On Mon, Mar 4, 2024 at 2:50 PM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > On Mon, Mar 04, 2024 at 02:21:22PM +0530, Ajay Kaher wrote: > > On Mon, Mar 4, 2024 at 12:14 PM Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > On Thu, Feb 29, 2024 at 02:05:39PM +0530, Ajay Kaher wrote: > > > > On Thu, Feb 29, 2024 at 12:13 AM Brennan Lamoreaux > > > > <brennan.lamoreaux@xxxxxxxxxxxx> wrote: > > > > > > > > > > > If you provide a working backport of that commit, we will be glad to > > > > > > apply it. As-is, it does not apply at all, which is why it was never > > > > > > added to the 6.1.y tree. > > > > > > > > > > Oh, apologies for requesting if they don't apply. I'd be happy to submit > > > > > working backports for these patches, but I am not seeing any issues applying/building > > > > > the patches on my machine... Both patches in sequence applied directly and my > > > > > local build was successful. > > > > > > > > > > This is the workflow I tested: > > > > > > > > > > git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y > > > > > git checkout FETCH_HEAD > > > > > git cherry-pick -x 8d037973d48c026224ab285e6a06985ccac6f7bf > > > > > git cherry-pick -x 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 > > > > > make allyesconfig > > > > > make > > > > > > > > > > Please let me know if I've made a mistake with the above commands, or if these patches aren't applicable > > > > > for some other reason. > > > > > > > > > > > > > I guess the reason is: > > > > > > > > 8d037973d48c026224ab285e6a06985ccac6f7bf doesn't have "Fixes:" and is > > > > not sent to stable@xxxxxxxxxxxxxxx. > > > > And 0e15863015d97c1ee2cc29d599abcc7fa2dc3e95 is to Fix > > > > 8d037973d48c026224ab285e6a06985ccac6f7bf, > > > > so no need of 0e158 if 8d03 not backported to that particular branch. > > > > > > Ok, so there's nothing to do here, great! If there is, please let us > > > know. > > > > > > > In my previous mail, I was guessing why 8d037973d48c commit was not > > backported to v6.1. > > > > However Brennan's concern is: > > > > As per CVE-2023-2176, because of improper cleanup local users can > > crash the system. > > And this crash was reported in v5.19, refer: > > https://lore.kernel.org/all/ec81a9d50462d9b9303966176b17b85f7dfbb96a.1670749660.git.leonro@xxxxxxxxxx/#t > > > > However, fix i.e. 8d037973d48c applied to master from v6.3-rc1 and not > > backported to any stable or LTS. > > So v6.1 is still vulnarbile, so 8d037973d48c and 0e15863015d9 should > > be backported to v6.1. > > Ah, thanks, sorry for the confusion. Both now queued up. > So quick, thanks. - Ajay