On Tue, 10 Jan 2023 at 18:32, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > > On Tue, Jan 10, 2023 at 6:20 PM Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > > > On Tue, 10 Jan 2023 at 18:10, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > > > > > > On Tue, Jan 10, 2023 at 6:09 PM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > > On Tue, Jan 10, 2023 at 05:57:21PM +0100, Jason A. Donenfeld wrote: > > > > > Thanks! IIRC, this applies to all current stable kernels (now that > > > > > you've sunsetted 4.9). > > > > > > > > It does not apply cleanly to 5.4.y or 4.19.y or 4.14.y so can you > > > > provide working backports for them? > > > > > > Oh, darn. I thought it would for some reason. Okay, lemme get cranking on that. > > > > Should we bother? Isn't v5.10 far enough back for this? This is not a > > bugfix after all. > > This *is* a bug fix. And not just because we used to clobber that > configuration table unnecessarily, but moreover because of the forward > secrecy issues due to the missing memzero. We did all that in a single > patch under the assumption that this would be backported as a unit. > > Anyway, don't sweat it - I'm working on the backport now. Seems > straightforward enough. > Fair enough.
