lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAG48ez1Cm4EP9UwDyZRfW5q+CEyQDzd0RMCk4GwfcrsUFQuVJg@mail.gmail.com>
Date:   Wed, 23 Jan 2019 18:12:13 +0100
From:   Jann Horn <jannh@...gle.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Daniel Borkmann <daniel@...earbox.net>
Cc:     "David S. Miller" <davem@...emloft.net>,
        Alexei Starovoitov <alexei.starovoitov@...il.com>,
        Alexei Starovoitov <ast@...nel.org>,
        jakub.kicinski@...ronome.com,
        Network Development <netdev@...r.kernel.org>
Subject: Re: stable backport for the BPF speculation series? [was: Re: [PATCH
 bpf v3 0/9] bpf fix to prevent oob under speculation]

On Wed, Jan 23, 2019 at 6:04 PM Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
> On Tue, Jan 22, 2019 at 03:36:54PM +0100, Jann Horn wrote:
> > On Thu, Jan 3, 2019 at 1:08 AM Alexei Starovoitov
> > <alexei.starovoitov@...il.com> wrote:
> > > On Thu, Jan 03, 2019 at 12:58:26AM +0100, Daniel Borkmann wrote:
> > > > This set fixes an out of bounds case under speculative execution
> > > > by implementing masking of pointer alu into the verifier. For
> > > > details please see the individual patches.
> > > >
> > > > Thanks!
> > > >
> > > > v2 -> v3:
> > > >   - 8/9: change states_equal condition into old->speculative &&
> > > >     !cur->speculative, thanks Jakub!
> > > >   - 8/9: remove incorrect speculative state test in
> > > >     propagate_liveness(), thanks Jakub!
> > > > v1 -> v2:
> > > >   - Typo fixes in commit msg and a comment, thanks David!
> > >
> > > Applied, Thanks
> >
> > This series and the followup fix ("bpf: fix sanitation of alu op with
> > pointer / scalar type from different paths") have been in Linus' tree
> > for six days, but from what I can tell, they aren't queued up for
> > stable yet.
>
> What are the git commit ids of the patches you think should be
> backported?

Daniel Borkmann said at
https://marc.info/?l=linux-netdev&m=154820859831443&w=2 :

| Will get this to stable towards end of week. We wanted to let this sit
| for a while in Linus' tree given the complexity of the fix to get some
| more coverage. We also need 9d5564ddcf2a ("bpf: fix inner map masking
|to prevent oob under speculation") in addition.

, so I expect that he's going to submit a request for stable inclusion
in the next few days. The git commits are:

c08435ec7f2bc8f4109401f696fd55159b4b40cb
144cd91c4c2bced6eb8a7e25e590f6618a11e854
9b73bfdd08e73231d6a90ae6db4b46b3fbf56c30
0d6303db7970e6f56ae700fa07e11eb510cda125
e4298d25830a866cc0f427d4bccb858e76715859
9d7eceede769f90b66cfa06ad5b357140d5141ed
b7137c4eab85c1cf3d46acdde90ce1163b28c873
979d63d50c0c0f7bc537bf821e056cc9fe5abd38
d3bd7413e0ca40b60cf60d4003246d067cafdeda
9d5564ddcf2a0f5ba3fa1c3a1f8a1b59ad309553

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ