Re: [PATCH 4.14 053/118] Revert "Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find.""

[Steffen Klassert]

On Tue, Jan 16, 2018 at 08:44:41AM +0100, Nicolas Dichtel wrote:
> Le 16/01/2018 à 07:33, Steffen Klassert a écrit :
> > 
> > Maybe you started to look again into this because Nicolas Dichtel
> > (Cced) asked to queue this patch on Jan 5, the patch was already
> > in the stable tree (Jan 4) but probably not in an actual release
> > at this time.
> Oh, I didn't find it at this time in the linux-stable tree nor in the stable
> patchwork. Bad timing :/
> 
> I still don't find it in the patchwork:
> http://patchwork.ozlabs.org/bundle/davem/stable/?series=&submitter=1442&state=*&q=&archive=both
> Am I missing something?

Not so sure which patches are included here, maybe just the ones
that still needs to be submitted to stable.

Anyway, the commit we need is included in v4.14.12:

commit 2d01ac8cc12b973668bf898b03bf9ffb12d83b83
Author: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
Date: Wed, 15 Nov 2017 06:40:57 +0100

Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find."

commit 94802151894d482e82c324edf2c658f8e6b96508 upstream.

This reverts commit c9f3f813d462c72dbe412cee6a5cbacf13c4ad5e.

This commit breaks transport mode when the policy template
has widlcard addresses configured, so revert it.

Signed-off-by: Steffen Klassert <steffen.klassert@xxxxxxxxxxx>
Cc: From: Derek Robson <robsonde@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

> 
> > 
> >>
> >> We can drop this, but you need to then tell us whether 4.14 needs
> >> the revert any longer and if so what the correct SHA ID would
> >> be.
> > 
> > I think we can we can just drop this.
> > 
> > Unless Nicolas knows something that is still missing, v4.14.12 and
> > above should be ok as is.
> I agree, we can drop this.

Ok, so let's drop it.

Thanks!