From: Greg KH <gregkh@linuxfoundation.org>
To: Chuck Lever III <chuck.lever@oracle.com>
Cc: Chuck Lever <cel@kernel.org>,
linux-stable <stable@vger.kernel.org>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>,
Jeff Layton <jlayton@kernel.org>
Subject: Re: [PATCH 5.4] NFSD: Force all NFSv4.2 COPY requests to be synchronous
Date: Mon, 2 Dec 2024 15:59:21 +0100 [thread overview]
Message-ID: <2024120210-finisher-surprise-fb97@gregkh> (raw)
In-Reply-To: <E476A582-052A-4455-B53E-729EB8D654C9@oracle.com>
On Mon, Dec 02, 2024 at 02:19:13PM +0000, Chuck Lever III wrote:
>
>
> > On Dec 2, 2024, at 4:09 AM, Greg KH <gregkh@linuxfoundation.org> wrote:
> >
> > On Wed, Nov 20, 2024 at 02:13:15PM -0500, cel@kernel.org wrote:
> >> From: Chuck Lever <chuck.lever@oracle.com>
> >>
> >> [ Upstream commit 8d915bbf39266bb66082c1e4980e123883f19830 ]
> >
> > What about kernel versions greater than 5.4? Like 5.10, 5.15, 6.1, and
> > 6.6 for this change? Shouldn't it also be needed there?
>
> Good catch. My rationale is:
>
> Asynchronous COPY offload is needed to implement NFSv4.2
> server-to-server COPY offload.
>
> The upstream patches that address the CVE don't apply
> cleanly to linux-5.4.y. However, 5.4 kernels do not have
> NFSv4.2 server-to-server COPY offload, thus this change,
> which simply disables async COPY, has no user-visible
> impact. So I decided the easy, low-impact way to address
> the CVE for v5.4 was applying only this patch.
>
> The newer LTS kernels do have server-to-server COPY offload,
> thus if this patch is applied, they would see a behavior
> regression whenever CONFIG_NFSD_V4_2_INTER_SSC is enabled.
> The upstream patches that address the CVE apply cleanly to
> these kernels, and I've sent those to stable@ already.
>
> As these were separate patch series, there wasn't an
> obvious place to add a cover letter that explains this.
Ok, that's fine, we'll just leave this as-is, thanks!
greg k-h
prev parent reply other threads:[~2024-12-02 14:59 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-20 19:13 [PATCH 5.4 0/1] Address CVE-2024-49974 cel
2024-11-20 19:13 ` [PATCH 5.4] NFSD: Force all NFSv4.2 COPY requests to be synchronous cel
2024-12-02 9:09 ` Greg KH
2024-12-02 14:19 ` Chuck Lever III
2024-12-02 14:59 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024120210-finisher-surprise-fb97@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=cel@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=jlayton@kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox