On Mon, Apr 10, 2017 at 11:04:04PM -0500, Steve French wrote: > Pavel's point is a good one, but we need some feedback from those more > familiar with the stable rules to decide if his small patch or a > backport of a larger (but more valuable patch series) is the right > answer. > > Basically, > 1) A VERY important security feature (SMB3 encryption) was added (by > Pavel) to the cifs.ko SMB3 client and is now upstream in mainline. > Support for encrypted sessions and shares is crucial in many cases and > is required for some servers now, but the patch series which > implemented it is rather large for backport to 4.9 (15 patches). It > is of huge value, and improves security in some cases obviously, but I > don't know if his series is larger than allowed for stable. If it is "huge value", and improves security, and is what is in Linus's tree, then yes, it could be allowed for stable, that would be nice. Feel free to send the patch series if you want them applied. > 2) In the process of writing support for encryption - he noticed that > when you don't have his encryption patch series, we had a bug in older > clients (which his patch addresses). His patch is unneeded for > current mainline. If we backport the encryption series, we wouldn't > need it. I always prefer to stick with what is in Linus's tree because we almost always get something wrong when we don't do that. thanks, greg k-h