toggle quoted messageShow quoted text
By this time, you may have already left from cip-dev, but I wanted to update our status.
We again discussed this, and Iwamatsu-san kindly took over this and created patches.
In order to make sure that those patches appropriately address the issue, he is sending
RFC to the Intel contributors.
Thanks again for your comments.
Also, I wanted to re-iterate my thankfulness to you for what you have done for CIP.
I am really hoping your good luck in your new tasks.
From: cip-dev@... <cip-dev@...> On Behalf Of
Sent: Thursday, November 12, 2020 5:50 AM
To: cip-dev@...; nobuhiro1.iwamatsu@...;
Subject: Re: [cip-dev] Backporting of security patches for Intel i40e drivers
On Wed, 2020-11-11 at 13:18 +0000, masashi.kudo@... wrote:
Hi,CVE-2019-0148 in the following email.
The other day, I inquired about CVE-2019-0145, CVE-2019-0147, and
The kernel team discussed for weeks how to deal with them.
As a result of these discussions, we concluded to ignore them until Intel fixes
- The descriptions of patches are not clear, and we cannot figure outThey all seemed to involve communication with the owner of a PCIe Virtual
what is right
- The patches we identified do not really look like fixing too serious stuff.
Function (VF). A VF might be assigned to a VM or privileged process. In Civil
Infrastructure systems those should already be trusted and so the issues don't
matter that much.
So far, we had the following AI, but we close this based on the above situation.[...]
2. Check whether CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 needs to
be backported to 4.4 - Kernel Team
Well, I found it quite easy to backport the applicable parts of the fixes. I already
sent them along with some other fixes for the 4.14 and 4.9 branches, and could
still do so for 4.4.
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom