On Sun, Aug 04, 2024 at 01:46:45AM +0200, Ben Hutchings wrote:
On Tue, 2024-07-30 at 17:46 +0200, Greg Kroah-Hartman wrote:
6.10-stable review patch. If anyone has any objections, please let me know.
From: Yang Shi yang@os.amperecomputing.com
commit d9592025000b3cf26c742f3505da7b83aedc26d5 upstream.
Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT.
!CONFIG_64BIT should cover all 32 bit machines.
[1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c...
Link: https://lkml.kernel.org/r/20240712155855.1130330-1-yang@os.amperecomputing.c... Fixes: 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit")
[...]
The original breakage actually occurred in 5.18 with this commit:
commit 1854bc6e2420472676c5c90d3d6b15f6cd640e40 Author: William Kucharski william.kucharski@oracle.com Date: Sun Sep 22 08:43:15 2019 -0400 mm/readahead: Align file mappings for non-DAX
The previous fix referred to above (commit 4ef9ad19e176) was already backported to 6.1 and 6.7, and CVE-2024-26621 was assigned to the bug.
This new fix also needs to be applied to 6.1. *Both* fixes need to be applied to 6.6 since the previous fix missed this branch.
I believe a new CVE ID also needs to be assigned to cover the architectures missed in the previous fix. So far as I can see, the only architectures supporting huge pages on 32-bit CPUs (as of 6.11-rc1) are arc, arm, mips, and x86. Of those only mips defines CONFIG_32BIT in 32-bit configurations, and was covered by the previous fix. The other three are covered by the new fix.
To summarise:
CVE-2024-26621:
- covers 64-bit compat and mips32 native
- fixed by commit 4ef9ad19e176
- fix is needed in 6.6
Now queued up for 6.6.y, thanks.
CVE ID to be assigned:
- covers arc, arm, and x86_32 native
- fixed by commit d9592025000b
- fix is needed in 6.1 and 6.6
Now queued up, I'll go assign a CVE now, thanks!
greg k-h