Re: [4.4.y] cred_getsecid hook

Pavel Machek


If CVE-2021-39686 is important to you, right way forward would be to
backport neccessary changes to 4.9, first. We would rather not have
changes in 4.4-st that are not present in 4.9.X.
Hi Pavel, thanks for the reply.

I'm happy to contribute what I have back to 4.9. Can you give me some guidance on how I'd do that?
I've never contributed to the upstream kernel before but am confident in C/C++ and git and am maintaining an Android kernel fork.
In this case it should be pretty straight forward. All commits are from Googles android-mainline branch, backported where required, but mostly unchanged and I have the upstream discussions from the kernel ML for reference. If you are curious the 38 commits I want to backport to reduce the divergence and then fix that CVE can be found at

It will likely be easy enough to port them to the 4.9 branch but I'd need to know how to have them applied and/or who to contact.
It should be enough to send them to stable@ mailing list, as described
in Documentation/process/stable-kernel-rules.rst . Greg KH (see
maintainers) is the person to talk to, but mailing list should be enough.

PS: Greetings from Dresden, Germany
Nice to meet you, Alex!

Best regards,
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join to automatically receive all group messages.