lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <YxbfJqPb8x0WjmqR@hovoldconsulting.com>
Date:   Tue, 6 Sep 2022 07:48:22 +0200
From:   Johan Hovold <johan@...nel.org>
To:     Sasha Levin <sashal@...nel.org>
Cc:     stable-commits@...r.kernel.org, johan+linaro@...nel.org,
        Felipe Balbi <balbi@...nel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-kernel@...r.kernel.org
Subject: Re: Patch "usb: dwc3: qcom: fix peripheral and OTG suspend" has been
 added to the 5.19-stable tree

On Mon, Sep 05, 2022 at 01:00:59PM -0400, Sasha Levin wrote:
> On Mon, Sep 05, 2022 at 05:00:10PM +0200, Johan Hovold wrote:
> >On Mon, Sep 05, 2022 at 09:36:07AM -0400, Sasha Levin wrote:
> >> On Mon, Sep 05, 2022 at 03:23:13PM +0200, Johan Hovold wrote:
> >> >On Mon, Sep 05, 2022 at 09:17:41AM -0400, Sasha Levin wrote:
> >> >> On Mon, Sep 05, 2022 at 03:13:09PM +0200, Johan Hovold wrote:
> >> >> >On Mon, Sep 05, 2022 at 09:04:44AM -0400, Sasha Levin wrote:
> >> >> >> On Mon, Sep 05, 2022 at 02:58:31PM +0200, Johan Hovold wrote:
> >> >> >> >On Mon, Sep 05, 2022 at 08:53:09AM -0400, Sasha Levin wrote:
> >> >> >> >>     Fixes: 6895ea55c385 ("usb: dwc3: qcom: Configure wakeup interrupts during suspend")
> >> >> >> >
> >> >> >> >This commit doesn't exist in 5.19 (and earlier trees), shouldn't your
> >> >> >> >scripts check for that?
> >> >> >>
> >> >> >> They do - it was backported to 5.19.
> >> >> >
> >> >> >What?! Why on earth would 6895ea55c385 ("usb: dwc3: qcom: Configure
> >> >> >wakeup interrupts during suspend") be backported to stable?
> >> >> >
> >> >> >Please drop that patch instead. It's essentially a new feature and is in
> >> >> >any case in no way stable material.
> >> >>
> >> >> Right, it was picked up as a dependency of a872ab303d5d ("usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup")
> >> >
> >> >That's wrong too, it's not a dependency for that fix.
> >>
> >> Right, it may not strictly be one, but we're trying to bring in
> >> dependencies as is without modifying the patch is it's far less error
> >> prone, and keeps future backports easy, as long as backporting those
> >> isn't riskier.
> >
> >It should only be some context that have changed. Backporting a known
> >broken and non-trivial feature patch for that can't be right. It is
> >certainly riskier.
> >
> >> In this case, if I were to drop a872ab303d5d I'd also need to drop:
> >>
> >> a872ab303d5d ("usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup")
> >> 6498a96c8c9c ("usb: dwc3: qcom: fix runtime PM wakeup")
> >>
> >> >So does this mean you're dropping the patches that should not be
> >> >backported?
> >>
> >> Having said the above, at the end it's your patches and your call, let
> >> me know if you're okay with dropping a872ab303d5d, a872ab303d5d, and
> >
> >You mentioned a872ab303d5d twice here.
> >
> >> 6498a96c8c9c from all trees and I'll do that.
> >
> >This one didn't have a CC stable tag so not sure why you're backporting
> >that one either.
> >
> >Just pick
> >
> >	a872ab303d5d ("usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup")
> >
> >which was the only patch I had marked for stable and fix up the trivial
> >context change (an unrelated function has been added after the new
> >helper in mainline).
> 
> Okay, this should be done. Please take a look at the queue to confirm.

I only checked the pending-5.19 branch, but that one still has 

	360e8230516d ("usb: dwc3: qcom: Add helper functions to enable,disable wake irqs")

which should be dropped as well.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ