I port the fix to fix CVE-2024-50018 in linux 6.1.
-----Original Message-----
From: Jakub Kicinski <kuba@xxxxxxxxxx>
Sent: Thursday, December 12, 2024 12:08
To: Ren, Jianqi (Jacky) (CN) <Jianqi.Ren.CN@xxxxxxxxxxxxx>
Cc: gregkh@xxxxxxxxxxxxxxxxxxx; stable@xxxxxxxxxxxxxxx; davem@xxxxxxxxxxxxx; edumazet@xxxxxxxxxx; pabeni@xxxxxxxxxx; sashal@xxxxxxxxxx; jamie.bainbridge@xxxxxxxxx; jdamato@xxxxxxxxxx; netdev@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
Subject: Re: [PATCH 6.1.y] net: napi: Prevent overflow of napi_defer_hard_irqs
CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know the content is safe.
On Wed, 11 Dec 2024 12:03:04 +0800 jianqi.ren.cn@xxxxxxxxxxxxx wrote:
> From: Joe Damato <jdamato@xxxxxxxxxx>
>
> [ Upstream commit 08062af0a52107a243f7608fd972edb54ca5b7f8 ]
>
> In commit 6f8b12d661d0 ("net: napi: add hard irqs deferral feature")
> napi_defer_irqs was added to net_device and napi_defer_irqs_count was
> added to napi_struct, both as type int.
>
> This value never goes below zero, so there is not reason for it to be
> a signed int. Change the type for both from int to u32, and add an
> overflow check to sysfs to limit the value to S32_MAX.
Could you explain why you want to backport this change to stable?
