From: Salvatore Bonaccorso <carnil@debian.org>
To: Ovidiu Panait <ovidiu.panait@windriver.com>
Cc: Sasha Levin <sashal@kernel.org>, stable@vger.kernel.org, greg@kroah.com
Subject: Re: [PATCH 5.4 0/3] usb: hso: backport CVE-2021-37159 fix
Date: Sat, 2 Oct 2021 20:51:07 +0200 [thread overview]
Message-ID: <YViqG5Yun6N7bhVl@eldamar.lan> (raw)
In-Reply-To: <18e2816e-cf21-27c2-afc6-bc46fcebde88@windriver.com>
Hi,
On Sat, Oct 02, 2021 at 03:36:21PM +0300, Ovidiu Panait wrote:
> Hi Sasha,
>
> On 10/1/21 7:55 PM, Sasha Levin wrote:
> > [Please note: This e-mail is from an EXTERNAL e-mail address]
> >
> > On Wed, Sep 29, 2021 at 11:03:19AM +0300, Ovidiu Panait wrote:
> > > Hi Salvatore,
> > >
> > > On 9/28/21 10:29 PM, Salvatore Bonaccorso wrote:
> > > > [Please note: This e-mail is from an EXTERNAL e-mail address]
> > > >
> > > > Hi Ovidiu
> > > >
> > > > On Tue, Sep 28, 2021 at 04:15:20PM +0300, Ovidiu Panait wrote:
> > > > > All 3 upstream commits apply cleanly:
> > > > > * 5fcfb6d0bfcd ("hso: fix bailout in error case of
> > > > > probe") is a support
> > > > > patch needed for context
> > > > > * a6ecfb39ba9d ("usb: hso: fix error handling code of
> > > > > hso_create_net_device")
> > > > > is the actual fix
> > > > > * dcb713d53e2e ("usb: hso: remove the bailout parameter")
> > > > > is a follow up
> > > > > cleanup commit
> > > > >
> > > > > Dongliang Mu (2):
> > > > > usb: hso: fix error handling code of hso_create_net_device
> > > > > usb: hso: remove the bailout parameter
> > > > >
> > > > > Oliver Neukum (1):
> > > > > hso: fix bailout in error case of probe
> > > > >
> > > > > drivers/net/usb/hso.c | 33 +++++++++++++++++++++++----------
> > > > > 1 file changed, 23 insertions(+), 10 deletions(-)
> > > > Noticing you sent this patch series for 4.14, 4.19 and 5.4 but am I
> > > > right that the last commit dcb713d53e2e ("usb: hso: remove the bailout
> > > > parameter") as cleanup commit should ideally as well be applied to
> > > > 5.10.y and 5.14.y?
> > > >
> > > > Whilst it's probably not strictly needed it would otherwise leave the
> > > > upper 5.10.y and 5.14.y inconsistent with those where these series are
> > > > applied.
> > >
> > > You're right, I have sent the cleanup patch for 5.10/5.14 integration
> > > as well:
> > >
> > > https://lore.kernel.org/stable/20210929075940.1961832-1-ovidiu.panait@windriver.com/T/#t
> > >
> >
> > Why do we need that cleanup commit in <=5.4 to begin with? Does it
> > actually fix anything?
> >
> The cleanup patch was part of the same patchset with a6ecfb39ba9d ("usb:
> hso: fix error handling code of hso_create_net_device") fix .
>
>
> I think it can be dropped, as it doesn't seem to fix anything. Can only the
> first two commits be cherry-picked for <=5.4, or should I resend?
Probably the right thing to do, Sasha and Ovidiu. Picking it would
have the small advantage of future commits to backport which would
conflict around the changed lines.
But I have no voice on that matter, I was really only going thorugh
some stable commits backports request covering CVEs and noticed the
submission and it's discrepancy.
For Debian I have for now picked all three commits on top of 4.19.208.
Regards,
Salvatore
next prev parent reply other threads:[~2021-10-02 18:51 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-28 13:15 [PATCH 5.4 0/3] usb: hso: backport CVE-2021-37159 fix Ovidiu Panait
2021-09-28 13:15 ` [PATCH 5.4 1/3] hso: fix bailout in error case of probe Ovidiu Panait
2021-09-28 13:15 ` [PATCH 5.4 2/3] usb: hso: fix error handling code of hso_create_net_device Ovidiu Panait
2021-09-28 13:15 ` [PATCH 5.4 3/3] usb: hso: remove the bailout parameter Ovidiu Panait
2021-09-28 19:29 ` [PATCH 5.4 0/3] usb: hso: backport CVE-2021-37159 fix Salvatore Bonaccorso
2021-09-29 8:03 ` Ovidiu Panait
2021-10-01 16:55 ` Sasha Levin
2021-10-02 12:36 ` Ovidiu Panait
2021-10-02 18:51 ` Salvatore Bonaccorso [this message]
2021-10-04 11:15 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YViqG5Yun6N7bhVl@eldamar.lan \
--to=carnil@debian.org \
--cc=greg@kroah.com \
--cc=ovidiu.panait@windriver.com \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).