CIP-dev Archive on lore.kernel.org
 help / color / Atom feed
* [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86?
@ 2020-09-18 13:58 masashi.kudo
  2020-09-18 17:36 ` Jan Kiszka
  0 siblings, 1 reply; 4+ messages in thread
From: masashi.kudo @ 2020-09-18 13:58 UTC (permalink / raw)
  To: jan.kiszka, cip-dev


[-- Attachment #1: Type: text/plain, Size: 592 bytes --]

Hi, Jan-san, Siemens team,

There was some query to Siemens about the need of CVE-2020-25284 backporting.

- CVE-2020-25284 is in rbd ( Ceph block device ). 
- it is only fixed for v4.19 and later stable kernels
- Siemens has this built as a module in their 4.4-rt x86 config, but not their 4.19 one

So the question from the Kernel Team is whether Siemens needs its backporting to 4.4-rt or not.

Please take a look about the discussion at the IRC meeting yesterday.

https://irclogs.baserock.org/meetings/cip/2020/09/cip.2020-09-17-09.00.log.html

Best regards,
--
M. Kudo

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5464): https://lists.cip-project.org/g/cip-dev/message/5464
Mute This Topic: https://lists.cip-project.org/mt/76930681/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86?
  2020-09-18 13:58 [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86? masashi.kudo
@ 2020-09-18 17:36 ` Jan Kiszka
  2020-09-18 22:43   ` masashi.kudo
  0 siblings, 1 reply; 4+ messages in thread
From: Jan Kiszka @ 2020-09-18 17:36 UTC (permalink / raw)
  To: masashi.kudo, cip-dev


[-- Attachment #1: Type: text/plain, Size: 964 bytes --]

On 18.09.20 15:58, masashi.kudo@cybertrust.co.jp wrote:
> Hi, Jan-san, Siemens team,
> 
> There was some query to Siemens about the need of CVE-2020-25284 backporting.
> 
> - CVE-2020-25284 is in rbd ( Ceph block device ).
> - it is only fixed for v4.19 and later stable kernels
> - Siemens has this built as a module in their 4.4-rt x86 config, but not their 4.19 one
> 
> So the question from the Kernel Team is whether Siemens needs its backporting to 4.4-rt or not.
> 

Not to my best knowledge. This is very likely an accidental choice.

Is that the only config in our repo carrying rbd/ceph? The we should  
likely drop that, to be clear also in the future.

Jan

> Please take a look about the discussion at the IRC meeting yesterday.
> 
> https://irclogs.baserock.org/meetings/cip/2020/09/cip.2020-09-17-09.00.log.html
> 
> Best regards,
> --
> M. Kudo
> 

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5465): https://lists.cip-project.org/g/cip-dev/message/5465
Mute This Topic: https://lists.cip-project.org/mt/76930681/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86?
  2020-09-18 17:36 ` Jan Kiszka
@ 2020-09-18 22:43   ` masashi.kudo
  2020-10-01  9:39     ` Nobuhiro Iwamatsu
  0 siblings, 1 reply; 4+ messages in thread
From: masashi.kudo @ 2020-09-18 22:43 UTC (permalink / raw)
  To: jan.kiszka, cip-dev


[-- Attachment #1: Type: text/plain, Size: 1731 bytes --]

Hi, Jan-san,

Thanks for your quick response!

> Is that the only config in our repo carrying rbd/ceph? The we should likely drop
> that, to be clear also in the future.

When we discussed at the IRC, the config carrying rbd/ceph is only 4.4-rt x86.

So, I understood that the backporting is not required. 

Best regards,
--
M. Kudo

> -----Original Message-----
> From: Jan Kiszka <jan.kiszka@siemens.com>
> Sent: Saturday, September 19, 2020 2:36 AM
> To: 工藤 雅司(CTJ OSS事業推進室) <masashi.kudo@cybertrust.co.jp>;
> cip-dev@lists.cip-project.org
> Subject: Re: Is CVE-2020-25284 backporting needed for 4.4-rt x86?
> 
> On 18.09.20 15:58, masashi.kudo@cybertrust.co.jp wrote:
> > Hi, Jan-san, Siemens team,
> >
> > There was some query to Siemens about the need of CVE-2020-25284
> backporting.
> >
> > - CVE-2020-25284 is in rbd ( Ceph block device ).
> > - it is only fixed for v4.19 and later stable kernels
> > - Siemens has this built as a module in their 4.4-rt x86 config, but
> > not their 4.19 one
> >
> > So the question from the Kernel Team is whether Siemens needs its backporting
> to 4.4-rt or not.
> >
> 
> Not to my best knowledge. This is very likely an accidental choice.
> 
> Is that the only config in our repo carrying rbd/ceph? The we should likely drop
> that, to be clear also in the future.
> 
> Jan
> 
> > Please take a look about the discussion at the IRC meeting yesterday.
> >
> > https://irclogs.baserock.org/meetings/cip/2020/09/cip.2020-09-17-09.00
> > .log.html
> >
> > Best regards,
> > --
> > M. Kudo
> >
> 
> --
> Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence
> Center Embedded Linux

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5466): https://lists.cip-project.org/g/cip-dev/message/5466
Mute This Topic: https://lists.cip-project.org/mt/76930681/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86?
  2020-09-18 22:43   ` masashi.kudo
@ 2020-10-01  9:39     ` Nobuhiro Iwamatsu
  0 siblings, 0 replies; 4+ messages in thread
From: Nobuhiro Iwamatsu @ 2020-10-01  9:39 UTC (permalink / raw)
  To: cip-dev, jan.kiszka


[-- Attachment #1: Type: text/plain, Size: 799 bytes --]

Hi all,

> -----Original Message-----
> From: cip-dev@lists.cip-project.org [mailto:cip-dev@lists.cip-project.org] On Behalf Of
> masashi.kudo@cybertrust.co.jp
> Sent: Saturday, September 19, 2020 7:44 AM
> To: jan.kiszka@siemens.com; cip-dev@lists.cip-project.org
> Subject: Re: [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86?
> 
> Hi, Jan-san,
> 
> Thanks for your quick response!
> 
> > Is that the only config in our repo carrying rbd/ceph? The we should likely drop
> > that, to be clear also in the future.
> 
> When we discussed at the IRC, the config carrying rbd/ceph is only 4.4-rt x86.
> 
> So, I understood that the backporting is not required.

I removed  CONFIG_BLK_DEV_RBD from 4.4.y-cip-rt/x86/siemens_i386-rt.config.

Best regards,
  Nobuhiro

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5490): https://lists.cip-project.org/g/cip-dev/message/5490
Mute This Topic: https://lists.cip-project.org/mt/76930681/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-18 13:58 [cip-dev] Is CVE-2020-25284 backporting needed for 4.4-rt x86? masashi.kudo
2020-09-18 17:36 ` Jan Kiszka
2020-09-18 22:43   ` masashi.kudo
2020-10-01  9:39     ` Nobuhiro Iwamatsu

CIP-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/cip-dev/0 cip-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 cip-dev cip-dev/ https://lore.kernel.org/cip-dev \
		cip-dev@lists.cip-project.org
	public-inbox-index cip-dev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.cip-project.lists.cip-dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git