lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 1 Dec 2022 00:46:18 +0200
From:   Vladimir Oltean <olteanv@...il.com>
To:     Artem Chernyshev <artem.chernyshev@...-soft.ru>
Cc:     Woojung Huh <woojung.huh@...rochip.com>,
        Andrew Lunn <andrew@...n.ch>,
        Florian Fainelli <f.fainelli@...il.com>,
        "David S . Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org
Subject: Re: [PATCH v2] net: dsa: Check return value from skb_trim_rcsum()

Hi,

On Tue, Nov 29, 2022 at 10:43:09PM +0300, Artem Chernyshev wrote:
> Return NULL if we got unexpected value from skb_trim_rcsum()
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Fixes: 01ef09caad66 ("net: dsa: Add tag handling for Hirschmann Hellcreek switches")
> Fixes: bafe9ba7d908 ("net: dsa: ksz: Factor out common tag code")
> Fixes: 4913b8ebf8a9 ("net: dsa: add support for the SJA1110 native tagging protocol")
> Signed-off-by: Artem Chernyshev <artem.chernyshev@...-soft.ru>
> ---

While you're fixing the same class of bug in 3 drivers, the bugs are
unrelated to one another.

SJA1110, KSZ and Hellcreek are switch families from 3 different hardware
vendors, and none of those vendors cares about the other.

When you squash 3 Fixes: tags into the same patch like that, the
following will happen.

$ git tag --contains 01ef09caad66 # "net: dsa: Add tag handling for Hirschmann Hellcreek switches"
v5.11
$ git tag --contains bafe9ba7d908 # "net: dsa: ksz: Factor out common tag code"
v5.0
$ git tag --contains 4913b8ebf8a9 # "net: dsa: add support for the SJA1110 native tagging protocol"
v5.14

Your patch can only be backported down to linux-stable branch linux-5.15.y,
because that's the only stable branch that contains the code you're
modifying.

The Hellcreek driver won't benefit from the bug fix on the 5.10 stable
branch, and neither KSZ nor Hellcreek will benefit from it on 5.4.

Be smart, write 3 patches with 3 distinct Fixes: tags, and each will be
backported where it needs to, independent from the other.

Oh, and also, don't send the v3 emails with an In-reply-to: header to v2.

And please remember to run ./scripts/get_maintainer.pl again, on each
patch revision.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ