From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 22CA51CD06 for ; Sun, 14 Apr 2024 10:22:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=140.211.166.137 ARC-Seal:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713090135; cv=fail; b=p2ODK5LZVZKpI43nKRO3eoNp7fsD1TnQquXGoTKw+hxGE42SPOrX6g4tF6rCqLoe4BRvmx89MpjMXNwniPo7hezf0xQablYIt1r9BSTLKzhSOJrLjdxWaM0x3Emeqw8M4mgxHv+7FDvz8lT1ztTVH0wX8u+ydQpONk18dezAbSI= ARC-Message-Signature:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713090135; c=relaxed/simple; bh=OE93Hw4NhRBWhaCKfl1cV2Ir6gf4ii5YriZQJVgtyB8=; h=Message-ID:Date:Subject:To:References:Cc:From:In-Reply-To: Content-Type:MIME-Version; b=olH68rNrLX/8invdQhBy4NyLBoslC7r+DsXZyVp6CMIBVD4d/41LMig6hnGxi04RJWUj4/eGihicC2lrL71N5443j6M57O5Y6Hl08WR231okX2Gigp0xQPKlW+P2QRbWgGDWPmz89v1JZEd5rxxDOheat9zUFy0SZxNA5U72rRk= ARC-Authentication-Results:i=2; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b=PmY7M+0p; dkim=pass (1024-bit key) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.b=QossHvTU; arc=fail smtp.client-ip=140.211.166.137 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="PmY7M+0p"; dkim=pass (1024-bit key) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.b="QossHvTU" Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 97B9040769 for ; Sun, 14 Apr 2024 10:22:13 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.798 X-Spam-Level: Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id peuoHwDmUiKB for ; Sun, 14 Apr 2024 10:22:12 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=205.220.177.32; helo=mx0b-00069f02.pphosted.com; envelope-from=vegard.nossum@oracle.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp4.osuosl.org 407BE4062B Authentication-Results: smtp4.osuosl.org; dmarc=pass (p=quarantine dis=none) header.from=oracle.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 407BE4062B Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=oracle.com header.i=@oracle.com header.a=rsa-sha256 header.s=corp-2023-11-20 header.b=PmY7M+0p; dkim=pass (1024-bit key, unprotected) header.d=oracle.onmicrosoft.com header.i=@oracle.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-oracle-onmicrosoft-com header.b=QossHvTU Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by smtp4.osuosl.org (Postfix) with ESMTPS id 407BE4062B for ; Sun, 14 Apr 2024 10:22:11 +0000 (UTC) Received: from pps.filterd (m0333520.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 43EA3ARf007563; Sun, 14 Apr 2024 10:22:02 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=message-id : date : subject : to : references : cc : from : in-reply-to : content-type : content-transfer-encoding : mime-version; s=corp-2023-11-20; bh=CYDQYT5u+8e5gvn49U1S6AGIXQ4z8ZC9Rt3alO8cqzk=; b=PmY7M+0pNXOfw+snuRC66Wef/4C12pHdBiSQJU1eENWAWzYgXO8i6QmdOOwM6SphROBi tg7IvbeUnS+tSzlT0bo3h8G1/iOuwdrAWjq8TusRwMMEqIeOPUv7S5k4Jje8eo1gVarl DwwHyyADJL+TARUK4iZg3arDz9Lga9JD6XJXtjehTmkOQN/mHQwXVOHP4yDOgLgCnGxE aVjDqpu2ODoDBylZgmLq5spSDLqAq1/6jx3i/FTdhyZ+bzZK1iTjCZMH2tRUn4p8cW9E 8Xb/vG7y9pkLl7B8dStKjha4oNtxLaktW2UBDBt+84g3sjEyfhgRC4HI9KwFNb6kcuov 6g== Received: from phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta03.appoci.oracle.com [138.1.37.129]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3xfj3e19h9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 14 Apr 2024 10:22:01 +0000 Received: from pps.filterd (phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.19/8.17.1.19) with ESMTP id 43EA48Cb013356; Sun, 14 Apr 2024 10:22:01 GMT Received: from nam02-bn1-obe.outbound.protection.outlook.com (mail-bn1nam02lp2041.outbound.protection.outlook.com [104.47.51.41]) by phxpaimrmta03.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3xfgg4rv0a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 14 Apr 2024 10:22:00 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ijTQaYjH+8EZkkReUUiu1aWBdem+WLp2H9zFJ9zUBpGHBSEj6M2L9cwepDpTmCRrHBt5ZUWOnwdLQKqmv03ynwkcQnsGVapFwwnQ/4cOIe4DHijXDPT2eozfAJU0pBccpALr9qscz4vRwrvN4L4um1oEIQts35TIfHeKsOxgzcfiSYXE/7XkJDqpIx8sQC+13MVn4ZRbM9ijUodItVTzO/1MRu4Wm+TvuJRCmHWNn44AZD57a7TO4JbBY0XI2q5GDyKoH1sf1/0bFbmf77pV3BVJG/ZWEfONpm52rFIs1hv+GK+/n5b9EGJPDKGiJQ02rpgZVTiGqiaQm+pnkiQATg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CYDQYT5u+8e5gvn49U1S6AGIXQ4z8ZC9Rt3alO8cqzk=; b=Jx5Wmi4PMN+yuqBN/k2f4TNIE5Y7BW1yThGMVaUOfFS0L/l2oy0FQ9N2iyG1yHXZERHMLC7JkmUNvvCJ4iqWtsXtaYptNWVwCWfO+r0VHcOeUk3Vf97aIlQTm/bC8rlXdx+q709DZuWDFtQNEaC2burdNpcgv46G7P3RwMGODWojzMNDI0szYfVTKC5d5xIMmNF539EbOooNvOp9gc7ffLM9/spMz9GN4UhJJQJoJibR4b8bhalsQsGKbtXv1J5SjG+pwODf9NkKmDJxKLfdJqCwYt4Q+94E+yJXNAd8hZYvN+Vk6fxGFhf/kPgoTtOkNaRWcnAAeD/8DN9UDWfQiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CYDQYT5u+8e5gvn49U1S6AGIXQ4z8ZC9Rt3alO8cqzk=; b=QossHvTUY6X3/E9lxGy4VzpWPwctP9DBu/9ISxRxy4LCRg2mtMUe5Ak+bk60PCLUPOlU+9CShtBE5ThbD+Icf3lfCNOErncyWy9weAdcc09ZL58obaTVp8QD3hDNveUwTSoRpMqGG+vVtceWju18Et3aqMNXIJB83oGRwQ//tyI= Received: from PH0PR10MB5433.namprd10.prod.outlook.com (2603:10b6:510:e0::9) by IA1PR10MB5900.namprd10.prod.outlook.com (2603:10b6:208:3d4::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.60; Sun, 14 Apr 2024 10:21:58 +0000 Received: from PH0PR10MB5433.namprd10.prod.outlook.com ([fe80::ee66:40c0:bcee:ce7]) by PH0PR10MB5433.namprd10.prod.outlook.com ([fe80::ee66:40c0:bcee:ce7%7]) with mapi id 15.20.7452.049; Sun, 14 Apr 2024 10:21:57 +0000 Message-ID: <872f9cfd-5c19-4a82-bf75-6256265e8f8a@oracle.com> Date: Sun, 14 Apr 2024 12:21:51 +0200 User-Agent: Mozilla Thunderbird Subject: Re: xz meltdown/Lasse Collin To: James Bottomley , "H. Peter Anvin" , "tech-board-discuss@lists.linuxfoundation.org" References: <8205E91D-F15B-402D-9398-33E4FF4E4E62@zytor.com> <030a96cf36719d8a7ec702b9303616f89daed4bb.camel@HansenPartnership.com> Content-Language: en-US Cc: Michael Ellerman , Theodore Ts'o From: Vegard Nossum Autocrypt: addr=vegard.nossum@oracle.com; keydata= xsFNBE4DTU8BEADTtNncvO6rZdvTSILZHHhUnJr9Vd7N/MSx8U9z0UkAtrcgP6HPsVdsvHeU C6IW7L629z7CSffCXNeF8xBYnGFhCh9L9fyX/nZ2gVw/0cVDCVMwVgeXo3m8AR1iSFYvO9vC Rcd1fN2y+vGsJaD4JoxhKBygUtPWqUKks88NYvqyIMKgIVNQ964Qh7M+qDGY+e/BaId1OK2Z 92jfTNE7EaIhJfHX8hW1yJKXWS54qBMqBstgLHPx8rv8AmRunsehso5nKxjtlYa/Zw5J1Uyw tSl+e3g/8bmCj+9+7Gj2swFlmZQwBVpVVrAR38jjEnjbKe9dQZ7c8mHHSFDflcAJlqRB2RT1 2JA3iX/XZ0AmcOvrk62S7B4I00+kOiY6fAERPptrA19n452Non7PD5VTe2iKsOIARIkf7LvD q2bjzB3r41A8twtB7DUEH8Db5tbiztwy2TGLD9ga+aJJwGdy9kR5kRORNLWvqMM6Bfe9+qbw cJ1NXTM1RFsgCgq7U6BMEXZNcsSg9Hbs6fqDPbbZXXxn7iA4TmOhyAqgY5KCa0wm68GxMhyG 5Q5dWfwX42/U/Zx5foyiORvEFxDBWNWc6iP1h+w8wDiiEO/UM7eH06bxRaxoMEYmcYNeEjk6 U6qnvjUiK8A35zDOoK67t9QD35aWlNBNQ2becGk9i8fuNJKqNQARAQABzShWZWdhcmQgTm9z c3VtIDx2ZWdhcmQubm9zc3VtQG9yYWNsZS5jb20+wsF4BBMBAgAiBQJX+8E+AhsDBgsJCAcD AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRALzvTY/pi6WOTDD/46kJZT/yJsYVT44e+MWvWXnzi9 G7Tcqo1yNS5guN0d49B8ei9VvRzYpRsziaj1nAQJ8bgGJeXjNsMLMOZgx4b5OTsn8t2zIm2h midgIE8b3nS73uNs+9E1ktJPnHClGtTECEIIwQibpdCPYCS3lpmoAagezfcnkOqtTdgSvBg9 FxrxKpAclgoQFTKpUoI121tvYBHmaW9K5mBM3Ty16t7IPghnndgxab+liUUZQY0TZqDG8PPW SuRpiVJ9buszWQvm1MUJB/MNtj1rWHivsc1Xu559PYShvJiqJF1+NCNVUx3hfXEm3evTZ9Fm TQJBNaeROqCToGJHjdbOdtxeSdMhaiExuSnxghqcWN+76JNXAQLlVvYhHjQwzr4me4Efo1AN jinz1STmmeeAMYBfHPmBNjbyNMmYBH4ETbK9XKmtkLlEPuwTXu++7zKECgsgJJJ+kvAM1OOP VSOKCFouq1NiuJTDwIXQf/zc1ZB8ILoY/WljE+TO/ZNmRCZl8uj03FTUzLYhR7iWdyfG5gJ/ UfNDs/LBk596rEAtlwn0qlFUmj01B1MVeevV8JJ711S1jiRrPCXg90P3wmUUQzO0apfk1Np6 jZVlvsnbdK/1QZaYo1kdDPEVG+TQKOgdj4wbLMBV0rh82SYM1nc6YinoXWS3EuEfRLYTf8ad hbkmGzrwcc7BTQROA01PARAA5+ySdsvX2RzUF6aBwtohoGYV6m2P77wn4u9uNDMD9vfcqZxj y9QBMKGVADLY/zoL3TJx8CYS71YNz2AsFysTdfJjNgruZW7+j2ODTrHVTNWNSpMt5yRVW426 vN12gYjqK95c5uKNWGreP9W99T7Tj8yJe2CcoXYb6kO8hGvAHFlSYpJe+Plph5oD9llnYWpO XOzzuICFi4jfm0I0lvneQGd2aPK47JGHWewHn1Xk9/IwZW2InPYZat0kLlSDdiQmy/1Kv1UL PfzSjc9lkZqUJEXunpE0Mdp8LqowlL3rmgdoi1u4MNXurqWwPTXf1MSH537exgjqMp6tddfw cLAIcReIrKnN9g1+rdHfAUiHJYhEVbJACQSy9a4Z+CzUgb4RcwOQznGuzDXxnuTSuwMRxvyz XpDvuZazsAqB4e4p/m+42hAjE5lKBfE/p/WWewNzRRxRKvscoLcWCLg1qZ6N1pNJAh7BQdDK pvLaUv6zQkrlsvK2bicGXqzPVhjwX+rTghSuG3Sbsn2XdzABROgHd7ImsqzV6QQGw7eIlTD2 MT2b9gf0f76TaTgi0kZlLpQiAGVgjNhU2Aq3xIqOFTuiGnIQN0LV9/g6KqklzOGMBYf80Pgs kiObHTTzSvPIT+JcdIjPcKj2+HCbgbhmrYLtGJW8Bqp/I8w2aj2nVBa7l7UAEQEAAcLBXwQY AQIACQUCTgNNTwIbDAAKCRALzvTY/pi6WEWzD/4rWDeWc3P0DfOv23vWgx1qboMuFLxetair Utae7i60PQFIVj44xG997aMjohdxxzO9oBCTxUekn31aXzTBpUbRhStq78d1hQA5Rk7nJRS6 Nl6UtIcuLTE6Zznrq3QdQHtqwQCm1OM2F5w0ezOxbhHgt9WTrjJHact4AsN/8Aa2jmxJYrup aKmHqPxCVwxrrSTnx8ljisPaZWdzLQF5qmgmAqIRvX57xAuCu8O15XyZ054u73dIEYb2MBBl aUYwDv/4So2e2MEUymx7BF8rKDJ1LvwxKYT+X1gSdeiSambCzuEZ3SQWsVv3gn5TTCn3fHDt KTUL3zejji3s2V/gBXoHX7NnTNx6ZDP7It259tvWXKlUDd+spxUCF4i5fbkoQ9A0PNCwe01i N71y5pRS0WlFS06cvPs9lZbkAj4lDFgnOVQwmg6Smqi8gjD8rjP0GWKY24tDqd6sptX5cTDH pcH+LjiY61m43d8Rx+tqiUGJNUfXE/sEB+nkpL1PFWzdI1XZp4tlG6R7T9VLLf01SfeA2wgo 9BLDRko6MK5UxPwoYDHpYiyzzAdO24dlfTphNxNcDfspLCgOW1IQ3kGoTghU7CwDtV44x4rA jtz7znL1XTlXp6YJQ/FWWIJfsyFvr01kTmv+/QpnAG5/iLJ+0upU1blkWmVwaEo82BU6MrS2 8A== In-Reply-To: <030a96cf36719d8a7ec702b9303616f89daed4bb.camel@HansenPartnership.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-ClientProxiedBy: PR3P191CA0012.EURP191.PROD.OUTLOOK.COM (2603:10a6:102:54::17) To PH0PR10MB5433.namprd10.prod.outlook.com (2603:10b6:510:e0::9) Precedence: bulk X-Mailing-List: tech-board-discuss@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR10MB5433:EE_|IA1PR10MB5900:EE_ X-MS-Office365-Filtering-Correlation-Id: 0a211f71-66c4-4631-1b0a-08dc5c6cb6c6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hO7F6EG3rya4SOSvISQpEH06FNS0wYutsBEYx8KRQvLEWCngGF1C2FZyZnQm7yIRdZRHUOqgWNnDZ07t1MUUeIEy2LieqDAPEkLCJtF4xv/MH7tLSO8Yp9UbC3nvlpZBMkEsJmrwurlhi24bFBhU29Yq5+n5JQVS3q9XPInlmI82WCsKEIZqTgyk0mNloT/rkTaVBslIp9qxNTjegayD3E5boRqcjU/X2RMFgjen5jH0BikBP1PQcQdUyKUaod8IUS+++6qoT7opJX6jifterm5s85iageMZehI0IZhqcHxDHdD6Fu/ds77PjvPWmNk1QdTggixqR/JDMpDq/eiDEYQsM2uSb1ZTJLYRQ3M8V/gex+ppBXU6wr90+KIBI+QqCsYl3B5TSJExJLO0KWVHoPbug48B51bz20SqnB/O7G4jwUTu1fXUVlVaoQP3bo2OZwAERirseHT7866JnxHjkzkFUSyT9ZSynDO+xcxoPXlkCUgs65H4iq+CtZl3/kc9JMzRg2/HrOwYsf0ao8tr3lJD0pCK+6H5iYc5aMy6+C8UNJYSvUdbgf5j9KlYtpuxHBaz7rb52c0CohVDg+a8ZhLOAVd3FiXYudD+qADiyZDIAexqEPC9FDd/MEhmaOkJYl96oAucrCoREKIKsG9dk0viiZut6IgNtTsplZ2OnbI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR10MB5433.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(1800799015)(376005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RklaZWN5WFU5VmFuQWlid1VZMFVaTmhlQjAvOGpBcTNHOC9hZHZGR3NDOTBW?= =?utf-8?B?cnVtaEszdGoxRGJESkVjSS9sb3RlSTZSWG5idUxMVkEyYm9lRDVVQXJpc1lj?= =?utf-8?B?a1BYeEpxNGJuZUNHd2VEMVZIVHhtemk5bjNtQlRKRzBpMlUzYUU2ZUhhZ0tU?= =?utf-8?B?Z0pmbW80RlF5SUsyQWhSVHBmaXRuYzUvMU9OOUhsekhOUU9hTWFNNmN5Y3NG?= =?utf-8?B?U3BBMG02YWhhY2tURzVsMllDM1g2K2lUcERQUVdvVnRYK0Q0Njcxb3RjZnA5?= =?utf-8?B?UklLNU5zcnBuS3NtNFRlMmtyWDlGMTJWZWg4b0VQTjZYYk8yRU1YRHhjNDNr?= =?utf-8?B?bk1WdVJoaTJ6UTE0dUYvdi9mV3pEKzlNS2NRNzFqR2ZPSWJNUFFBV3BqcVJ2?= =?utf-8?B?Sklrd3B1NTFKSjBxMURRelFnZXMvZmtOay9oSDFrUHdTNlVSZWhPU0VxbEgz?= =?utf-8?B?K0J4cVFKNm5USmFGUkluQkMxTFRnbjFmb2ZSZDZlNWZUZGpWNUhGSDdVaGsv?= =?utf-8?B?NzRlVURSYnk5bmlMNTNXOVN6ODlOc2l1TnhwUmEvalpyS3FCSm41c1gyUmtX?= =?utf-8?B?Y1E0dFFWRE9wWHFubVNPcW9DZ3czV2NUR3Y1SFhKSkN0OXRub1UyVEZRRy91?= =?utf-8?B?UnhGVWQrWFVKVWppTnR6R0tiYldzZTlEZVRVcmZxMStXcmZsKzJIUjU5VjNS?= =?utf-8?B?eUQ4NGt5cTc3dWNtV2IzOWc0cFRUNzh2RWR5NkhRakxubVdXS01qbG1GbUVq?= =?utf-8?B?RzEvUTRXbVBnNHI5U0FCQllaQ2I2KzFjSjR5RG9FQVVKZERyQU9SRDVTa0dr?= =?utf-8?B?a3E1dGR3eU14dWxrRTRMRWs0S2lVdHZIdERzWTdaT3hpaEY1TWlUZ0d5MXNw?= =?utf-8?B?N0VIemlmZXFuL0RNczVrc0s2LzVEQlJ1bjZRdUgwZE1VclBCWCtUdjBJMUVE?= =?utf-8?B?bE1aQ0pxOUV4SUhZUXBMTU1MdHlzNGtoUlBnRXd4RFExTnEzU2ZtcDhaNUJ6?= =?utf-8?B?MC9ZamlqUWZiNHZsWjFHaFpUNjVoRVBVRWdsRUJROEt5TUtVVXVYU0EzVmJt?= =?utf-8?B?RWNVcHpJZ1FpSTEydUVDNTZnSS9XTUhHZmdpY0FxVnpFRGRlallmb3pzWG9Z?= =?utf-8?B?M0wxVGp2OGlBOEJaVEpWTkZyNlFOUmNXd2xCaGFhWDhHeGJIVFc4M2FaWW9K?= =?utf-8?B?R0lncWNJYkZZNFdxUXY4VnpXc3djZEYrOWhWOVdIbHlLcHRjaCtmdTNNZ0x2?= =?utf-8?B?R292QVQ2MFpTUjdJVjZmaTZ3VVFVM3V1NmtuMm5NYVFnOGZaSXFCTVlDZmMx?= =?utf-8?B?elVlcXdRcmkzaFQ1ampjeThDZHF4YVhuQUlOTzZta3BLbW1YbnFXTi9EY0hk?= =?utf-8?B?bHJ6VDVlL3htTW9lMjdDa0I0QVNnSjVKY3pUYmdJWkViUTMxd1NkbUdsTFVk?= =?utf-8?B?OEE4REpHNzVtREtWSDluM0N1VjFGRXlIUVRob1FSWmNrdk1QWWwweVY0T21j?= =?utf-8?B?end3SWIrV0FXRXBmUUNaUVdKT1d4M016K1YyODhHd01tV2VFSTRLWm5xQXRW?= =?utf-8?B?bFpkVFdaUkN4WTZka3RwMzg1MHJNRnJtdC9qcExjUFAwYmsycmNUV1BkWTI1?= =?utf-8?B?b0U1UUdkT0h2QTN0NHRRSnpHYkJCb3dFWkRwWXJRYmwwMkQzRTNRMTVrZEh4?= =?utf-8?B?NjFUeDVwN0xnM2l2NlI5NkFmSms5Z21xUENSNm5qOXJheVZuSEFrSnNDQVNB?= =?utf-8?B?RmxmRGtacnlVZHZKMHJOZjlUZDRJdGRURDVjWXVwVkcxNkpsMWdnSWpXWWg2?= =?utf-8?B?amhXV0MzOGRFMU1wUlJFMjZhUFNDU3ZuaUp1aC9UMGppaEsveENTLzRhdW5u?= =?utf-8?B?ZXRVb05OdTRxZWJSQWQwM3oxNlRCNHd2YVhYdWl5T3lnbm96b2YvOTBkanJV?= =?utf-8?B?MVpjYlQ2ajlQMzJWY0ZISHNrVk9SUGFwMGI2OU1OU0R5dW9qTXlEb1pkNTRm?= =?utf-8?B?TlhxZGs1UmU4YzRyOTNNRWxVSkFpSkRJWWdaUjloczZPN2ttNGFUbGhDK1NB?= =?utf-8?B?V1Yza0JQR0xEYnlFM3ZnMjhleW5TOW9sYngrM2tCUWtjZjloOHlodmY3ZTdT?= =?utf-8?B?eEFuYStsdWpVQ1lMOFEyakxZMEswQ3hlbFRTV0NqSkdhQTNpYU5QUlpvTWVO?= =?utf-8?B?ZlE9PQ==?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: Jm8SZPYLDci5M+tMc+wso/uO/xvHMOROE4fsrkysaYNwTiXTsVORL/El3dpb9y5h3aLtf+6ygLME1/PXBxw02wJFIPXcpxeCCGi4pI3+KXeOyL66gbZsf+69V7p2Z6vF7j0uhnFlyMT2tExifvwLA+K0Ar9f0coelMF9Do0k9uyZDtb+4X2ySceost0Vcce/D8MprtzbyUE/GuytWtyAOhvmvtu82GBi/6I059zWu3HKFGOPDXnulJcZLrCG8nwf2YJV7RvC22vxfm/gdg8+OQg78bfFcXcEIR9cKkbyHfcc98RfAVXSKZPwJ0l2rtDEyG1DUDE5sFs1DR0u/oISy5jytAM5SEozoMMhwnCGA6golfrjQS4m060WJhTwvyIfgdWrpkyBbQ2K8FNqLVp0Mm2dbCR6lU8a0HH6c9zjNdWUBP1AOhTyXGm22wpprOfapA5p7n5xN7+yQJNgJ6L5NlVk5R4zrwEPwLAsJ7UMEgPtDyLVNZZs+Q+UjMC34ho6v28GZ6w2XraA0h5nm2JWzMEz7rJ3iU6+R3oPoochAsCnuscYtOYLulHIK+1fkmpTx7jH+4kr8gVaOtsuMuaD0N8wpPx0YJ2IfGJRpBnHwEY= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0a211f71-66c4-4631-1b0a-08dc5c6cb6c6 X-MS-Exchange-CrossTenant-AuthSource: PH0PR10MB5433.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Apr 2024 10:21:57.4999 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: SJUompU8a5+yy14dieMNUYOU5rANAj+Fnrwk+s1pl2K/MCZWbifxY5GaaoZarinp1f4ao4mD8z7qrYKdtrBKDXWHGpfZfQ46I/iLv7/tS+0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR10MB5900 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-04-14_01,2024-04-09_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 mlxscore=0 spamscore=0 suspectscore=0 phishscore=0 malwarescore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2404010000 definitions=main-2404140074 X-Proofpoint-GUID: ONYzdxeRnsU-qI5NhznigRGPyB2sZwR8 X-Proofpoint-ORIG-GUID: ONYzdxeRnsU-qI5NhznigRGPyB2sZwR8 On 13/04/2024 15:16, James Bottomley wrote: > 2. We need better build artifact transparency generally but  I think > the kernel is fine here: we still use make so don't have the huge > build artifact issue that allowed the exploit in and we have a > documented signing process for our build artifacts (kernel > tarballs). > 3. The indirect library dependency problem doesn't apply to us. While this is technically true, there are many other ways to compromise the kernel build process: 1) you can pass code in through the CFLAGS environment variable, one example that I came up with together with Michael Ellerman would be: -DSET_ENDIAN(x,y)=-22,commit_creds((void*)init_task.cred) when building kernel/sys.c on x86, this is will turn any userspace call of prctl(PR_SET_ENDIAN), which normally just returns -EINVAL, into a backdoor quietly making the calling process root. All you need for an injection site is a preprocessor define that is conditionally set with #ifndef FOO/#define FOO. This does not appear in any source file or build output directly and so likely wouldn't get caught by SBOM-type solutions. There are already commit_creds() calls in kernel/sys.c so it does not look particularly out of place when glancing over the object code either. Fuzzers would likely not find this if you just conditioned the backdoor on some config option like KCOV or KASAN. There are also variations here where you might override CFLAGS_sys.o instead of plain CFLAGS, or you could change LDFLAGS to link in other (precompiled) object files, or you could place a malicious compiler wrapper in PATH... the possibilities are endless. 2) you can pass a whole bunch of environment variables into Make, which will be interpolated (!) by Make and do arbitrary things like running shell scripts: $ MAKE_VERSION='$(shell echo hi >&2))' make kernel/fork.o hi ... or: $ sub_make_done='$(eval $(warning asdf))' make kernel/fork.o Makefile:45: asdf CALL scripts/checksyscalls.sh DESCEND objtool ... 3) there are many ways to set environment variables, it could be anywhere in the chain leading up to the 'make' call, including /etc/environment.d/ files installed by malicious packages or things like /etc/bash_completion.d/ files (although these are typically only read by interactive shells) 4) a kernel build relies on a huge amount of code run at build time. I count 32 shared libraries on my machine. Any one of them could contain malicious code to hijack the kernel build to insert a backdoor like the one above. One of my favourites is probably pkg-config, which gets called by the kernel build system and which has a search path where a malicious third-party package (not related to the kernel or kernel build at all!) could potentially install a malicious file that alters the Cflags: property of a package to inject a Makefile or shell fragment into the build. 5) If you have /bin/sh linked to bash, then Shellshock makes a reapparance: $ env 'BASH_FUNC_uname%%=() { echo foobar >&2; }' make kernel/fork.o foobar SYNC include/config/auto.conf.cmd .. So yes, while the kernel itself is "probably fine" to some extent, it would be quite easy for a malicious package on the build host (and not just the compiler/toolchain!) to inject malicious code into a kernel build. I know it's impossible to protect against everything. I also know people are likely already aware (at least on some level) that we can't really do anything if the build host/configuration/environment or toolchain is already compromised. I don't think most people realize exactly how easy it would be, though, while also keeping it relatively stealthy. Vegard