ACK/Cmnt: [PATCH 0/2] [SRU][Trusty] Fix for CVE-2017-6345
Stefan Bader
stefan.bader at canonical.com
Tue Jul 24 12:38:15 UTC 2018
On 24.07.2018 10:40, Paolo Pisati wrote:
> https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-6345.html
>
> Patch 01 is a clean cherry-pick and correspond to the upstream fix.
> Patch 02 is a partial backport, and contains a prerequisite (sock_efree()).
>
> Instead of importing sock_efree() i could have used sock_edemux() since the two
> behave similarly, except when the passed socket is a TCP socket in the
> TCP_TIME_WAIT state. But since the TCP states are represented using an enum and
> the field sk_state is reused by every protocol, i preferred to avoid introducing
> a subtle mistake and use the original sock_efree() function.
>
> Eric Dumazet (1):
> net/llc: avoid BUG_ON() in skb_orphan()
>
> Paolo Pisati (1):
> UBUNTU: SAUCE: import sock_efree()
>
> include/net/sock.h | 1 +
> net/core/sock.c | 6 ++++++
> net/llc/llc_conn.c | 3 +++
> net/llc/llc_sap.c | 3 +++
> 4 files changed, 13 insertions(+)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
Adding the new function is ok, but it should be applied first (so any bisection
will not fail in between).
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180724/73c8435c/attachment.sig>
More information about the kernel-team
mailing list