I noticed that bpf speculative execution fixes are already queued for 4.14.y except for f232326f6966 ("bpf: Prohibit alu ops for pointer types not defining ptr_limit").
It is important that for all patches from this series to be applied together, so we avoid introducing a new vulnerability.
For the missing patch, I see conflicting lines in the context diffs due to API change that apparently caused import to fail.
I'm attaching a copy of the patch that is backported to 4.14.y. The only change comparing with version queued for newer version is that "verbose" API does not take "env" parameter.
Please queue or let me know how to proceed.
Thanks,
Piotr
On Fri, Mar 19, 2021 at 11:56:18PM +0000, Piotr Krysiuk wrote:
I noticed that bpf speculative execution fixes are already queued for 4.14.y except for f232326f6966 ("bpf: Prohibit alu ops for pointer types not defining ptr_limit").
It is important that for all patches from this series to be applied together, so we avoid introducing a new vulnerability.
For the missing patch, I see conflicting lines in the context diffs due to API change that apparently caused import to fail.
I'm attaching a copy of the patch that is backported to 4.14.y. The only change comparing with version queued for newer version is that "verbose" API does not take "env" parameter.
Please queue or let me know how to proceed.
Thank you for the updates. I had not looked into them further as I was not going to do a 4.14.y release this week, but was waiting to next week and would dig into it then, but you have saved me that effort, thanks!
I'll queue these up in a day or so, and if I've missed anything else here, please let me know.
greg k-h
On Fri, Mar 19, 2021 at 11:56:18PM +0000, Piotr Krysiuk wrote:
I noticed that bpf speculative execution fixes are already queued for 4.14.y except for f232326f6966 ("bpf: Prohibit alu ops for pointer types not defining ptr_limit").
It is important that for all patches from this series to be applied together, so we avoid introducing a new vulnerability.
For the missing patch, I see conflicting lines in the context diffs due to API change that apparently caused import to fail.
I'm attaching a copy of the patch that is backported to 4.14.y. The only change comparing with version queued for newer version is that "verbose" API does not take "env" parameter.
Please queue or let me know how to proceed.
Now queued up, thanks!
greg k-h
Thanks for the quick turn-around,
Piotr
On Sat, Mar 20, 2021 at 10:43 AM Greg KH gregkh@linuxfoundation.org wrote:
On Fri, Mar 19, 2021 at 11:56:18PM +0000, Piotr Krysiuk wrote:
I noticed that bpf speculative execution fixes are already queued for 4.14.y except for f232326f6966 ("bpf: Prohibit alu ops for pointer types not defining ptr_limit").
It is important that for all patches from this series to be applied together, so we avoid introducing a new vulnerability.
For the missing patch, I see conflicting lines in the context diffs due to API change that apparently caused import to fail.
I'm attaching a copy of the patch that is backported to 4.14.y. The only change comparing with version queued for newer version is that "verbose" API does not take "env" parameter.
Please queue or let me know how to proceed.
Now queued up, thanks!
greg k-h
linux-stable-mirror@lists.linaro.org
-
Greg KH -
Piotr Krysiuk