On 04/04/2024 03:40, Harishankar Vishwanathan wrote: > [...] > Given the above, please advise if we should backport this patch to older > kernels (and whether I should use the fixes tag). I don't feel too strongly about it, and if you or Shung-Hsi still think, on reflection, that backporting is desirable, then go ahead and keep the Fixes: tag. But maybe tweak the description so someone doesn't see "latent unsoundness" and think they need to CVE and rush this patch out as a security thing; it's more like hardening. *shrug* >> Commit message could also make clearer that the new code considers whether >> the *output* ubounds cross sign, rather than looking at the input bounds >> as the previous code did. At first I was confused as to why XOR didn't >> need special handling (since -ve xor -ve is +ve). > > Sounds good regarding making it clearer within the context of what the > existing code does. However, I wanted to clarify that XOR does indeed use > the same handling as all the other operations. Could you elaborate on what > you mean? Just that if you XOR two negative numbers you get a positive number, which isn't true for AND or OR; and my confused little brain thought that fact was relevant, which it isn't. -e
