ACK: [Xenial][SRU][CVE-2018-20784][PATCH 0/1] fix infinite loop
kamal at canonical.com
Mon Sep 30 15:34:34 UTC 2019
Port looks good to me.
Acked-by: Kamal Mostafa <kamal at canonical.com>
On Fri, Sep 27, 2019 at 11:54:49AM -0700, Connor Kuehl wrote:
> From the link above:
> "In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf
> cfs_rq's, which allows attackers to cause a denial of service (infinite
> loop in update_blocked_averages) or possibly have unspecified other impact
> by inducing a high load."
> Note, this fix reverts another patch that was specifically SRU'd in to
> Xenial: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1747896
> In the hopes of avoiding a trade of 1 regression for another, I did a bit of an
> A/B test to see if I could experience any blatant issues.
> I booted Xenial in a 64 bit VM twice. The first time was without this
> CVE backport applied. The second time was with it applied. I ran the
> reproducer in both cases and experienced the same CPU utilization (both
> cores I allocated to my VM were at 100%) and in both cases I experienced
> stable memory pressure. They would both hover around 120MB +/- 3-5MB.
> The primary difference between the two runs was where I'd watch the
> WITHOUT the CVE backport: the cfs_rqs fluctuated between 13-18
> WITH the CVE backport: the cfs_rqs started around 65, then floated down
> to 61.
> If there are more tests that anyone would like to see performed before
> we settle on a decision for this backport, please let me know. I'm happy
> to do it.
> - Connor
> Linus Torvalds (1):
> sched/fair: Fix infinite loop in update_blocked_averages() by
> reverting a9e7f6544b9c
> kernel/sched/fair.c | 44 ++++++++++----------------------------------
> 1 file changed, 10 insertions(+), 34 deletions(-)
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
More information about the kernel-team