On Wed, Dec 23, 2020 at 02:47:56AM +0000, Michael Kelley wrote: > From: Sasha Levin <[email protected]> Sent: Tuesday, December 22, 2020 6:22 PM > > > > From: "Andrea Parri (Microsoft)" <[email protected]> > > > > [ Upstream commit 206ad34d52a2f1205c84d08c12fc116aad0eb407 ] > > > > Lack of validation could lead to out-of-bound reads and information > > leaks (cf. usage of nvdev->chan_table[]). Check that the number of > > allocated sub-channels fits into the expected range. > > > > Suggested-by: Saruhan Karademir <[email protected]> > > Signed-off-by: Andrea Parri (Microsoft) <[email protected]> > > Reviewed-by: Haiyang Zhang <[email protected]> > > Acked-by: Jakub Kicinski <[email protected]> > > Cc: "David S. Miller" <[email protected]> > > Cc: Jakub Kicinski <[email protected]> > > Cc: [email protected] > > Link: > > https://lore.kernel.org/linux-hyperv/[email protected]/ > > Signed-off-by: Wei Liu <[email protected]> > > Signed-off-by: Sasha Levin <[email protected]> > > --- > > drivers/net/hyperv/rndis_filter.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > Sasha -- This patch is one of an ongoing group of patches where a Linux > guest running on Hyper-V will start assuming that hypervisor behavior might > be malicious, and guards against such behavior. Because this is a new > assumption, these patches are more properly treated as new functionality > rather than as bug fixes. So I would propose that we *not* bring such patches > back to stable branches.
Thank you, Michael. Just to confirm, I agree with Michael's assessment above and I join his proposal to *not* backport such patches to stable. Thanks, Andrea
