Re: [PATCH 6.10 534/809] mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 2024-07-30 at 17:46 +0200, Greg Kroah-Hartman wrote:
> 6.10-stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Yang Shi <yang@xxxxxxxxxxxxxxxxxxxxxx>
> 
> commit d9592025000b3cf26c742f3505da7b83aedc26d5 upstream.
> 
> Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't
> force huge page alignment on 32 bit") didn't work for x86_32 [1].  It is
> because x86_32 uses CONFIG_X86_32 instead of CONFIG_32BIT.
> 
> !CONFIG_64BIT should cover all 32 bit machines.
> 
> [1] https://lore.kernel.org/linux-mm/CAHbLzkr1LwH3pcTgM+aGQ31ip2bKqiqEQ8=FQB+t2c3dhNKNHA@xxxxxxxxxxxxxx/
> 
> Link: https://lkml.kernel.org/r/20240712155855.1130330-1-yang@xxxxxxxxxxxxxxxxxxxxxx
> Fixes: 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit")
[...]

The original breakage actually occurred in 5.18 with this commit:

commit 1854bc6e2420472676c5c90d3d6b15f6cd640e40
Author: William Kucharski <william.kucharski@xxxxxxxxxx>
Date:   Sun Sep 22 08:43:15 2019 -0400
 
    mm/readahead: Align file mappings for non-DAX

The previous fix referred to above (commit 4ef9ad19e176) was already
backported to 6.1 and 6.7, and CVE-2024-26621 was assigned to the bug.

This new fix also needs to be applied to 6.1.  *Both* fixes need to be
applied to 6.6 since the previous fix missed this branch.

I believe a new CVE ID also needs to be assigned to cover the
architectures missed in the previous fix.  So far as I can see, the
only architectures supporting huge pages on 32-bit CPUs (as of
6.11-rc1) are arc, arm, mips, and x86.  Of those only mips defines
CONFIG_32BIT in 32-bit configurations, and was covered by the previous
fix.  The other three are covered by the new fix.

To summarise:

CVE-2024-26621:
- covers 64-bit compat and mips32 native
- fixed by commit 4ef9ad19e176
- fix is needed in 6.6

CVE ID to be assigned:
- covers arc, arm, and x86_32 native
- fixed by commit d9592025000b
- fix is needed in 6.1 and 6.6

Ben.

-- 
Ben Hutchings
To err is human; to really foul things up requires a computer.

Attachment: signature.asc
Description: This is a digitally signed message part

[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux