* requesting stable backport of BPF security fix (commit dd066823db2ac4e22f721ec85190817b58059a54)
@ 2018-09-25 12:46 Jann Horn
2018-09-25 13:27 ` Daniel Borkmann
0 siblings, 1 reply; 2+ messages in thread
From: Jann Horn @ 2018-09-25 12:46 UTC (permalink / raw)
To: Network Development, David S. Miller
Cc: Alexei Starovoitov, Daniel Borkmann, security
Hi!
Per the policy at Documentation/networking/netdev-FAQ.rst, I'm sending
this to netdev@ and davem, rather than stable@; with a CC to security@
because I believe that this is a security process issue.
Upstream commit dd066823db2ac4e22f721ec85190817b58059a54
("bpf/verifier: disallow pointer subtraction") fixes a security bug
(kernel pointer leak to unprivileged userspace). The fix has been in
Linus' tree since about a week ago, but the patch still doesn't appear
in Greg's linux-4.18.y linux-stable-rc repo, in Greg's 4.18
stable-queue, or in davem's stable queue at
http://patchwork.ozlabs.org/bundle/davem/stable/?state=* .
Please queue it up for backporting.
I am curious: Why was this not queued up for stable immediately? Or
was it, and I looked in the wrong place?
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: requesting stable backport of BPF security fix (commit dd066823db2ac4e22f721ec85190817b58059a54)
2018-09-25 12:46 requesting stable backport of BPF security fix (commit dd066823db2ac4e22f721ec85190817b58059a54) Jann Horn
@ 2018-09-25 13:27 ` Daniel Borkmann
0 siblings, 0 replies; 2+ messages in thread
From: Daniel Borkmann @ 2018-09-25 13:27 UTC (permalink / raw)
To: Jann Horn, Network Development, David S. Miller
Cc: Alexei Starovoitov, security
On 09/25/2018 02:46 PM, Jann Horn wrote:
> Hi!
>
> Per the policy at Documentation/networking/netdev-FAQ.rst, I'm sending
> this to netdev@ and davem, rather than stable@; with a CC to security@
> because I believe that this is a security process issue.
>
> Upstream commit dd066823db2ac4e22f721ec85190817b58059a54
> ("bpf/verifier: disallow pointer subtraction") fixes a security bug
> (kernel pointer leak to unprivileged userspace). The fix has been in
> Linus' tree since about a week ago, but the patch still doesn't appear
> in Greg's linux-4.18.y linux-stable-rc repo, in Greg's 4.18
> stable-queue, or in davem's stable queue at
> http://patchwork.ozlabs.org/bundle/davem/stable/?state=* .
>
> Please queue it up for backporting.
Done & flushed out now, sorry for the delay.
Thanks,
Daniel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-09-25 19:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-25 12:46 requesting stable backport of BPF security fix (commit dd066823db2ac4e22f721ec85190817b58059a54) Jann Horn
2018-09-25 13:27 ` Daniel Borkmann
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.