On Tue, Jun 11, 2019 at 11:09:51PM -0400, Martin K. Petersen wrote: > > James, > > > Studying the issue further, I think we have to do the rebase. The > > problem is that any driver which hasn't been updated can be persuaded > > to walk of the end of the request and dereference the next struct > > request. It's not impossible for userspace to set up both requests, > > so it looks like this could be used at least to leak information from > > the kernel if not exploit it outright. I think that means we have to > > have every driver updated before this goes in. > > I agree in theory. Although, regardless of ordering of the commits, this > would still be a single pull request for 5.3. So it's not like there > would be a kernel release with this flaw exposed. Assuming all drivers > get fixed. > > Hence my concerns about breaking bisection. Not in terms of being able > to build, but in terms of being able to test intermediate commits on > systems with the affected drivers. > > Ming: Please audit all drivers, including ones that live outside of > drivers/scsi but which use the midlayer such a s390, USB, libata, > etc. Just to make sure we've got all of them covered. OK, I am studying coccinelle, and should figure out one semantic patch for covering all these drivers. Thanks, Ming
