)]}'
{
  "commit": "f02cf148ebb71c46fa165ce40850a1c1bb6fa229",
  "tree": "acbafaed1d6d5dc40927ea3955b9ee396dfd7449",
  "parents": [
    "051a575bffd104d38210ec6daf499202fd535f82"
  ],
  "author": {
    "name": "Zijian Zhang",
    "email": "zijianzhang@bytedance.com",
    "time": "Wed Nov 06 00:37:42 2024 +0000"
  },
  "committer": {
    "name": "Arnav Kansal",
    "email": "rnv@google.com",
    "time": "Mon Dec 30 12:55:01 2024 -0800"
  },
  "message": "bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx\n\n[ Upstream commit 44d0469f79bd3d0b3433732877358df7dc6b17b1 ]\n\nAs the introduction of the support for vsock and unix sockets in sockmap,\ntls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK.\nvsock and af_unix sockets have vsock_sock and unix_sock instead of\ninet_connection_sock. For these sockets, tls_get_ctx may return an invalid\npointer and cause page fault in function tls_sw_ctx_rx.\n\nBUG: unable to handle page fault for address: 0000000000040030\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:sk_psock_strp_data_ready+0x23/0x60\nCall Trace:\n ? __die+0x81/0xc3\n ? no_context+0x194/0x350\n ? do_page_fault+0x30/0x110\n ? async_page_fault+0x3e/0x50\n ? sk_psock_strp_data_ready+0x23/0x60\n virtio_transport_recv_pkt+0x750/0x800\n ? update_load_avg+0x7e/0x620\n vsock_loopback_work+0xd0/0x100\n process_one_work+0x1a7/0x360\n worker_thread+0x30/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x112/0x130\n ? __kthread_cancel_work+0x40/0x40\n ret_from_fork+0x1f/0x40\n\nv2:\n  - Add IS_ICSK check\nv3:\n  - Update the commits in Fixes\n\nBUG\u003db/386034426\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed CVE-2024-53091 in the Linux kernel.\n\ncos-patch: security-moderate\nFixes: 634f1a7110b4 (\"vsock: support sockmap\")\nFixes: 94531cfcbe79 (\"af_unix: Add unix_stream_proto for sockmap\")\nChange-Id: I664312945a813125ec41e6d23a29324a0ea1db4e\nSigned-off-by: Zijian Zhang \u003czijianzhang@bytedance.com\u003e\nAcked-by: Stanislav Fomichev \u003csdf@fomichev.me\u003e\nAcked-by: Jakub Kicinski \u003ckuba@kernel.org\u003e\nReviewed-by: Cong Wang \u003ccong.wang@bytedance.com\u003e\nAcked-by: Stefano Garzarella \u003csgarzare@redhat.com\u003e\nLink: https://lore.kernel.org/r/20241106003742.399240-1-zijianzhang@bytedance.com\nSigned-off-by: Martin KaFai Lau \u003cmartin.lau@kernel.org\u003e\nSigned-off-by: Sasha Levin \u003csashal@kernel.org\u003e\nSigned-off-by: Kernel CVE Triage Automation \u003ccloud-image-kernel-cve-triage-automation@prod.google.com\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/89279\nReviewed-by: Arnav Kansal \u003crnv@google.com\u003e\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Kevin Berry \u003ckpberry@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "2ad28545b15f0151c5f96b403af2d4d3dfeb3904",
      "old_mode": 33188,
      "old_path": "include/net/tls.h",
      "new_id": "6c642ea18050418c77b86cc0f669f9dffbd280cf",
      "new_mode": 33188,
      "new_path": "include/net/tls.h"
    }
  ]
}