NACK: [Xenial SRU][PATCH 0/3] Fix CVE-2015-8952
shrirang.bagul at canonical.com
Thu Sep 28 02:45:37 UTC 2017
On Wed, 2017-09-27 at 15:47 -0300, Thadeu Lima de Souza Cascardo wrote:
> On Fri, Sep 22, 2017 at 05:11:27PM +0800, Shrirang Bagul wrote:
> > This set of patches fixes CVE-2015-8952. The mbcache2 implementation and
> > ext2 patches are a clean cherry-pick from upstream. The ext4 patch however
> > is a backport to accomodate changes from patch:
> > ext4: lock the xattr block before checksuming it
> > (c6d5612f80923170dad06c04736984cc9bcc8568)
> > merged to fix LP:1658633
> > Jan Kara (3):
> > mbcache2: reimplement mbcache
> > ext2: convert to mbcache2
> > ext4: convert to mbcache2
> > fs/Makefile | 2 +-
> > fs/ext2/ext2.h | 3 +
> > fs/ext2/super.c | 25 ++--
> > fs/ext2/xattr.c | 143 +++++++++----------
> > fs/ext2/xattr.h | 21 +--
> > fs/ext4/ext4.h | 2 +-
> > fs/ext4/super.c | 7 +-
> > fs/ext4/xattr.c | 136 +++++++++---------
> > fs/ext4/xattr.h | 5 +-
> > fs/mbcache2.c | 359 +++++++++++++++++++++++++++++++++++++++++++++++
> > include/linux/mbcache2.h | 50 +++++++
> > 11 files changed, 577 insertions(+), 176 deletions(-)
> > create mode 100644 fs/mbcache2.c
> > create mode 100644 include/linux/mbcache2.h
> > --
> > 2.11.0
> Hi, Shrirang.
> Thanks for that work. But I have already started it. Look at
Must have slipped through the mailbox filters, missed this one.
> Next time, take a look at the list, or reach us out on IRC, so we don't
> duplicate work.
> It would be nice, though, if you could review my version and verify if
> we did backport the ext4 change the same way.
Your work on this CVE is exactly the same as my attempt. However, I saw comments from
Stefan, he has some reservations about this fix. Any updates?
More information about the kernel-team