tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'char-misc-6.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char driver and Documentation fixes from Greg KH:
"Here is a char driver fix and some documentation updates for 6.5-rc4
that contain the following changes:

- sram/genalloc bugfix for reported problem

- security-bugs.rst update based on recent discussions

- embargoed-hardware-issues minor cleanups and then partial revert
for the project/company lists

All of these have been in linux-next for a while with no reported
problems, and the documentation updates have all been reviewed by the
relevant developers"

* tag 'char-misc-6.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
misc/genalloc: Name subpools by of_node_full_name()
Documentation: embargoed-hardware-issues.rst: add AMD to the list
Documentation: embargoed-hardware-issues.rst: clean out empty and unused entries
Documentation: security-bugs.rst: clarify CVE handling
Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group

Linus Torvalds cf270e7b b0b9850e

+19 -25
-3
Documentation/process/embargoed-hardware-issues.rst
··· 254 254 Samsung Javier González <javier.gonz@samsung.com> 255 255 256 256 Microsoft James Morris <jamorris@linux.microsoft.com> 257 - VMware 258 257 Xen Andrew Cooper <andrew.cooper3@citrix.com> 259 258 260 259 Canonical John Johansen <john.johansen@canonical.com> ··· 262 263 Red Hat Josh Poimboeuf <jpoimboe@redhat.com> 263 264 SUSE Jiri Kosina <jkosina@suse.cz> 264 265 265 - Amazon 266 266 Google Kees Cook <keescook@chromium.org> 267 267 268 - GCC 269 268 LLVM Nick Desaulniers <ndesaulniers@google.com> 270 269 ============= ======================================================== 271 270
+17 -20
Documentation/process/security-bugs.rst
··· 63 63 of the report are treated confidentially even after the embargo has been 64 64 lifted, in perpetuity. 65 65 66 - Coordination 67 - ------------ 66 + Coordination with other groups 67 + ------------------------------ 68 68 69 - Fixes for sensitive bugs, such as those that might lead to privilege 70 - escalations, may need to be coordinated with the private 71 - <linux-distros@vs.openwall.org> mailing list so that distribution vendors 72 - are well prepared to issue a fixed kernel upon public disclosure of the 73 - upstream fix. Distros will need some time to test the proposed patch and 74 - will generally request at least a few days of embargo, and vendor update 75 - publication prefers to happen Tuesday through Thursday. When appropriate, 76 - the security team can assist with this coordination, or the reporter can 77 - include linux-distros from the start. In this case, remember to prefix 78 - the email Subject line with "[vs]" as described in the linux-distros wiki: 79 - <http://oss-security.openwall.org/wiki/mailing-lists/distros#how-to-use-the-lists> 69 + The kernel security team strongly recommends that reporters of potential 70 + security issues NEVER contact the "linux-distros" mailing list until 71 + AFTER discussing it with the kernel security team. Do not Cc: both 72 + lists at once. You may contact the linux-distros mailing list after a 73 + fix has been agreed on and you fully understand the requirements that 74 + doing so will impose on you and the kernel community. 75 + 76 + The different lists have different goals and the linux-distros rules do 77 + not contribute to actually fixing any potential security problems. 80 78 81 79 CVE assignment 82 80 -------------- 83 81 84 - The security team does not normally assign CVEs, nor do we require them 85 - for reports or fixes, as this can needlessly complicate the process and 86 - may delay the bug handling. If a reporter wishes to have a CVE identifier 87 - assigned ahead of public disclosure, they will need to contact the private 88 - linux-distros list, described above. When such a CVE identifier is known 89 - before a patch is provided, it is desirable to mention it in the commit 90 - message if the reporter agrees. 82 + The security team does not assign CVEs, nor do we require them for 83 + reports or fixes, as this can needlessly complicate the process and may 84 + delay the bug handling. If a reporter wishes to have a CVE identifier 85 + assigned, they should find one by themselves, for example by contacting 86 + MITRE directly. However under no circumstances will a patch inclusion 87 + be delayed to wait for a CVE identifier to arrive. 91 88 92 89 Non-disclosure agreements 93 90 -------------------------
+1 -1
drivers/misc/sram.c
··· 236 236 } 237 237 if (!label) 238 238 block->label = devm_kasprintf(sram->dev, GFP_KERNEL, 239 - "%s", dev_name(sram->dev)); 239 + "%s", of_node_full_name(child)); 240 240 else 241 241 block->label = devm_kstrdup(sram->dev, 242 242 label, GFP_KERNEL);
+1 -1
lib/genalloc.c
··· 895 895 896 896 of_property_read_string(np_pool, "label", &name); 897 897 if (!name) 898 - name = np_pool->name; 898 + name = of_node_full_name(np_pool); 899 899 } 900 900 if (pdev) 901 901 pool = gen_pool_get(&pdev->dev, name);