On Wed, Apr 19, 2017 at 03:15:02PM +0100, Ben Hutchings wrote: > On Wed, 2017-04-19 at 14:16 +0200, Greg Kroah-Hartman wrote: > > On Tue, Apr 18, 2017 at 01:49:41AM +0100, Ben Hutchings wrote: > > > Brad Spengler pointed out these fixes elsewhere: > > > > > > 43fab9793c1f [media] dvb-usb: don't use stack for firmware load > > > 67b0503db9c2 [media] dvb-usb-firmware: don't do DMA on stack > > > 3f190e3aec21 [media] cxusb: Use a dma capable buffer also for reading > > > c4baad50297d virtio-console: avoid DMA from stack > > > > > > For 4.9, the first one needs some adjustment - use the attached patch. > > > The rest apply cleanly. > > > > > > For 4.10, you can skip the first two as they've already been applied. > > > > Thanks for this shorter list. I'll go through the rest of the list of > > patches that Brad pointed out on oss-security. > > > > Oh, and you did notice he said that > > a4866aa81251 ("mm: Tighten x86 /dev/mem with zeroing reads") > > should be applied to stable kernels, right? I've queued it up for the > > ones I manage. > > Yes, though it's not a meaningful security fix by itself. What do you mean "by itself"? Is there something else that needs to be added here, or just that the patch doesn't really change all that much? thanks, greg k-h