On Tue, Jan 10, 2023 at 6:20 PM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > On Tue, 10 Jan 2023 at 18:10, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > > > > On Tue, Jan 10, 2023 at 6:09 PM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > On Tue, Jan 10, 2023 at 05:57:21PM +0100, Jason A. Donenfeld wrote: > > > > Thanks! IIRC, this applies to all current stable kernels (now that > > > > you've sunsetted 4.9). > > > > > > It does not apply cleanly to 5.4.y or 4.19.y or 4.14.y so can you > > > provide working backports for them? > > > > Oh, darn. I thought it would for some reason. Okay, lemme get cranking on that. > > Should we bother? Isn't v5.10 far enough back for this? This is not a > bugfix after all. This *is* a bug fix. And not just because we used to clobber that configuration table unnecessarily, but moreover because of the forward secrecy issues due to the missing memzero. We did all that in a single patch under the assumption that this would be backported as a unit. Anyway, don't sweat it - I'm working on the backport now. Seems straightforward enough. Jason
