| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Jun 2024 15:57:34 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Peter Xu <peterx@...hat.com>
Cc: Audra Mitchell <audra@...hat.com>, viro@...iv.linux.org.uk,
brauner@...nel.org, jack@...e.cz, aarcange@...hat.com,
rppt@...ux.vnet.ibm.com, shli@...com, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, shuah@...nel.org,
linux-kselftest@...r.kernel.org, raquini@...hat.com
Subject: Re: [PATCH v2 1/3] Fix userfaultfd_api to return EINVAL as expected
On Sun, 23 Jun 2024 11:26:37 -0400 Peter Xu <peterx@...hat.com> wrote:
> > > Fixes: e06f1e1dd499 ("userfaultfd: wp: enabled write protection in userfaultfd API")
> >
> > A userspace-triggerable WARN is bad. I added cc:stable to this.
>
> Andrew,
>
> Note that this change may fix a WARN, but it may also start to break
> userspace which might be worse if it happens, IMHO. I forgot to mention
> that here, but only mentioned that in v1, and from that POV not copying
> stable seems the right thing.
>
> https://lore.kernel.org/all/ZjuIEH8TW2tWcqXQ@x1n/
>
> In summary: I think we can stick with Fixes on e06f1e1dd499, but we
> don't copy stable. The major reason we don't copy stable here is
> not only about complexity of such backport, but also that there can
> be apps trying to pass in unsupported bits (even if the kernel
> didn't support it) but keep using MISSING mode only, then we
> shouldn't fail them easily after a stable upgrade. Just smells
> dangerous to backport.
OK. And I'll move it into the 6.11-rc1 queue, for the next merge window.
Powered by blists - more mailing lists