On Fri, May 24, 2024 at 04:13:53PM +0200, Jiri Bohac wrote:
> On Fri, May 24, 2024 at 02:38:04PM +0200, Jiri Bohac wrote:
> > On Fri, May 24, 2024 at 12:15:47PM +0200, Greg Kroah-Hartman wrote:
> > > Nice, but then why was this commit worded this way? Now we check twice?
> > > Double safe?
On Fri, May 24, 2024 at 02:38:04PM +0200, Jiri Bohac wrote:
> On Fri, May 24, 2024 at 12:15:47PM +0200, Greg Kroah-Hartman wrote:
> > Nice, but then why was this commit worded this way? Now we check twice?
> > Double safe? Should it be reverted?
>
> double safe's good; turning it into a CVE not
On Fri, May 24, 2024 at 02:38:04PM +0200, Jiri Bohac wrote:
> On Fri, May 24, 2024 at 12:15:47PM +0200, Greg Kroah-Hartman wrote:
> > Nice, but then why was this commit worded this way? Now we check twice?
> > Double safe? Should it be reverted?
>
> double safe's good; turning it into a CVE not
On Fri, May 24, 2024 at 12:15:47PM +0200, Greg Kroah-Hartman wrote:
> Nice, but then why was this commit worded this way? Now we check twice?
> Double safe? Should it be reverted?
double safe's good; turning it into a CVE not so much :(
CVE-2023-52822, CVE-2023-52824 and CVE-2023-52820,
On Fri, May 24, 2024 at 12:02:10PM +0200, Jiri Bohac wrote:
> On Tue, May 21, 2024 at 05:31:59PM +0200, Greg Kroah-Hartman wrote:
> > kernel: kexec: copy user-array safely
> >
> > Currently, there is no overflow-check with memdup_user().
>
> This is false.
> Therefore, I'd like to dispute this
On Tue, May 21, 2024 at 05:31:59PM +0200, Greg Kroah-Hartman wrote:
> kernel: kexec: copy user-array safely
>
> Currently, there is no overflow-check with memdup_user().
This is false.
Therefore, I'd like to dispute this CVE.
The overflow check is in the kexec_load_check()
function called
On 2024/04/24 11:20, Coiby Xu wrote:
> Fedora is going unify bin and sbin and /usr/sbin directory will become a
> symlink to bin [1]. So make sbindir configurable to support this case.
>
> [1] https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin
>
> Signed-off-by: Coiby Xu
> ---
>
On Tue, May 21, 2024 at 11:48:49AM +0800, Baoquan He wrote:
On 04/25/24 at 06:04pm, Coiby Xu wrote:
When there is CPU/memory hot-plugging, the kdump kernel image and initrd
will be reloaded. The user space can write the "reuse" command to
/sys/kernel/crash_dm_crypt_key so the stored keys can be
On Tue, May 21, 2024 at 11:13:43AM +0800, Baoquan He wrote:
On 05/21/24 at 09:58am, Coiby Xu wrote:
On Mon, May 20, 2024 at 02:16:43PM +0800, Baoquan He wrote:
> On 04/25/24 at 06:04pm, Coiby Xu wrote:
> > Currently, kexec_buf is placed in order which means for the same
> > machine, the info in