Hi stable maintainers,
The following patch in mainline is listed as a fix for CVE-2023-2176: 8d037973d48c026224ab285e6a06985ccac6f7bf (RDMA/core: Refactor rdma_bind_addr)
And the following is a fix for a regression in the above patch: 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 (RDMA/core: Update CMA destination address on rdma_resolve_addr)
To my knowledge, at least back to v6.1 is vulnerable to this same bug. Since these should apply directly to 6.1.y, can these be picked up for that branch?
Regards, Brennan
On Tue, Feb 27, 2024 at 04:15:06PM -0800, Brennan Lamoreaux wrote:
Hi stable maintainers,
The following patch in mainline is listed as a fix for CVE-2023-2176: 8d037973d48c026224ab285e6a06985ccac6f7bf (RDMA/core: Refactor rdma_bind_addr)
And the following is a fix for a regression in the above patch: 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 (RDMA/core: Update CMA destination address on rdma_resolve_addr)
To my knowledge, at least back to v6.1 is vulnerable to this same bug. Since these should apply directly to 6.1.y, can these be picked up for that branch?
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
thanks,
greg k-h
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
Thanks, Brennan
On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux brennan.lamoreaux@broadcom.com wrote:
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
I guess the reason is:
8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is not sent to stable@vger.kernel.org. And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix 8d037973d48c026224ab285e6a06985ccac6f7bf, so no need of 0e158 if 8d03 not backported to that particular branch.
- Ajay
On Thu, Feb 29, 2024 at 02:05:39PM +0530, Ajay Kaher wrote:
On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux brennan.lamoreaux@broadcom.com wrote:
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
I guess the reason is:
8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is not sent to stable@vger.kernel.org. And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix 8d037973d48c026224ab285e6a06985ccac6f7bf, so no need of 0e158 if 8d03 not backported to that particular branch.
Ok, so there's nothing to do here, great! If there is, please let us know.
greg k-h
On Mon, Mar 4, 2024 at 12:14 PM Greg KH gregkh@linuxfoundation.org wrote:
On Thu, Feb 29, 2024 at 02:05:39PM +0530, Ajay Kaher wrote:
On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux brennan.lamoreaux@broadcom.com wrote:
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
I guess the reason is:
8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is not sent to stable@vger.kernel.org. And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix 8d037973d48c026224ab285e6a06985ccac6f7bf, so no need of 0e158 if 8d03 not backported to that particular branch.
Ok, so there's nothing to do here, great! If there is, please let us know.
In my previous mail, I was guessing why 8d037973d48c commit was not backported to v6.1.
However Brennan's concern is:
As per CVE-2023-2176, because of improper cleanup local users can crash the system. And this crash was reported in v5.19, refer: https://lore.kernel.org/all/ec81a9d50462d9b9303966176b17b85f7dfbb96a.1670749...
However, fix i.e. 8d037973d48c applied to master from v6.3-rc1 and not backported to any stable or LTS. So v6.1 is still vulnarbile, so 8d037973d48c and 0e15863015d9 should be backported to v6.1.
- Ajay
On Mon, Mar 04, 2024 at 02:21:22PM +0530, Ajay Kaher wrote:
On Mon, Mar 4, 2024 at 12:14 PM Greg KH gregkh@linuxfoundation.org wrote:
On Thu, Feb 29, 2024 at 02:05:39PM +0530, Ajay Kaher wrote:
On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux brennan.lamoreaux@broadcom.com wrote:
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
I guess the reason is:
8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is not sent to stable@vger.kernel.org. And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix 8d037973d48c026224ab285e6a06985ccac6f7bf, so no need of 0e158 if 8d03 not backported to that particular branch.
Ok, so there's nothing to do here, great! If there is, please let us know.
In my previous mail, I was guessing why 8d037973d48c commit was not backported to v6.1.
However Brennan's concern is:
As per CVE-2023-2176, because of improper cleanup local users can crash the system. And this crash was reported in v5.19, refer: https://lore.kernel.org/all/ec81a9d50462d9b9303966176b17b85f7dfbb96a.1670749...
However, fix i.e. 8d037973d48c applied to master from v6.3-rc1 and not backported to any stable or LTS. So v6.1 is still vulnarbile, so 8d037973d48c and 0e15863015d9 should be backported to v6.1.
Ah, thanks, sorry for the confusion. Both now queued up.
greg k-h
On Mon, Mar 4, 2024 at 2:50 PM Greg KH gregkh@linuxfoundation.org wrote:
On Mon, Mar 04, 2024 at 02:21:22PM +0530, Ajay Kaher wrote:
On Mon, Mar 4, 2024 at 12:14 PM Greg KH gregkh@linuxfoundation.org wrote:
On Thu, Feb 29, 2024 at 02:05:39PM +0530, Ajay Kaher wrote:
On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux brennan.lamoreaux@broadcom.com wrote:
If you provide a working backport of that commit, we will be glad to apply it. As-is, it does not apply at all, which is why it was never added to the 6.1.y tree.
Oh, apologies for requesting if they don't apply. I'd be happy to submit working backports for these patches, but I am not seeing any issues applying/building the patches on my machine... Both patches in sequence applied directly and my local build was successful.
This is the workflow I tested:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 make allyesconfig make
Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable for some other reason.
I guess the reason is:
8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is not sent to stable@vger.kernel.org. And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix 8d037973d48c026224ab285e6a06985ccac6f7bf, so no need of 0e158 if 8d03 not backported to that particular branch.
Ok, so there's nothing to do here, great! If there is, please let us know.
In my previous mail, I was guessing why 8d037973d48c commit was not backported to v6.1.
However Brennan's concern is:
As per CVE-2023-2176, because of improper cleanup local users can crash the system. And this crash was reported in v5.19, refer: https://lore.kernel.org/all/ec81a9d50462d9b9303966176b17b85f7dfbb96a.1670749...
However, fix i.e. 8d037973d48c applied to master from v6.3-rc1 and not backported to any stable or LTS. So v6.1 is still vulnarbile, so 8d037973d48c and 0e15863015d9 should be backported to v6.1.
Ah, thanks, sorry for the confusion. Both now queued up.
So quick, thanks.
- Ajay
linux-stable-mirror@lists.linaro.org
-
Ajay Kaher -
Brennan Lamoreaux -
Greg KH