Subject: Re: Backport of KPTI to 2.6.32 available
To: Greg KH <greg@kroah.com>
Cc: linux-kernel <linux-kernel@vger.kernel.org>
References: <62683052-9333-b2af-4230-241388c3bc31@mvista.com>
 <20180111203213.GA301@kroah.com>
From: Corey Minyard <cminyard@mvista.com>
Message-ID: <5af37236-481c-1edf-7a09-75369004153e@mvista.com>
Date: Thu, 11 Jan 2018 15:10:51 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20180111203213.GA301@kroah.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
Sender: linux-kernel-owner@vger.kernel.org

On 01/11/2018 02:32 PM, Greg KH wrote:
> On Thu, Jan 11, 2018 at 11:42:38AM -0600, Corey Minyard wrote:
>> I've completed a backport of KPTI from linux-stable-3.2.y to 2.6.32.71, in
>> case anyone is interested and wants to avoid all the work I went through.
>> It's available at:
>>
>> https://github.com/MontaVista-OpenSourceTechnology/linux-nonlts-secfix.git
>> linux-2.6.32-secfix
>>
>> I'll try to keep it up to date with fixes andn with Spectre fixes.
> That's crazy, why update it now, when it's missing hundreds, if not
> thousands, of other much more severe security fixes?  What makes this
> one more "urgent" than all of the others?
>
> Anyway, anyone running this branch is getting a very false sense of "I'm
> running a fixed kernel!"  I strongly recommend it not be used for
> anything...

Yes, this is not useful as it is, you must be maintaining the kernel 
separately.  I put
this out as a help to anyone else who might need this.  I certainly 
don't expect
it to be used as-is.

>> A 3.10 branch will hopefully be coming, too.
> Again, why?  There's backports for this in the android-common tree if
> you really want it.  But again, you really do not.

Oh yeah, I guess the android kernel would be the way to go here. Never mind.

-corey