On 6/16/21 11:36 AM, Greg Kroah-Hartman wrote: > On Wed, Jun 16, 2021 at 05:28:54PM +0800, Liu Shixin wrote: >> On 2021/6/16 15:11, Suren Baghdasaryan wrote: >> > On Tue, Jun 15, 2021 at 11:52 PM Greg Kroah-Hartman >> > <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: >> >> On Wed, Jun 16, 2021 at 02:47:15PM +0800, Liu Shixin wrote: >> >>> Hi, Suren, >> >>> >> >>> I read the previous discussion about fixing CVE-2020-29374 in stable 4.14 and 4.19 in >> >>> <https://lore.kernel.org/linux-mm/20210401181741.168763-1-surenb@xxxxxxxxxx/> >> >>> >> >>> https://lore.kernel.org/linux-mm/20210401181741.168763-1-surenb@xxxxxxxxxx/ >> >>> >> >>> And the results of the discussion is that you backports of 17839856fd58 for 4.14 and >> >>> >> >>> 4.19 kernels. >> >>> >> >>> But the bug about dax and strace in the discussion has not been solved, right? I don't >> >>> >> >>> find a conclusion on this issue, am I missing something? Does this problem still exist in >> >>> >> >>> the stable 4.14 and 4.19 kernel? >> > That is my understanding after discussions with Andrea but I did not >> > verify that myself. As Greg pointed out, the best way would be to try >> > it out. >> > Thanks, >> > Suren. >> > >> >> As the code is all there for you, can you just test them and see for >> >> yourself? >> >> >> >> thanks, >> >> >> >> greg k-h >> > . >> > >> Thank you both for replies. I have tested it in stable 4.19 kernel and the bug is existed as expected. If you can reproduce it, great. That means a root cause can be found and fixed, hopefully in a minimal way. > Great, can you provide a working backport of the patches needed to solve > this for 4.19 so that we can apply them? We probably don't want to blindly backport the upstream patches (that also fixed dax+ptrace as a side-effect) because they changed the semantics a lot and led to further fixes, which is IMHO too risky to do now in stable. Linus also thought so: https://lore.kernel.org/linux-mm/CAHk-=whUKYdWbKfFzXXnK8n04oCMwEgSnG8Y3tgE=YZUjiDvbA@xxxxxxxxxxxxxx/#t > thanks, > > greg k-h >
