Received: by 2002:a05:6a10:1d13:0:0:0:0 with SMTP id pp19csp277808pxb; Wed, 18 Aug 2021 02:03:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzpJ8DO+oUeb0Hiu0xwIfKn78rXnlyZdjBbXUdG0Yw/IuUwvTAezF6i/evoHh2pGV7kOIuM X-Received: by 2002:a17:906:404:: with SMTP id d4mr8746377eja.449.1629277405438; Wed, 18 Aug 2021 02:03:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629277405; cv=none; d=google.com; s=arc-20160816; b=FFdCB2dSX5dlKfnLtkM+iJY8wA39fyoaTWgxPTgeiofSTCtjwShAPG0Kxo5K/KujE8 Tmx642/+ZZlksYRjJJ5DgjKKsIrwsDNvdehXuy/wn4w1+pfXUWQ7vBRNU6Fp+N5Ab61p 4l0p3Z48QclVkhphz9jdLZFU5dI8feCcLj5ODhUfkIfw+wkEySZFcA03bz5+YYVgUJ7U wzRgxVUYanXwCAtXibtZBkvplnltmO6rPz1wxXn+OksWULOpYpFXz7JlJnNEmH5KZG1c EQz9JJbZN5FKchz7v1RT+u4HcppYqNcxe3D/PUH9ifSQpM+htWnLJR/5f8AEwTkXEsqQ 6F7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=ZWoYuucw2+yHe7963fiJqGnyazpc3EhrD34mEgAY4MU=; b=gLytDyuIf41lccYU2SGohIePW0jWGWpZEnxPK4yOu4x6rcqS2me+xNLfVVEXVwX/jm tBXZ7/xz8nBSz4T47db+zNlNWBbjaRjDi4WTHn5Sl6bda4avf3s3LSF0Z9vgAFLqG8Cu /FpCE5bR1mTEpdPA8Gts4x5lmdgeS9WYsro5H4P7w9jpyqdDzqdORWWojeu7wmxd0XyP xOorXrIfU9v7NRpCzCTKD/RAlEtLlBddTHM6EszqZtVybjxA1+bYrGa1+X9wE0mYZSjr 68UWcYApIOryGO1JJYvtIswOFTphJ2/avkCoSkTdcW9I0lQLKOF/T+yKhkTMVAz6EmtK rE7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0ZDtVGFA; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h6si4889552ejk.727.2021.08.18.02.02.59; Wed, 18 Aug 2021 02:03:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=0ZDtVGFA; spf=pass (google.com: domain of linux-wireless-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-wireless-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230078AbhHRJDY (ORCPT + 99 others); Wed, 18 Aug 2021 05:03:24 -0400 Received: from mail.kernel.org ([198.145.29.99]:53236 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229574AbhHRJDY (ORCPT ); Wed, 18 Aug 2021 05:03:24 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 917E161053; Wed, 18 Aug 2021 09:02:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1629277370; bh=gHGb8aPOCFbTLtg2r0KhV1R6IEtwItwZ77US9YzwBlg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=0ZDtVGFADL55+lK/kY/hZ22HfZMrJMYbcan5LZ5QwbTuHPro551R6MI+Uhj8THsYh OkOIk2dnu0GCK/zBkCgIE2xdraiAsGb7RMZga2k+QreNjdL+vfhDFzOrcszdWCcAjN VAt44/Tt54tHO0Ate/9kY8D/HeIp/tS4tbf6AtRw= Date: Wed, 18 Aug 2021 11:02:47 +0200 From: Greg KH To: Pali =?iso-8859-1?Q?Roh=E1r?= Cc: stable@vger.kernel.org, Sasha Levin , Kalle Valo , linux-wireless@vger.kernel.org Subject: Re: Backporting CVE-2020-3702 ath9k patches to stable Message-ID: References: <20210818084859.vcs4vs3yd6zetmyt@pali> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20210818084859.vcs4vs3yd6zetmyt@pali> Precedence: bulk List-ID: X-Mailing-List: linux-wireless@vger.kernel.org On Wed, Aug 18, 2021 at 10:48:59AM +0200, Pali Roh?r wrote: > Hello! I would like to request for backporting following ath9k commits > which are fixing CVE-2020-3702 issue. > > 56c5485c9e44 ("ath: Use safer key clearing with key cache entries") > 73488cb2fa3b ("ath9k: Clear key cache explicitly on disabling hardware") > d2d3e36498dd ("ath: Export ath_hw_keysetmac()") > 144cd24dbc36 ("ath: Modify ath_key_delete() to not need full key entry") > ca2848022c12 ("ath9k: Postpone key cache entry deletion for TXQ frames reference it") > > See also: > https://lore.kernel.org/linux-wireless/87o8hvlx5g.fsf@codeaurora.org/ > > This CVE-2020-3702 issue affects ath9k driver in stable kernel versions. > And due to this issue Qualcomm suggests to not use open source ath9k > driver and instead to use their proprietary driver which do not have > this issue. > > Details about CVE-2020-3702 are described on the ESET blog post: > https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/ > > Two months ago ESET tested above mentioned commits applied on top of > 4.14 stable tree and confirmed that issue cannot be reproduced anymore > with those patches. Commits were applied cleanly on top of 4.14 stable > tree without need to do any modification. What stable tree(s) do you want to see these go into? And what order are the above commits to be applied in, top-to-bottom or bottom-to-top? thanks, greg k-h