Re: [PATCH 6.6 00/28] fix CVE-2024-46701

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

在 2024/11/06 22:43, Lorenzo Stoakes 写道:
NACK.

Do this some other way that isn't a terrible mess.

You've reverted my CRITICAL fix, then didn't cc- me so I'm grumpy.

Even if you bizarrely brought it back later.

Don't fail to cc- people you revert in future, please, especially in
stable. It's not only discourteous it's also an actual security risk.

ok, that's my fault.

Thanks.

Also this commit log is ridiculous, you don't even explain WHAT ON EARTH
YOU ARE DOING HERE. It's not just good enough to reference a CVE and expect
us to go research this for you, especially one you've 'addressed' in this
totally bizarre fashion.

On Thu, Oct 24, 2024 at 09:19:41PM +0800, Yu Kuai wrote:
From: Yu Kuai <yukuai3@xxxxxxxxxx>

Fix patch is patch 27, relied patches are from:

  - patches from set [1] to add helpers to maple_tree, the last patch to
improve fork() performance is not backported;
  - patches from set [2] to change maple_tree, and follow up fixes;
  - patches from set [3] to convert offset_ctx from xarray to maple_tree;

Please notice that I'm not an expert in this area, and I'm afraid to
make manual changes. That's why patch 16 revert the commit that is
different from mainline and will cause conflict backporting new patches.
patch 28 pick the original mainline patch again.

This is... what? :/

You have to fix conflicts, that's part of what backporting involves.

So, that's the best I can do in this area. I agree that this is
unacceptable now. So I'll just ignore this cve for v6.6, unless
some expert in this area will try to fix conflicts for patch 27 in
a better way.

Thanks,
Kuai


Yeah, rethink your whole approach, thanks.


(And this is what we did to fix the CVE in downstream kernels).

[1] https://lore.kernel.org/all/20231027033845.90608-1-zhangpeng.00@xxxxxxxxxxxxx/
[2] https://lore.kernel.org/all/20231101171629.3612299-2-Liam.Howlett@xxxxxxxxxx/T/
[3] https://lore.kernel.org/all/170820083431.6328.16233178852085891453.stgit@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/

Andrew Morton (1):
   lib/maple_tree.c: fix build error due to hotfix alteration

Chuck Lever (5):
   libfs: Re-arrange locking in offset_iterate_dir()
   libfs: Define a minimum directory offset
   libfs: Add simple_offset_empty()
   maple_tree: Add mtree_alloc_cyclic()
   libfs: Convert simple directory offsets to use a Maple Tree

Liam R. Howlett (12):
   maple_tree: remove unnecessary default labels from switch statements
   maple_tree: make mas_erase() more robust
   maple_tree: move debug check to __mas_set_range()
   maple_tree: add end of node tracking to the maple state
   maple_tree: use cached node end in mas_next()
   maple_tree: use cached node end in mas_destroy()
   maple_tree: clean up inlines for some functions
   maple_tree: separate ma_state node from status
   maple_tree: remove mas_searchable()
   maple_tree: use maple state end for write operations
   maple_tree: don't find node end in mtree_lookup_walk()
   maple_tree: mtree_range_walk() clean up

Lorenzo Stoakes (1):
   maple_tree: correct tree corruption on spanning store

Peng Zhang (7):
   maple_tree: add mt_free_one() and mt_attr() helpers
   maple_tree: introduce {mtree,mas}_lock_nested()
   maple_tree: introduce interfaces __mt_dup() and mtree_dup()
   maple_tree: skip other tests when BENCH is enabled
   maple_tree: preserve the tree attributes when destroying maple tree
   maple_tree: add test for mtree_dup()
   maple_tree: avoid checking other gaps after getting the largest gap

Yu Kuai (1):
   Revert "maple_tree: correct tree corruption on spanning store"

yangerkun (1):
   libfs: fix infinite directory reads for offset dir

  fs/libfs.c                                  |  129 ++-
  include/linux/fs.h                          |    6 +-
  include/linux/maple_tree.h                  |  356 +++---
  include/linux/mm_types.h                    |    3 +-
  lib/maple_tree.c                            | 1096 +++++++++++++------
  lib/test_maple_tree.c                       |  218 ++--
  mm/internal.h                               |   10 +-
  mm/shmem.c                                  |    4 +-
  tools/include/linux/spinlock.h              |    1 +
  tools/testing/radix-tree/linux/maple_tree.h |    2 +-
  tools/testing/radix-tree/maple.c            |  390 ++++++-
  11 files changed, 1564 insertions(+), 651 deletions(-)

--
2.39.2


.






[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux