On Tue, 4 Jun 2019 at 15:46, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Tue, Jun 04, 2019 at 03:39:15PM +0200, Ard Biesheuvel wrote:
> > On Tue, 4 Jun 2019 at 14:34, Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> > >
> > > On Mon, Jun 03, 2019 at 03:38:52PM -0700, Zubin Mithra wrote:
> > > > Hello,
> > > >
> > > > CVE-2019-12380 was fixed in the upstream linux kernel with the commit :-
> > > > * 4e78921ba4dd ("efi/x86/Add missing error handling to old_memmap 1:1 mapping code")
> > > >
> > > > Could the patch be applied in order to v4.19.y?
> > >
> > > Now queued up, thanks.
> > >
> >
> > Given the discussion leading up to this, I'm slightly surprised.
> >
> > As I alluded to in my questions to Zubin, I am concerned that the
> > testing carried out on this patch has too little coverage, given that
> > a) Chrome OS apparently does not boot in EFI mode
> > b) therefore, Chrome OS there does not use efi=old_map
> > c) Chrome OS hardware does not implement 5 level paging
> >
> > I have done all the testing I could before merging the patch, but I
> > would prefer to defer from backporting it until it hits a release. I
> > know some people argue that this still does not provide sufficient
> > coverage, but those are usually not the same people getting emails
> > when their EFI systems no longer boot without any output whatsoever
> > after upgrading from one stable kernel version to the next.
>
> Ok, I'll go drop it. Can you please email stable@vger when it is in a
> release so that I know to queue it up then?
>
OK, thanks
