| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Jan 2019 15:36:54 +0100
From: Jann Horn <jannh@...gle.com>
To: "David S. Miller" <davem@...emloft.net>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Daniel Borkmann <daniel@...earbox.net>
Cc: Alexei Starovoitov <ast@...nel.org>, jakub.kicinski@...ronome.com,
Network Development <netdev@...r.kernel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: stable backport for the BPF speculation series? [was: Re: [PATCH bpf
v3 0/9] bpf fix to prevent oob under speculation]
On Thu, Jan 3, 2019 at 1:08 AM Alexei Starovoitov
<alexei.starovoitov@...il.com> wrote:
> On Thu, Jan 03, 2019 at 12:58:26AM +0100, Daniel Borkmann wrote:
> > This set fixes an out of bounds case under speculative execution
> > by implementing masking of pointer alu into the verifier. For
> > details please see the individual patches.
> >
> > Thanks!
> >
> > v2 -> v3:
> > - 8/9: change states_equal condition into old->speculative &&
> > !cur->speculative, thanks Jakub!
> > - 8/9: remove incorrect speculative state test in
> > propagate_liveness(), thanks Jakub!
> > v1 -> v2:
> > - Typo fixes in commit msg and a comment, thanks David!
>
> Applied, Thanks
This series and the followup fix ("bpf: fix sanitation of alu op with
pointer / scalar type from different paths") have been in Linus' tree
for six days, but from what I can tell, they aren't queued up for
stable yet.
@davem: Are you going to send this through stable, or is this only
going to be in 5.0?
Powered by blists - more mailing lists