Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage

From: Peter Zijlstra
Date: Mon Jul 17 2023 - 07:07:25 EST

Next message: Shaoqin Huang: "Re: [PATCH v6 01/11] KVM: Rename kvm_arch_flush_remote_tlb() to kvm_arch_flush_remote_tlbs()"
Previous message: Niklas Schnelle: "[PATCH v11 4/6] iommu/s390: Force ISM devices to use IOMMU_DOMAIN_DMA"
In reply to: Daniel P. Berrangé: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Next in thread: Daniel P. Berrangé: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 17, 2023 at 10:22:51AM +0100, Daniel P. Berrangé wrote:
> I'm not aware of any kernel CVEs since that point in time that
> would have implied SBAT changes, but admittedly I've not paid
> close enough attention to be entirely confident. Is going back
> through 2 years of kernel CVEs (to the point where SBAT was
> invented) a long enough timeframe to satisfy this request for
> info on the frequency of changes ?

Many *MANY* security bugs never get a CVE. CVE is meaningless when it
comes to kernel bugs. Why does it make sense to review CVEs ?

Next message: Shaoqin Huang: "Re: [PATCH v6 01/11] KVM: Rename kvm_arch_flush_remote_tlb() to kvm_arch_flush_remote_tlbs()"
Previous message: Niklas Schnelle: "[PATCH v11 4/6] iommu/s390: Force ISM devices to use IOMMU_DOMAIN_DMA"
In reply to: Daniel P. Berrangé: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Next in thread: Daniel P. Berrangé: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]