On Tue, 4 Jun 2019 at 14:34, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Mon, Jun 03, 2019 at 03:38:52PM -0700, Zubin Mithra wrote:
> > Hello,
> >
> > CVE-2019-12380 was fixed in the upstream linux kernel with the commit :-
> > * 4e78921ba4dd ("efi/x86/Add missing error handling to old_memmap 1:1 mapping code")
> >
> > Could the patch be applied in order to v4.19.y?
>
> Now queued up, thanks.
>
Given the discussion leading up to this, I'm slightly surprised.
As I alluded to in my questions to Zubin, I am concerned that the
testing carried out on this patch has too little coverage, given that
a) Chrome OS apparently does not boot in EFI mode
b) therefore, Chrome OS there does not use efi=old_map
c) Chrome OS hardware does not implement 5 level paging
I have done all the testing I could before merging the patch, but I
would prefer to defer from backporting it until it hits a release. I
know some people argue that this still does not provide sufficient
coverage, but those are usually not the same people getting emails
when their EFI systems no longer boot without any output whatsoever
after upgrading from one stable kernel version to the next.
