Hi Jason,
On 03/11/2019 10:18 AM, Jason Yan wrote:
> Hi, Daniel & Greg
>
> This patch (979d63d50c0c bpf: prevent out of bounds speculation on pointer
> arithmetic) was assigned a CVE (CVE-2019-7308) with a high score:
>
> CVSS v3.0 Severity and Metrics:
> Base Score: 9.8 CRITICAL
>
> And this patch is not in stable-4.4, would you please backport this patch to
> 4.4?
We don't handle kernels as old as 4.4, so someone else would need to
do the backporting e.g. from your side. The series has been backported
to the last two most-recent stable kernels at that time (we usually
follow netdev practice here), and there have been asks about 4.14 as
well; I've been looking into backporting for the latter last two weeks
on and off, but there are conflicts all over the place in fragile core
areas where I didn't have enough free cycles to complete it yet. For
old kernels, you're probably better off doing something like this in
your tree instead of the huge complexity with a backport:
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index bc34cf9..2cea2de 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -47,7 +47,7 @@ static DEFINE_SPINLOCK(prog_idr_lock);
static DEFINE_IDR(map_idr);
static DEFINE_SPINLOCK(map_idr_lock);
-int sysctl_unprivileged_bpf_disabled __read_mostly;
+int sysctl_unprivileged_bpf_disabled __read_mostly = 1;
static const struct bpf_map_ops * const bpf_map_types[] = {
#define BPF_PROG_TYPE(_id, _ops)
Thanks,
Daniel
