Re: [PATCH 0/1] RFC: linux-5.15.y ksmbd backport for CVE-2023-38431

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

[Re: [PATCH 0/1] RFC: linux-5.15.y ksmbd backport for CVE-2023-38431] On 13/12/2023 (Wed 15:34) Greg KH wrote:

> On Tue, Dec 12, 2023 at 03:45:55PM -0500, Paul Gortmaker wrote:
> > [Re: [PATCH 0/1] RFC: linux-5.15.y ksmbd backport for CVE-2023-38431] On 12/12/2023 (Tue 21:04) Greg KH wrote:
> > 
> > > On Tue, Dec 12, 2023 at 01:47:44PM -0500, paul.gortmaker@xxxxxxxxxxxxx wrote:
> > > > From: Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>
> > > > 
> > > > This is a bit long, but I've never touched this code and all I can do is
> > > > compile test it.  So the below basically represents a capture of my
> > > > thought process in fixing this for the v5.15.y-stable branch.
> > > 
> > > Nice work, but really, given that there are _SO_ many ksmb patches that
> > > have NOT been backported to 5.15.y, I would strongly recommend that we
> > > just mark the thing as depending on BROKEN there for now as your one
> > 
> > I'd be 100% fine with that.  Can't speak for anyone else though.
> > 
> > > backport here is not going to make a dent in the fixes that need to be
> > > applied there to resolve the known issues that the codebase currently
> > > has resolved in newer kernels.
> > > 
> > > Do you use this codebase on 5.15.y?  What drove you to want to backport
> > 
> > I don't use it, and I don't know of anyone who does.
> 
> Then why are you all backporting stuff for it?

Firstly, you've cut the context where I already explained that I did it
because others said it couldn't be done.  Of all people, I am sure you
can respect that.

The Yocto Project still offers v5.15 as an option, and whenever I can, I
help out to advance the Yocto Project as time permits.  Ask Richard.

> If no one steps up, I'll just mark the thing as broken, it is _so_ far
> behind in patches that it's just sad.

Again, in this case - I have no problem with that - but as a note of
record -- whenever linux-stable removes a Kconfig, either explicitly or
by a depends on BROKEN - it does trigger fallout for some people.

The Yocto/OE does an audit on the Kconfig output looking for options
that were explicitly set (or un-set) by the user, or by base templates.
If they don't land in the final .config file -- it lets you know.

Paul.
--

> thanks,
> 
> greg k-h
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux