Received: by 2002:a05:7208:13ce:b0:7f:395a:35b6 with SMTP id r14csp333034rbe;
        Thu, 29 Feb 2024 00:23:22 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCXlpyZLXduCOsaPLYTDWE8HVsuWJ4EO8AUrVOA+iZYW8ACOyN8UeI5ApsuzEpzeakC8bLKK+eWMC/DPeL92X5quioKzmtXyGMxqQFSp/Q==
X-Google-Smtp-Source: AGHT+IHe/DAU4y0b5aXDFzu72lvQcmgzWL6KArlz8KMbeJ5hRWIZz2Bvi1d2hcdA5WsRIF3RjnyR
X-Received: by 2002:a05:6a00:9387:b0:6e4:62f4:c58a with SMTP id ka7-20020a056a00938700b006e462f4c58amr1993647pfb.9.1709195001847;
        Thu, 29 Feb 2024 00:23:21 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1709195001; cv=pass;
        d=google.com; s=arc-20160816;
        b=OnwR3o2S7OqFkEc39J3JxsPtQmvH6fKoM1aDDqgdahn4yKh2YVphaAEpwL+jvsEw8S
         oiG2JLp6OVb/IPtWHcDbW7rM+sLrQcl/e1f2g2Tf9DHf4t3ltgDMKfFNbeQOg1x+e1KL
         i5DQnSYtpl3d+A8UOaX6gQG0Ruh9e3UMIE+eLbRPYVs0U1dLLyCRjxBEgWOCPHm4sYsG
         4Km3sLIQ1vWhZrxPYEoooASD3BFCrsbM6jK/4qgAc8226PMrw2CyaqcgzcIrNwOJoeec
         u5danZ1ZLNX5qrqvrpt1sjy5TcmpKJ4Yt8/Qsd5sAYTl9ZeN8Fk2RmjcajpMwz95L+3S
         Z8DQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature:dkim-signature;
        bh=MW2luePY0HevCcovwObd3ZjzFMxMkkEUPysfSuWg8hg=;
        fh=GvokS+VdW6gtBYNLjmzFU7qWe3WZf+IH3/z/y6WFs6g=;
        b=wMjrg0h5rpme5Qm36aQIbOUgWaGEvIUiBfWNR2F1fHAgL9e3Jl9scbxotfo6UySN3A
         4MyG1bszbtSUalOmT/5SdLKO+3s6P1VYvZYleDE+AyIEg0jfn+imkTOLKr8zc9dJxaWk
         PNI8zFuMxtNPyHmHphsoF4l1/DrCUSskVodPF0DkcYgL3FD5UUXYz0FReIQxXN6WK5UH
         GGaUIuaUrn5aFKS274eJ2RKdVdfMF5buJ8U3OdxZ6wk4kANoH8yzgJgUQMN9gc//jjFH
         saVW2o6naTUiU9QZheeltXRcYmEzV+9Vz2+r1m9G8k8Ulehrusr6DSuyiK9SlNqrDjFz
         KXqQ==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@suse.com header.s=susede1 header.b="d1ek/UX3";
       dkim=pass header.i=@suse.com header.s=susede1 header.b="d1ek/UX3";
       arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com);
       spf=pass (google.com: domain of linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com
Return-Path: <linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1])
        by mx.google.com with ESMTPS id h8-20020a056a00170800b006e566e4a610si873725pfc.224.2024.02.29.00.23.21
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 29 Feb 2024 00:23:21 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@suse.com header.s=susede1 header.b="d1ek/UX3";
       dkim=pass header.i=@suse.com header.s=susede1 header.b="d1ek/UX3";
       arc=pass (i=1 spf=pass spfdomain=suse.com dkim=pass dkdomain=suse.com dkim=pass dkdomain=suse.com dmarc=pass fromdomain=suse.com);
       spf=pass (google.com: domain of linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86283-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 93A32B22868
	for <linux.lists.archive@gmail.com>; Thu, 29 Feb 2024 08:23:03 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id E34844B5DA;
	Thu, 29 Feb 2024 08:22:56 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="d1ek/UX3";
	dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="d1ek/UX3"
Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 672644EB23
	for <linux-kernel@vger.kernel.org>; Thu, 29 Feb 2024 08:22:54 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1709194976; cv=none; b=WUuV8XyicrIdnnhLHNXmJwSWJPJB9gUMEajPlxrBUpoyxihXf57QvlDvH4F8tLLXUOtA8mYtne0XVYJYf7tsXgyQLpwiOezURdUmK7Bb9qH90LsLhB3vQWXpzMEvWeNga7a90KgsWqI6yEchKoa6C74b8n2PSm4B14l9B9rAbBA=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1709194976; c=relaxed/simple;
	bh=bPF2YbkEpmtIU2i5MPXXf9UnKzojtrmHcH22PccGBFM=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=tJBAiP5d9Q9bqgJYrmt2C6banobnaUiaVzsmBuk/eT7d6WmhNFTANmS5MgmCCTt/CJqHDxdmHNwlOOjBZpIQg7k6wjRaAy6kVWuqsRsP8lPPZb4HqRWJVYoamws943Gj4cxyiniY0qdonl5X8ZvAQoyleCcDNBLBcZ9ic8YS1r4=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com; spf=pass smtp.mailfrom=suse.com; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=d1ek/UX3; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b=d1ek/UX3; arc=none smtp.client-ip=195.135.223.130
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com
Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp-out1.suse.de (Postfix) with ESMTPS id 83935228B9;
	Thu, 29 Feb 2024 08:22:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
	t=1709194972; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=MW2luePY0HevCcovwObd3ZjzFMxMkkEUPysfSuWg8hg=;
	b=d1ek/UX3yjtZCAK+SigLd8tpnFyU61VQOZyjBFawKz65TcQaQJTs5QeqUg9JGpLWHTBbSh
	hG6Nc9rzTdcFzIG5C0wJqtFWYpjsPzFM3jmSsMqQKZ5vOBg4vdZX8WCQhTk7J777S3aof0
	QzpsqSIvtYIRKcGZfupKqkp+4txgzS0=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
	t=1709194972; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=MW2luePY0HevCcovwObd3ZjzFMxMkkEUPysfSuWg8hg=;
	b=d1ek/UX3yjtZCAK+SigLd8tpnFyU61VQOZyjBFawKz65TcQaQJTs5QeqUg9JGpLWHTBbSh
	hG6Nc9rzTdcFzIG5C0wJqtFWYpjsPzFM3jmSsMqQKZ5vOBg4vdZX8WCQhTk7J777S3aof0
	QzpsqSIvtYIRKcGZfupKqkp+4txgzS0=
Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 591E913A58;
	Thu, 29 Feb 2024 08:22:52 +0000 (UTC)
Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167])
	by imap1.dmz-prg2.suse.org with ESMTPSA
	id uRp4Etw+4GUqSgAAD6G6ig
	(envelope-from <mhocko@suse.com>); Thu, 29 Feb 2024 08:22:52 +0000
Date: Thu, 29 Feb 2024 09:22:51 +0100
From: Michal Hocko <mhocko@suse.com>
To: Kees Cook <keescook@chromium.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, cve@kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: CVE-2023-52451: powerpc/pseries/memhp: Fix access beyond end of
 drmem array
Message-ID: <ZeA-281OudkWBhd_@tiehlicka>
References: <2024022257-CVE-2023-52451-7bdb@gregkh>
 <Zdylmz28rZ-mCeiN@tiehlicka>
 <2024022639-wronged-grafted-6777@gregkh>
 <ZdytVTOgfvKBBvtn@tiehlicka>
 <202402271029.FD67395@keescook>
 <Zd8hPpP_6q_o8uQW@tiehlicka>
 <202402280906.D6D5590DB@keescook>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <202402280906.D6D5590DB@keescook>
Authentication-Results: smtp-out1.suse.de;
	none
X-Spam-Level: 
X-Spam-Score: -3.80
X-Spamd-Result: default: False [-3.80 / 50.00];
	 ARC_NA(0.00)[];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 FROM_HAS_DN(0.00)[];
	 RCPT_COUNT_THREE(0.00)[4];
	 TO_DN_SOME(0.00)[];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 MIME_GOOD(-0.10)[text/plain];
	 NEURAL_HAM_LONG(-1.00)[-1.000];
	 RCVD_COUNT_THREE(0.00)[3];
	 DKIM_SIGNED(0.00)[suse.com:s=susede1];
	 NEURAL_HAM_SHORT(-0.20)[-1.000];
	 FUZZY_BLOCKED(0.00)[rspamd.com];
	 FROM_EQ_ENVFROM(0.00)[];
	 MIME_TRACE(0.00)[0:+];
	 MID_RHS_NOT_FQDN(0.50)[];
	 RCVD_TLS_ALL(0.00)[];
	 BAYES_HAM(-3.00)[100.00%]
X-Spam-Flag: NO

On Wed 28-02-24 09:12:15, Kees Cook wrote:
> On Wed, Feb 28, 2024 at 01:04:14PM +0100, Michal Hocko wrote:
> > On Tue 27-02-24 10:35:40, Kees Cook wrote:
> > > On Mon, Feb 26, 2024 at 04:25:09PM +0100, Michal Hocko wrote:
> > [...]
> > > > Does that mean that any potentially incorrect input provided by an admin is
> > > > considered CVE now?
> > > 
> > > Yes. Have you seen what USER_NS does? There isn't a way to know how
> > > deployments are using Linux, and this is clearly a "weakness" as defined
> > > by CVE. It is better to be over zealous than miss things.
> > 
> > If we are over zealous to the point when almost any fix is marked CVE
> > then the special marking simply stops making any sense IMHO.
> 
> Perhaps, but the volume of fixes is high, and I think it's better to
> over estimate than under estimate -- the work needed to actually
> evaluate all these changes is huge: it's better to take everything from
> -stable.

This is simply not feasible for many downstream kernels and reasons have
been discussed many times.

> This has been a long standing problem with communicating this
> to engineering management in many organizations. They have pointed to
> the relatively small number of CVEs and said, "just backport those
> fixes", and trying to explain that it's is totally insufficient falls on
> deaf ears.

I think it is fair to say/expect that every downstream is responsibile
for the kernel they are distributing and that applies to vulnerabilities
affecting those kernels. Forcing fixes by slapping CVE over them sounds
just very dubious to me.

-- 
Michal Hocko
SUSE Labs