On 9/19/23 10:39 AM, Alexei Starovoitov wrote:
On Tue, Sep 19, 2023 at 1:34 AM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
On Tue, Sep 19, 2023 at 08:26:28AM +0200, Daniel Borkmann wrote:
On 9/16/23 1:35 PM, Greg KH wrote:
On Thu, Sep 14, 2023 at 08:51:32AM +0000, Luis Gerhorst wrote:
6.1-stable review patch. If anyone has any objections, please let me know.
From: Yafang Shao <laoar.shao@xxxxxxxxx>
commit d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2 upstream.
I unfortunately have objections, they are pending discussion at [1].
Same applies to the 6.4-stable review patch [2] and all other backports.
[1] https://lore.kernel.org/bpf/20230913122827.91591-1-gerhorst@xxxxxxxxx/
[2] https://lore.kernel.org/stable/20230911134709.834278248@xxxxxxxxxxxxxxxxxxx/
As this is in the tree already, and in Linus's tree, I'll wait to see
if any changes are merged into Linus's tree for this before removing it
from the stable trees.
Let us know if there's a commit that resolves this and we will be glad
to queue that up.
Commit d75e30dddf73 ("bpf: Fix issue in verifying allow_ptr_leaks") is not
stable material. It's not really a "fix", but it will simply make direct
packet access available to applications without CAP_PERFMON - the latter
was required so far given Spectre v1. However, there is ongoing discussion [1]
that potentially not much useful information can be leaked out and therefore
lifting it may or may not be ok. If we queue this to stable and later figure
we need to revert the whole thing again because someone managed to come up
with a PoC in the meantime, then there's higher risk of breakage.
Ick, ok, so just this one commit should be reverted? Or any others as
well?
I don't think revert is necessary. Just don't backport any further.
Yeah agree lets not backport further.