Re: [4.4.y] cred_getsecid hook


Pavel Machek
 

Hi!

If CVE-2021-39686 is important to you, right way forward would be to
backport neccessary changes to 4.9, first. We would rather not have
changes in 4.4-st that are not present in 4.9.X.
Hi Pavel, thanks for the reply.

I'm happy to contribute what I have back to 4.9. Can you give me some guidance on how I'd do that?
I've never contributed to the upstream kernel before but am confident in C/C++ and git and am maintaining an Android kernel fork.
In this case it should be pretty straight forward. All commits are from Googles android-mainline branch, backported where required, but mostly unchanged and I have the upstream discussions from the kernel ML for reference. If you are curious the 38 commits I want to backport to reduce the divergence and then fix that CVE can be found at https://github.com/Flamefire/android_kernel_sony_msm8998/pull/24.

It will likely be easy enough to port them to the 4.9 branch but I'd need to know how to have them applied and/or who to contact.
It should be enough to send them to stable@ mailing list, as described
in Documentation/process/stable-kernel-rules.rst . Greg KH (see
maintainers) is the person to talk to, but mailing list should be enough.

PS: Greetings from Dresden, Germany
Nice to meet you, Alex!

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join cip-dev@lists.cip-project.org to automatically receive all group messages.