subject:"\[Kernel\-packages\] \[Bug 1755817\] Re\: Segmentation fault in ldt_gdt

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2019-07-24 Thread Brad Figg

** Tags added: cscc

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Invalid
Status in linux source package in Trusty:
Fix Released

Bug description:
== SRU Justification ==
The ldt_gdt_64 x86 selftest segfaults with the currently released Trusty 3.13
kernel. The commit that introduced the segfault is aeb315d60afe ("x86/ldt: Make
modify_ldt synchronous").

== Fix ==
Upstream commit 8ff5bd2e1e27 ("x86/signal/64: Fix SS if needed when
delivering a 64-bit signal"). This commit was found by doing a reverse git
bisect of the upstream kernel (i.e., when did the test stop segfaulting).
The backport of the commit is a simple context adjustment. The second commit
is a pre-requisite which simply renames some defines (no functional changes).

== Regression Potential ==
Low. The commit is very small and isolated and the code path is only executed
in special circumstances (and for x86 only). I built a test kernel and ran the
whole set of x86 selftests and perf NMI test for several hours to verify
stability.

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

Signed-off-by: Andy Lutomirski
Reviewed-by: Borislav Petkov
Cc: Andrew Cooper
Cc: Andy Lutomirski
Cc: Boris Ostrovsky
Cc: Borislav Petkov
Cc: Brian Gerst
Cc: Denys Vlasenko
Cc: H. Peter Anvin
Cc: Jan Beulich
Cc: Konrad Rzeszutek Wilk
Cc: Linus Torvalds
Cc: Peter Zijlstra
Cc: Sasha Levin
Cc: Steven Rostedt
Cc: Thomas Gleixner
Link:
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
Signed-off-by: Ingo Molnar
Signed-off-by: Jiri Slaby
(cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
Signed-off-by: Juerg Haefliger
Signed-off-by: Stefan Bader

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2019-06-13 Thread Juerg Haefliger

** Changed in: linux (Ubuntu)
Status: Incomplete => Invalid

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Invalid
Status in linux source package in Trusty:
Fix Released

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-04-23 Thread Launchpad Bug Tracker

This bug was fixed in the package linux - 3.13.0-145.194

---
linux (3.13.0-145.194) trusty; urgency=medium

  * linux: 3.13.0-145.194 -proposed tracker (LP: #1761430)

  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
- Revert "UBUNTU: SAUCE: x86/mm: Only set IBPB when the new thread cannot
  ptrace current thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch

  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
- [Packaging] include the retpoline extractor in the headers

  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
- [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 
32bit
- x86/paravirt, objtool: Annotate indirect calls
- x86/asm: Stop depending on ptrace.h in alternative.h
- [Packaging] retpoline -- add safe usage hint support
- [Packaging] retpoline-check -- only report additions
- [Packaging] retpoline -- widen indirect call/jmp detection
- [Packaging] retpoline -- elide %rip relative indirections
- [Packaging] retpoline -- clear hint information from packages
- SAUCE: modpost: add discard to non-allocatable whitelist
- KVM: x86: Make indirect calls in emulator speculation safe
- KVM: VMX: Make indirect call speculation safe
- x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
- SAUCE: early/late -- annotate indirect calls in early/late initialisation
  code
- SAUCE: vga_set_mode -- avoid jump tables
- [Config] retpoline -- switch to new format
- [Packaging] retpoline hints -- handle missing files when RETPOLINE not
  enabled
- [Packaging] final-checks -- remove check for empty retpoline files

  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
- [Packaging] retpoline -- elide %cs:0x constants on i386

  * Boot crash with Trusty 3.13 (LP: #1757193)
- Revert "UBUNTU: SAUCE: x86, extable: fix uaccess fixup detection"
- x86/mm: Expand the exception table logic to allow new handling options

  * Segmentation fault in ldt_gdt_64 (LP: #1755817) // CVE-2017-5754
- x86/kvm: Rename VMX's segment access rights defines
- x86/signal/64: Fix SS if needed when delivering a 64-bit signal

 -- Kleber Sacilotto de Souza   Thu, 05 Apr
2018 16:26:39 +0200

** Changed in: linux (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
  Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Trusty:
  Fix Released

Bug description:
  == SRU Justification ==
  The ldt_gdt_64 x86 selftest segfaults with the currently released Trusty 3.13 
kernel. The commit that introduced the segfault is aeb315d60afe ("x86/ldt: Make 
modify_ldt synchronous").

  == Fix ==
  Upstream commit 8ff5bd2e1e27 ("x86/signal/64: Fix SS if needed when 
delivering a 64-bit signal"). This commit was found by doing a reverse git 
bisect of the upstream kernel (i.e., when did the test stop segfaulting).
  The backport of the commit is a simple context adjustment. The second commit 
is a pre-requisite which simply renames some defines (no functional changes).

  == Regression Potential ==
  Low. The commit is very small and isolated and the code path is only executed 
in special circumstances (and for x86 only). I built a test kernel and ran the 
whole set of x86 selftests and perf NMI test for several hours to verify 
stability.

  == Test Case ==
  Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The 
test segfaults consistently.

  Original bug description:

  Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
  selftests.

  git bisect revealed that the following commit introduced the issue:

  commit aeb315d60afee129d32558f4a4b356eec2e7da7b
  Author: Andy Lutomirski 
  Date:   Thu Jul 30 14:31:32 2015 -0700

  x86/ldt: Make modify_ldt synchronous

  CVE-2017-5754

  commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

  modify_ldt() has questionable locking and does not synchronize
  threads.  Improve it: redesign the locking and synchronize all
  threads' LDTs using an IPI on all modifications.

  This will dramatically slow down modify_ldt in multithreaded
  programs, but

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-04-16 Thread Kleber Sacilotto de Souza

Verified the issue to be fixed with Trusty kernel 3.13.0-145.194.

** Tags removed: verification-needed-trusty
** Tags added: verification-done-trusty

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Trusty:
Fix Committed

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-04-16 Thread Kleber Sacilotto de Souza

Note: the issue is only reproducible on a system with more than 1 CPU.
It fails on the "Cross-CPU LDT invalidation" testcase.

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Trusty:
Fix Committed

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-04-09 Thread Kleber Sacilotto de Souza

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'. If the problem still exists,
change the tag 'verification-needed-trusty' to 'verification-failed-
trusty'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-trusty

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Trusty:
Fix Committed

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-04-03 Thread Kleber Sacilotto de Souza

** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Committed

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Trusty:
Fix Committed

== Test Case ==
Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.

Original bug description:

Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

x86/ldt: Make modify_ldt synchronous

CVE-2017-5754

commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.

modify_ldt() has questionable locking and does not synchronize
threads. Improve it: redesign the locking and synchronize all
threads' LDTs using an IPI on all modifications.

This will dramatically slow down modify_ldt in multithreaded
programs, but there shouldn't be any multithreaded programs that
care about modify_ldt's performance in the first place.

This fixes some fallout from the CVE-2015-5157 fixes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-03-22 Thread Juerg Haefliger

** Description changed:

+ == SRU Justification ==
+ The ldt_gdt_64 x86 selftest segfaults with the currently released Trusty 3.13
kernel. The commit that introduced the segfault is aeb315d60afe ("x86/ldt: Make
modify_ldt synchronous").
+
+ == Fix ==
+ Upstream commit 8ff5bd2e1e27 ("x86/signal/64: Fix SS if needed when
delivering a 64-bit signal"). This commit was found by doing a reverse git
bisect of the upstream kernel (i.e., when did the test stop segfaulting).
+
+ == Regression Potential ==
+ Low. The commit is very small and isolated and the code path is only executed
in special circumstances (and for x86 only). I built a test kernel and ran the
whole set of x86 selftests and perf NMI test for several hours to verify
stability.
+
+ == Test Case ==
+ Run the ldt_gdt_64 x86 selftets from a current upstream kernel source. The
test segfaults consistently.
+
+
+ Original bug description:
+
Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
selftests.

git bisect revealed that the following commit introduced the issue:

commit aeb315d60afee129d32558f4a4b356eec2e7da7b
Author: Andy Lutomirski
Date: Thu Jul 30 14:31:32 2015 -0700

- x86/ldt: Make modify_ldt synchronous
-
- CVE-2017-5754
-
- commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
-
- modify_ldt() has questionable locking and does not synchronize
- threads. Improve it: redesign the locking and synchronize all
- threads' LDTs using an IPI on all modifications.
-
- This will dramatically slow down modify_ldt in multithreaded
- programs, but there shouldn't be any multithreaded programs that
- care about modify_ldt's performance in the first place.
-
- This fixes some fallout from the CVE-2015-5157 fixes.
-
- Signed-off-by: Andy Lutomirski
- Reviewed-by: Borislav Petkov
- Cc: Andrew Cooper
- Cc: Andy Lutomirski
- Cc: Boris Ostrovsky
- Cc: Borislav Petkov
- Cc: Brian Gerst
- Cc: Denys Vlasenko
- Cc: H. Peter Anvin
- Cc: Jan Beulich
- Cc: Konrad Rzeszutek Wilk
- Cc: Linus Torvalds
- Cc: Peter Zijlstra
- Cc: Sasha Levin
- Cc: Steven Rostedt
- Cc: Thomas Gleixner
- Link:
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
- Signed-off-by: Ingo Molnar
- Signed-off-by: Jiri Slaby
- (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
- Signed-off-by: Juerg Haefliger
- Signed-off-by: Stefan Bader
+ x86/ldt: Make modify_ldt synchronous
+
+ CVE-2017-5754
+
+ commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
+
+ modify_ldt() has questionable locking and does not synchronize
+ threads. Improve it: redesign the locking and synchronize all
+ threads' LDTs using an IPI on all modifications.
+
+ This will dramatically slow down modify_ldt in multithreaded
+ programs, but there shouldn't be any multithreaded programs that
+ care about modify_ldt's performance in the first place.
+
+ This fixes some fallout from the CVE-2015-5157 fixes.
+
+ Signed-off-by: Andy Lutomirski
+ Reviewed-by: Borislav Petkov
+ Cc: Andrew Cooper
+ Cc: Andy Lutomirski
+ Cc: Boris Ostrovsky
+ Cc: Borislav Petkov
+ Cc: Brian Gerst
+ Cc: Denys Vlasenko
+ Cc: H. Peter Anvin
+ Cc: Jan Beulich
+ Cc: Konrad Rzeszutek Wilk
+ Cc: Linus Torvalds
+ Cc: Peter Zijlstra
+ Cc: Sasha Levin
+ Cc: Steven Rostedt
+ Cc: Thomas Gleixner
+ Link:
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
+ Signed-off-by: Ingo Molnar
+ Signed-off-by: Jiri Slaby
+ (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
+ Signed-off-by: Juerg Haefliger
+ Signed-off-by: Stefan Bader

** Description changed:

== SRU Justification ==
The ldt_gdt_64 x86 selftest segfaults with the currently released Trusty 3.13
kernel. The commit that introduced

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-03-14 Thread Juerg Haefliger

** Changed in: linux (Ubuntu Trusty)
 Assignee: (unassigned) => Juerg Haefliger (juergh)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
  Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Trusty:
  New

Bug description:
  Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
  selftests.

  git bisect revealed that the following commit introduced the issue:

  commit aeb315d60afee129d32558f4a4b356eec2e7da7b
  Author: Andy Lutomirski 
  Date:   Thu Jul 30 14:31:32 2015 -0700

  x86/ldt: Make modify_ldt synchronous
  
  CVE-2017-5754
  
  commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
  
  modify_ldt() has questionable locking and does not synchronize
  threads.  Improve it: redesign the locking and synchronize all
  threads' LDTs using an IPI on all modifications.
  
  This will dramatically slow down modify_ldt in multithreaded
  programs, but there shouldn't be any multithreaded programs that
  care about modify_ldt's performance in the first place.
  
  This fixes some fallout from the CVE-2015-5157 fixes.
  
  Signed-off-by: Andy Lutomirski 
  Reviewed-by: Borislav Petkov 
  Cc: Andrew Cooper 
  Cc: Andy Lutomirski 
  Cc: Boris Ostrovsky 
  Cc: Borislav Petkov 
  Cc: Brian Gerst 
  Cc: Denys Vlasenko 
  Cc: H. Peter Anvin 
  Cc: Jan Beulich 
  Cc: Konrad Rzeszutek Wilk 
  Cc: Linus Torvalds 
  Cc: Peter Zijlstra 
  Cc: Sasha Levin 
  Cc: Steven Rostedt 
  Cc: Thomas Gleixner 
  Link: 
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
  Signed-off-by: Ingo Molnar 
  Signed-off-by: Jiri Slaby 
  (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
  Signed-off-by: Juerg Haefliger 
  Signed-off-by: Stefan Bader 

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-03-14 Thread Juerg Haefliger

** Description changed:

  Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
  selftests.
  
  git bisect revealed that the following commit introduced the issue:
- 706276543b69 ("x86, extable: Switch to relative exception table entries")
+ 
+ commit aeb315d60afee129d32558f4a4b356eec2e7da7b
+ Author: Andy Lutomirski 
+ Date:   Thu Jul 30 14:31:32 2015 -0700
+ 
+ x86/ldt: Make modify_ldt synchronous
+ 
+ CVE-2017-5754
+ 
+ commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
+ 
+ modify_ldt() has questionable locking and does not synchronize
+ threads.  Improve it: redesign the locking and synchronize all
+ threads' LDTs using an IPI on all modifications.
+ 
+ This will dramatically slow down modify_ldt in multithreaded
+ programs, but there shouldn't be any multithreaded programs that
+ care about modify_ldt's performance in the first place.
+ 
+ This fixes some fallout from the CVE-2015-5157 fixes.
+ 
+ Signed-off-by: Andy Lutomirski 
+ Reviewed-by: Borislav Petkov 
+ Cc: Andrew Cooper 
+ Cc: Andy Lutomirski 
+ Cc: Boris Ostrovsky 
+ Cc: Borislav Petkov 
+ Cc: Brian Gerst 
+ Cc: Denys Vlasenko 
+ Cc: H. Peter Anvin 
+ Cc: Jan Beulich 
+ Cc: Konrad Rzeszutek Wilk 
+ Cc: Linus Torvalds 
+ Cc: Peter Zijlstra 
+ Cc: Sasha Levin 
+ Cc: Steven Rostedt 
+ Cc: Thomas Gleixner 
+ Link: 
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
+ Signed-off-by: Ingo Molnar 
+ Signed-off-by: Jiri Slaby 
+ (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
+ Signed-off-by: Juerg Haefliger 
+ Signed-off-by: Stefan Bader 

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
  Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Trusty:
  New

Bug description:
  Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
  selftests.

  git bisect revealed that the following commit introduced the issue:

  commit aeb315d60afee129d32558f4a4b356eec2e7da7b
  Author: Andy Lutomirski 
  Date:   Thu Jul 30 14:31:32 2015 -0700

  x86/ldt: Make modify_ldt synchronous
  
  CVE-2017-5754
  
  commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
  
  modify_ldt() has questionable locking and does not synchronize
  threads.  Improve it: redesign the locking and synchronize all
  threads' LDTs using an IPI on all modifications.
  
  This will dramatically slow down modify_ldt in multithreaded
  programs, but there shouldn't be any multithreaded programs that
  care about modify_ldt's performance in the first place.
  
  This fixes some fallout from the CVE-2015-5157 fixes.
  
  Signed-off-by: Andy Lutomirski 
  Reviewed-by: Borislav Petkov 
  Cc: Andrew Cooper 
  Cc: Andy Lutomirski 
  Cc: Boris Ostrovsky 
  Cc: Borislav Petkov 
  Cc: Brian Gerst 
  Cc: Denys Vlasenko 
  Cc: H. Peter Anvin 
  Cc: Jan Beulich 
  Cc: Konrad Rzeszutek Wilk 
  Cc: Linus Torvalds 
  Cc: Peter Zijlstra 
  Cc: Sasha Levin 
  Cc: Steven Rostedt 
  Cc: Thomas Gleixner 
  Link: 
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
  Signed-off-by: Ingo Molnar 
  Signed-off-by: Jiri Slaby 
  (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
  Signed-off-by: Juerg Haefliger 
  Signed-off-by: Stefan Bader 

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

2018-03-14 Thread Thadeu Lima de Souza Cascardo

** Also affects: linux (Ubuntu Trusty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755817

Title:
  Segmentation fault in ldt_gdt_64

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Trusty:
  New

Bug description:
  Trusty 3.13 segfaults when running ldt_gdt_64 from the kernel's x86
  selftests.

  git bisect revealed that the following commit introduced the issue:

  commit aeb315d60afee129d32558f4a4b356eec2e7da7b
  Author: Andy Lutomirski 
  Date:   Thu Jul 30 14:31:32 2015 -0700

  x86/ldt: Make modify_ldt synchronous
  
  CVE-2017-5754
  
  commit 37868fe113ff2ba814b3b4eb12df214df555f8dc upstream.
  
  modify_ldt() has questionable locking and does not synchronize
  threads.  Improve it: redesign the locking and synchronize all
  threads' LDTs using an IPI on all modifications.
  
  This will dramatically slow down modify_ldt in multithreaded
  programs, but there shouldn't be any multithreaded programs that
  care about modify_ldt's performance in the first place.
  
  This fixes some fallout from the CVE-2015-5157 fixes.
  
  Signed-off-by: Andy Lutomirski 
  Reviewed-by: Borislav Petkov 
  Cc: Andrew Cooper 
  Cc: Andy Lutomirski 
  Cc: Boris Ostrovsky 
  Cc: Borislav Petkov 
  Cc: Brian Gerst 
  Cc: Denys Vlasenko 
  Cc: H. Peter Anvin 
  Cc: Jan Beulich 
  Cc: Konrad Rzeszutek Wilk 
  Cc: Linus Torvalds 
  Cc: Peter Zijlstra 
  Cc: Sasha Levin 
  Cc: Steven Rostedt 
  Cc: Thomas Gleixner 
  Link: 
http://lkml.kernel.org/r/4c6978476782160600471bd865b318db34c7b628.1438291540.git.l...@kernel.org
  Signed-off-by: Ingo Molnar 
  Signed-off-by: Jiri Slaby 
  (cherry picked from commit 62fc7228f8cc8c89ecbd37008a0495ac28e41c5c)
  Signed-off-by: Juerg Haefliger 
  Signed-off-by: Stefan Bader 

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755817/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

[Kernel-packages] [Bug 1755817] Re: Segmentation fault in ldt_gdt_64

11 matches

Site Navigation

Mail list logo

Footer information