[Kernel-packages] [Bug 1858815] Re: PAN is broken for execute-only user mappings on ARMv8

Mon, 27 Jan 2020 10:51:47 -0800 

This bug was fixed in the package linux - 4.15.0-76.86

---------------
linux (4.15.0-76.86) bionic; urgency=medium

  * bionic/linux: 4.15.0-76.86 -proposed tracker (LP: #1860123)

  *  Integrate Intel SGX driver into linux-azure (LP: #1844245)
    - [Packaging] Add systemd service to load intel_sgx

  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
    (LP: #1853326) // Bionic kernel panic on Cavium ThunderX CN88XX
    (LP: #1853485) // Cavium ThunderX CN88XX crashes on boot (LP: #1857074)
    - arm64: Check for errata before evaluating cpu features
    - arm64: add sentinel to kpti_safe_list

linux (4.15.0-75.85) bionic; urgency=medium

  * bionic/linux: 4.15.0-75.85 -proposed tracker (LP: #1859705)

  * use-after-free in i915_ppgtt_close (LP: #1859522) // CVE-2020-7053
    - SAUCE: drm/i915: Fix use-after-free when destroying GEM context

  * CVE-2019-14615
    - drm/i915/gen9: Clear residual context state on context switch

  * PAN is broken for execute-only user mappings on ARMv8 (LP: #1858815)
    - arm64: Revert support for execute-only user mappings

  * [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
    (LP: #1856608)
    - SAUCE: Revert "usb: handle warm-reset port requests on hub resume"

  * Miscellaneous Ubuntu changes
    - update dkms package versions

 -- Marcelo Henrique Cerri <marcelo.ce...@canonical.com>  Fri, 17 Jan
2020 10:59:22 -0300

** Changed in: linux (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1858815

Title:
  PAN is broken for execute-only user mappings on ARMv8

Status in linux package in Ubuntu:
  Fix Committed
Status in linux source package in Bionic:
  Fix Released
Status in linux source package in Disco:
  Fix Released
Status in linux source package in Eoan:
  Fix Released
Status in linux source package in Focal:
  Fix Committed

Bug description:
  [Impact]

  It was discovered that upstream kernel commit cab15ce604e5 ("arm64:
  Introduce execute-only page access permissions"), which introduced
  execute-only user mappings, subverted the Privileged Access Never
  protections.

  The fix is to effectively revert commit cab15ce604e5. This is done in
  upstream kernel commit 24cecc377463 ("arm64: Revert support for
  execute-only user mappings").

  [Test Case]

  I'm not aware of any PAN test cases. Booting our arm64 kernels on an
  ARMv8 device and running through our typical regression tests is
  probably the best we can do at this time.

  [Regression Potential]

  Touching the page handling code always carries significant risk.
  However, the fix is simply reverting the change that added the
  execute-only user mappings feature in v4.9.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1858815/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to