| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 May 2016 17:10:34 -0700 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-kernel@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, stable@...r.kernel.org, Vitaly Kuznetsov <vkuznets@...hat.com>, Jan Beulich <jbeulich@...e.com>, Andrew Morton <akpm@...ux-foundation.org>, Andy Lutomirski <luto@...capital.net>, Boris Ostrovsky <boris.ostrovsky@...cle.com>, Borislav Petkov <bp@...en8.de>, Brian Gerst <brgerst@...il.com>, David Vrabel <david.vrabel@...rix.com>, Denys Vlasenko <dvlasenk@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, Juergen Gross <JGross@...e.com>, Linus Torvalds <torvalds@...ux-foundation.org>, "Luis R. Rodriguez" <mcgrof@...e.com>, Peter Zijlstra <peterz@...radead.org>, Thomas Gleixner <tglx@...utronix.de>, Toshi Kani <toshi.kani@...com>, xen-devel <xen-devel@...ts.xenproject.org>, Ingo Molnar <mingo@...nel.org> Subject: [PATCH 4.5 035/200] x86/mm/xen: Suppress hugetlbfs in PV guests 4.5-stable review patch. If anyone has any objections, please let me know. ------------------ From: Jan Beulich <JBeulich@...e.com> commit 103f6112f253017d7062cd74d17f4a514ed4485c upstream. Huge pages are not normally available to PV guests. Not suppressing hugetlbfs use results in an endless loop of page faults when user mode code tries to access a hugetlbfs mapped area (since the hypervisor denies such PTEs to be created, but error indications can't be propagated out of xen_set_pte_at(), just like for various of its siblings), and - once killed in an oops like this: kernel BUG at .../fs/hugetlbfs/inode.c:428! invalid opcode: 0000 [#1] SMP ... RIP: e030:[<ffffffff811c333b>] [<ffffffff811c333b>] remove_inode_hugepages+0x25b/0x320 ... Call Trace: [<ffffffff811c3415>] hugetlbfs_evict_inode+0x15/0x40 [<ffffffff81167b3d>] evict+0xbd/0x1b0 [<ffffffff8116514a>] __dentry_kill+0x19a/0x1f0 [<ffffffff81165b0e>] dput+0x1fe/0x220 [<ffffffff81150535>] __fput+0x155/0x200 [<ffffffff81079fc0>] task_work_run+0x60/0xa0 [<ffffffff81063510>] do_exit+0x160/0x400 [<ffffffff810637eb>] do_group_exit+0x3b/0xa0 [<ffffffff8106e8bd>] get_signal+0x1ed/0x470 [<ffffffff8100f854>] do_signal+0x14/0x110 [<ffffffff810030e9>] prepare_exit_to_usermode+0xe9/0xf0 [<ffffffff814178a5>] retint_user+0x8/0x13 This is CVE-2016-3961 / XSA-174. Reported-by: Vitaly Kuznetsov <vkuznets@...hat.com> Signed-off-by: Jan Beulich <jbeulich@...e.com> Cc: Andrew Morton <akpm@...ux-foundation.org> Cc: Andy Lutomirski <luto@...capital.net> Cc: Boris Ostrovsky <boris.ostrovsky@...cle.com> Cc: Borislav Petkov <bp@...en8.de> Cc: Brian Gerst <brgerst@...il.com> Cc: David Vrabel <david.vrabel@...rix.com> Cc: Denys Vlasenko <dvlasenk@...hat.com> Cc: H. Peter Anvin <hpa@...or.com> Cc: Juergen Gross <JGross@...e.com> Cc: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Luis R. Rodriguez <mcgrof@...e.com> Cc: Peter Zijlstra <peterz@...radead.org> Cc: Thomas Gleixner <tglx@...utronix.de> Cc: Toshi Kani <toshi.kani@...com> Cc: xen-devel <xen-devel@...ts.xenproject.org> Link: http://lkml.kernel.org/r/57188ED802000078000E431C@prv-mh.provo.novell.com Signed-off-by: Ingo Molnar <mingo@...nel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org> --- arch/x86/include/asm/hugetlb.h | 1 + 1 file changed, 1 insertion(+) --- a/arch/x86/include/asm/hugetlb.h +++ b/arch/x86/include/asm/hugetlb.h @@ -4,6 +4,7 @@ #include <asm/page.h> #include <asm-generic/hugetlb.h> +#define hugepages_supported() cpu_has_pse static inline int is_hugepage_only_range(struct mm_struct *mm, unsigned long addr,
Powered by blists - more mailing lists