[PATCH 0/3][B] Insufficient shootdown for paging-structure caches (LP: #1798897)

Tyler Hicks tyhicks at canonical.com
Fri Oct 19 22:38:18 UTC 2018

BugLink: https://launchpad.net/bugs/1798897


Paging structure caches are not always flushed as part of a TLB shootdown
operation on x86. See the Project Zero writeup for more details:


[Test Case]

Ideally, we'd be able to use the test case described in the Project Zero bug
report. However, it depends on certain processor features as well as custom
kernel changes to make the proof-of-concept more likely to be successful.

Instead, I think we're limited to simple boot testing and then will need to
rely on our regular SRU testing.

[Regression Potential]

Considerable since the changes are in mm/ but these three patches have been
released in the upstream linux-stable trees for a while now.

This issue is worthy of a CVE ID and it is my undersatnding that Jann is going
to request one but we should move forward with reviewing/applying these patches
in the meantime.

These patches are already present in the Cosmic kernel. This issue does not
affect kernels older than Bionic's kernel.


More information about the kernel-team mailing list