ACK/Cmnt: [SRU][Trusty][PATCH 0/7] Follow-up fixes for CVE-2018-3620/CVE-2018-3646

Stefan Bader stefan.bader at canonical.com
Fri Aug 24 10:00:20 UTC 2018 

On 22.08.2018 08:40, Juerg Haefliger wrote:
> This patch series reenables NUMA balancing by disentangling _PAGE_NUMA from
> _PAGE_PROTNONE. It also fixes the remap_file_pages syscall to invert the PTE
> offset bits. This was an oversight since that code is no longer present in the
> Xenial kernel. Note that *not* inverting the offset bits doesn't cause any
> functional problems but simply doesn't protect swapped out entries against
> L1TF.
> 
> I'm still trying to get access to a NUMA system to do some testing to
> verify that NUMA is working as expected (whatever that means).
> 
> Compile-tested all supported architectures and verified that tomcat7
> (java) starts succesfully.
> 
> Signed-off-by: Juerg Haefliger <juergh at canonical.com>
> 
> 
> Aneesh Kumar K.V (1):
>   mm: Move change_prot_numa outside CONFIG_ARCH_USES_NUMA_PROT_NONE
> 
> Cyrill Gorcunov (1):
>   mm: x86 pgtable: drop unneeded preprocessor ifdef
> 
> Hugh Dickins (1):
>   x86,mm: fix pte_special versus pte_numa
> 
> Juerg Haefliger (2):
>   Revert "UBUNTU: [Config] disable NUMA_BALANCING"
>   UBUNTU: SAUCE: x86/fremap: Invert the offset when converting to/from a
>     PTE
> 
> Mel Gorman (2):
>   x86: require x86-64 for automatic NUMA balancing
>   x86: define _PAGE_NUMA by reusing software bits on the PMD and PTE
>     levels
> 
>  arch/x86/Kconfig                          |  2 +-
>  arch/x86/include/asm/pgtable-2level.h     | 10 ----
>  arch/x86/include/asm/pgtable.h            | 20 +++++--
>  arch/x86/include/asm/pgtable_64.h         | 46 ++++++++++++----
>  arch/x86/include/asm/pgtable_types.h      | 66 ++++++++++++-----------
>  arch/x86/mm/pageattr-test.c               |  2 +-
>  debian.master/config/config.common.ubuntu |  4 +-
>  include/asm-generic/pgtable.h             |  8 ++-
>  include/linux/mm.h                        |  2 +-
>  include/linux/swapops.h                   |  2 +-
>  mm/fremap.c                               |  6 +++
>  mm/memory.c                               | 10 ++--
>  mm/mempolicy.c                            |  5 +-
>  13 files changed, 112 insertions(+), 71 deletions(-)
> 
On a quick glance, those changes look reasonable, but of course this is an area
of many pitfalls. With the other things going on it is possible that the NUMA
balancing disabled has not as much real world impact as initially thought.
But then this is likely a change we need to do longterm, so I would opt to
tentatively take this and revert all but the last one (#7) in case of any
observed issue.

Acked-by: Stefan Bader <stefan.bader at canonical.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180824/6edfb6be/attachment.sig>

More information about the kernel-team mailing list