| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1528386597.2289.75.camel@codethink.co.uk>
Date: Thu, 07 Jun 2018 16:49:57 +0100
From: Ben Hutchings <ben.hutchings@...ethink.co.uk>
To: Sriram R <srirrama@...eaurora.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: stable@...r.kernel.org,
Vasanthakumar Thiagarajan <vthiagar@....qualcomm.com>,
Kalle Valo <kvalo@....qualcomm.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4.4 08/56] ath10k: fix rfc1042 header retrieval in
QCA4019 with eth decap mode
On Thu, 2018-06-07 at 17:22 +0530, Sriram R wrote:
> Hi Ben,
>
> On 2018-06-04 23:22, Ben Hutchings wrote:
> > On Mon, 2018-05-14 at 08:48 +0200, Greg Kroah-Hartman wrote:
> > > 4.4-stable review patch. If anyone has any objections, please let me
> > > know.
> > >
> > > ------------------
> > >
> > > From: Vasanthakumar Thiagarajan <vthiagar@....qualcomm.com>
> > >
> > > commit 2f38c3c01de945234d23dd163e3528ccb413066d upstream.
> > >
> > > Chipset from QCA99X0 onwards (QCA99X0, QCA9984, QCA4019 & future)
> > > rx_hdr_status is not padded to align in 4-byte boundary. Define a
> > > new hw_params field to handle different alignment behaviour between
> > > different hw. This patch fixes improper retrieval of rfc1042 header
> > > with QCA4019. This patch along with "ath10k: Properly remove padding
> > > from the start of rx payload" will fix traffic failure in ethernet
> > > decap mode for QCA4019.
> > >
> > > Signed-off-by: Vasanthakumar Thiagarajan <vthiagar@....qualcomm.com>
> > > Signed-off-by: Kalle Valo <kvalo@....qualcomm.com>
> > > Signed-off-by: Sriram R <srirrama@...eaurora.org>
> > > Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> >
> > [...]
> >
> > I'm curious as to why this backport doesn't include the change to
> > ath10k_htt_rx_h_find_rfc1042(). I understand that the addition of the
> > new field is a dependency for the following patch, but shouldn't the
> > fix included in the upstream commit also be applied to 4.4?
> >
>
> Our main intention with this patchset [1] was to provide fix for
> replay detection security issue seen in ath10k driver which needed to be
> in the stable releases.
>
> And, as per stable tree guidelines we wanted the patchset to have only
> one and this important fix .
OK, I think the problem here is that the rules say "must" when what's
really meant is "should". So the rule "It must fix only one thing."
really means that commits that each make a single logical change are
strongly preferred.
It does not mean that upstream commits should be trimmed down to
conform to this. Greg generally considers it more important to avoid
changes to the upstream commit, where possible. Right, Greg?
And speaking only for myself, I particularly dislike stable backports
that are significantly different from the original upstream commit but
don't mention this difference in the commit message.
Ben.
> Also we felt the change in ath10k_htt_rx_h_find_rfc1042() is currently
> not a must-have fix in 4.4 stable tree .
>
> [1]
> https://patchwork.kernel.org/patch/10370863/
> https://patchwork.kernel.org/patch/10370865/
>
> Thanks and Regards,
> Sriram.R
>
> > Ben.
>
>
--
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom
Powered by blists - more mailing lists