Re: Stable backport request

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: stable@vger.kernel.org,
	linux-integrity <linux-integrity@vger.kernel.org>,
	"Guozihua (Scott)" <guozihua@huawei.com>,
	Tyler Hicks <tyhicks@linux.microsoft.com>
Subject: Re: Stable backport request
Date: Wed, 4 Jan 2023 13:29:26 +0100	[thread overview]
Message-ID: <Y7VxJr3EORKWxhrE@kroah.com> (raw)
In-Reply-To: <8cff4354dcd583d92da19aa2c52999f70b3decca.camel@linux.ibm.com>

On Wed, Dec 21, 2022 at 01:52:09PM -0500, Mimi Zohar wrote:
> Hi Greg,
> 
> On Wed, 2022-12-21 at 19:22 +0100, Greg KH wrote:
> > On Wed, Dec 21, 2022 at 09:50:09AM -0500, Mimi Zohar wrote:
> > > Stable team,
> > > 
> > > Please backport these upstream commits to stable kernels:
> > > - c7423dbdbc9e ("ima: Handle -ESTALE returned by
> > > ima_filter_rule_match()"
> > > 
> > > Dependency on:
> > > - d57378d3aa4d ("ima: Simplify ima_lsm_copy_rule")
> > > 
> > > Known minor merge conflicts:
> > > - Commit: 65603435599f ("ima: Fix trivial typos in the comments") fixed
> > > "refrences" spelling, causes a merge conflict.
> > > - Commit 28073eb09c5a ("ima: Fix fall-through warnings for Clang") adds
> > > a "break;" before "default:", causes a merge conflict.
> 
> Up to linux-5.9.y, there are two merge conflicts - a spelling error and
> a missing "break" before "default:", which are the result of the above
> commits.  Otherwise the two commits apply cleanly:
>  - d57378d3aa4d ("ima: Simplify ima_lsm_copy_rule")
>  - c7423dbdbc9e ("ima: Handle -ESTALE returned by
> ima_filter_rule_match()"

Again, this isn't going to work, I need backported commits that have
been tested and verified to work please.

> 
> > > Simplifies backporting to linux-5.4.y:
> > > - 465aee77aae8 ("ima: Free the entire rule when deleting a list of
> > > rules")
> > >   except for the line "kfree(entry->keyrings);" - introduced in 5.6.y.
> > > - 39e5993d0d45 ("ima: Shallow copy the args_p member of
> > > ima_rule_entry.lsm elements")
> > > - b8867eedcf76 ("ima: Rename internal filter rule functions")
> > > - f60c826d0318 ("ima: Use kmemdup rather than kmalloc+memcpy")
> > 
> > I'm sorry, but I'm confused.
> > 
> > What exact commits are needed in what order for which stable trees?
> 
> The above 4 commits are needed, in the order listed, for linux-5.4.y
> before applying these two commits:
>  - d57378d3aa4d ("ima: Simplify ima_lsm_copy_rule")
>  - c7423dbdbc9e ("ima: Handle -ESTALE returned by
> ima_filter_rule_match()"
> 
> > > A patch for kernels prior to commit b16942455193 ("ima: use the lsm
> > > policy update notifier") will be posted separately.
> > 
> > But that commit has been backported to 4.19.y and newer stable trees,
> > right?
> 
> No, b16942455193 ("ima: use the lsm policy update notifier") was
> upstreamed in linux-5.3.y and has not been backported to linux-4.19.y. 
> We're still determining for linux-4.19.y the best way to address the
> bug that commit c7423dbdbc9e ("ima: Handle -ESTALE returned by
> ima_filter_rule_match()") addresses.

It would be easiest if you just send a series of backported commits that
you have tested, otherwise I will get the above instructions wrong :)

thanks,

greg k-h

next prev parent reply	other threads:[~2023-01-04 12:29 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-21 14:50 Stable backport request Mimi Zohar
2022-12-21 18:22 ` Greg KH
2022-12-21 18:52   ` Mimi Zohar
2023-01-04 12:29     ` Greg KH [this message]
  -- strict thread matches above, loose matches on Subject: below --
2024-03-19  7:21 stable " Ard Biesheuvel
2024-03-24 21:23 ` Salvatore Bonaccorso
2021-10-23 22:21 Stable " Michael Ellerman
2021-10-23 22:21 ` Michael Ellerman
2021-10-24 11:49 ` Greg KH
2021-10-24 11:49   ` Greg KH
2013-01-24  9:58 stable " Daniel Vetter
2013-01-24 18:16 ` Greg KH
2013-01-24 18:59   ` Abdallah Chatila
2013-01-24 19:52     ` Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y7VxJr3EORKWxhrE@kroah.com \
    --to=gregkh@linuxfoundation.org \
    --cc=guozihua@huawei.com \
    --cc=linux-integrity@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=tyhicks@linux.microsoft.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.