Re: Cip-kernel-sec Updates for Week of 2021-02-18

Florian Bezdeka

On Thu, 2021-02-18 at 17:52 +0800, Chen-Yu Tsai (Moxa) wrote:
On Thu, Feb 18, 2021 at 5:49 PM Pavel Machek <pavel@...> wrote:

On Thu 2021-02-18 17:21:57, Chen-Yu Tsai wrote:
Hi everyone,

Five new issues this week:

CVE-2021-20239 [setsockopt copy_from_user error] - fixed in 5.4 and
removed from 5.10
CVE-2021-26930 [xen-blkback error handling] - PR sent
CVE-2021-26931 [xen backends: BUG_ON in error handling] - PR sent
CVE-2021-26932 [xen grant mapping error handling] - PR sent
CVE-2021-26934 [xen unsupported driver] - Xen documentation change
stating be-alloc display driver is unsupported

Linus doesn't seem to be processing PRs for the new merge window yet,
so we might have to wait a while before the Xen ones are fixed and
Well, Xen is not a typical thing to run on embbeded hardware, but I
did not check the configs.
I see Renesas and Siemens have it enabled. Is Xen still relevant?
Or has everyone switched over to KVM + QEMU?
Where is the mentioned kernel config located? I wasn't able to find the
correct git tree.

We already had a short internal discussion and are quite sure that we
don't need it. Just point me to the configuration. We will review again
and come up with the necessary patch to disable it.

It seems Linus is having power problems:
I read the headline on Phoronix, but didn't know it was this bad.
That also explains why was completely empty yesterday.


Best regards,

Date: Tue, 16 Feb 2021 12:25:06 -0800
From: Linus Torvalds <torvalds@...>
To: Konstantin Ryabitsev <konstantin@...>
Cc: users@...
Subject: Re: [ users] Partial power outage in the PDX

[-- Attachment #1 --]
[-- Type: multipart/alternative, Encoding: 7bit, Size: 2.2K --]

Sadly, the power at my house is still entirely out, although cell
has now been fixed so at least I can read some email without walking

But with no power for my laptop or workstation, I won't be starting
merge window until power is back more widely in they Portland area.

My neighborhood is likely not a priority, so it very possibly will be
a few
more days (so far without power since Sunday evening).

Even the local highway 43 (ok, not a big highway, but still) is still
closed down two days later due to downed trees.


DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join to automatically receive all group messages.