS_ADMIN behaviour in Kconfig 8d1b43f6a6df7bcea20982ad376a000d90906b42 tty: Restrict access to TIOCLINUX' copy-and-paste subcommands
Thanks,
On Fri, Jun 28, 2024 at 02:47:23PM +0300, Vitaly Chikunov wrote:
Sasha, Greg,
Can you please backport CONFIG_LEGACY_TIOCSTI support into stable kernels?
That seems to be a new feature, not a bugfix, right? Is that applicable to older kernels?
This, perhaps, would include there mainline commits:
83efeeeb3d04b22aaed1df99bc70a48fe9d22c4d tty: Allow TIOCSTI to be disabled 5c30f3e4a6e67c88c979ad30554bf4ef9b24fbd0 tty: Move TIOCSTI toggle variable before kerndoc b2ea273a477cd6e83daedbfa1981cd1a7468f73a tty: Fix typo in LEGACY_TIOCSTI Kconfig description 690c8b804ad2eafbd35da5d3c95ad325ca7d5061 TIOCSTI: always enable for CAP_SYS_ADMIN 3f29d9ee323ae5cda59d144d1f8b0b10ea065be0 TIOCSTI: Document CAP_SYS_ADMIN behaviour in Kconfig 8d1b43f6a6df7bcea20982ad376a000d90906b42 tty: Restrict access to TIOCLINUX' copy-and-paste subcommands
Why not just use 6.6.y if you want this feature?
greg k-h
Greg,
On Fri, Jun 28, 2024 at 04:16:26PM +0200, Greg Kroah-Hartman wrote:
On Fri, Jun 28, 2024 at 02:47:23PM +0300, Vitaly Chikunov wrote:
Sasha, Greg,
Can you please backport CONFIG_LEGACY_TIOCSTI support into stable kernels?
That seems to be a new feature, not a bugfix, right? Is that applicable to older kernels?
This is related to CVE-2016-2568 (in polkit), but it's believed this is better fixed on the kernel side.
This, perhaps, would include there mainline commits:
83efeeeb3d04b22aaed1df99bc70a48fe9d22c4d tty: Allow TIOCSTI to be disabled 5c30f3e4a6e67c88c979ad30554bf4ef9b24fbd0 tty: Move TIOCSTI toggle variable before kerndoc b2ea273a477cd6e83daedbfa1981cd1a7468f73a tty: Fix typo in LEGACY_TIOCSTI Kconfig description 690c8b804ad2eafbd35da5d3c95ad325ca7d5061 TIOCSTI: always enable for CAP_SYS_ADMIN 3f29d9ee323ae5cda59d144d1f8b0b10ea065be0 TIOCSTI: Document CAP_SYS_ADMIN behaviour in Kconfig 8d1b43f6a6df7bcea20982ad376a000d90906b42 tty: Restrict access to TIOCLINUX' copy-and-paste subcommands
Why not just use 6.6.y if you want this feature?
Since I maintain older kernels for ALT Linux I thought I'd first ask upstream if it's possible to backport the patches before cherry-picking them myself. It is also good to know they aren't backported intentionally and not by a slip.
Thanks,
greg k-h
linux-stable-mirror@lists.linaro.org
-
Greg Kroah-Hartman -
Vitaly Chikunov