On Sat, 13 Feb 2021 at 11:25, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > On Fri, Feb 12, 2021 at 10:26:58PM +0300, Dmitry Baryshkov wrote: > > Verify that user applications are not using the kernel RPC message > > handle to restrict them from directly attaching to guest OS on the > > remote subsystem. This is a port of CVE-2019-2308 fix. > > A port of the fix of what to what? I'm sorry for the confusion. It is a port of the original Qualcomm/CodeAurora fix to the upstream driver. See https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=cc2e11eeb988964af72309f71b0fb21c11ed6ca9, > Is this to go only into a stable tree (if so what ones and what is the > id in Linus's tree), or is it to go into Linus's tree like normal (if so > how can this be a port)? It's a port from QCI kernel, not a backport. So I'd prefer for it to go into Linus's tree (and then be backported to relevant -stable trees). -- With best wishes Dmitry
