| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200616013622.GC2916@codeaurora.org>
Date: Tue, 16 Jun 2020 07:06:22 +0530
From: Sahitya Tummala <stummala@...eaurora.org>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Satya Tangirala <satyat@...gle.com>,
Jaegeuk Kim <jaegeuk@...nel.org>, Chao Yu <yuchao0@...wei.com>,
linux-f2fs-devel@...ts.sourceforge.net,
linux-kernel@...r.kernel.org, stummala@...eaurora.org
Subject: Re: [PATCH] f2fs: fix use-after-free when accessing
bio->bi_crypt_context
On Mon, Jun 15, 2020 at 08:47:20AM -0700, Eric Biggers wrote:
> On Mon, Jun 15, 2020 at 03:23:16PM +0530, Sahitya Tummala wrote:
> > >
> > > Should I fold this change into the original patch? Or keep it as a
> > > separate patch when I send out the fscrypt/f2fs inline encryption
> > > patches?
> >
> > It may be good to keep it seperate as we already have the base FBE patches in
> > several downstream kernels, so this fix can be applied easily. But I will
> > leave it up to you to take a call on this.
> >
>
> We should fold it in because the patch this fixes isn't applied upstream yet.
>
> We'll need to submit this as a separate fix to the Android common kernels
> because they already have a previous version of the inline encryption patchset.
> (I assume that's where you have the code from.) But that doesn't affect what we
> do upstream.
Sure, no concerns from my side. It can be merged into the original series.
Thanks,
>
> - Eric
--
--
Sent by a consultant of the Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum.
Powered by blists - more mailing lists