TLB updates from 4.14 for linux-azure

Bug #1729412 reported by David Coronel
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux-azure (Ubuntu)
Marcelo Cerri
Marcelo Cerri

Bug Description

This request is based on a patch series from linux-next:

commit ab7ff471aa5db670197070760f022622793da7e5
Author: Marcelo Henrique Cerri <email address hidden>
Date: Thu Oct 5 10:34:29 2017 -0300

    x86/hyperv: Fix hypercalls with extended CPU ranges for TLB flushing

    Do not consider the fixed size of hv_vp_set when passing the variable
    header size to hv_do_rep_hypercall().

    The Hyper-V hypervisor specification states that for a hypercall with a
    variable header only the size of the variable portion should be supplied
    via the input control.

    fixed portion of hv_vp_set should not be considered.

    That fixes random failures of some applications that are unexpectedly
    killed with SIGBUS or SIGSEGV.

commit 60d73a7c96601434dfdb56d5b9167ff3b850d8d7
Author: Vitaly Kuznetsov <email address hidden>
Date: Thu Oct 5 13:39:24 2017 +0200

    x86/hyperv: Don't use percpu areas for pcpu_flush/pcpu_flush_ex structures

    hv_do_hypercall() does virt_to_phys() translation and with some configs
    (CONFIG_SLAB) this doesn't work for percpu areas, we pass wrong memory to
    hypervisor and get #GP. We could use working slow_virt_to_phys() instead
    but doing so kills the performance.

    Move pcpu_flush/pcpu_flush_ex structures out of percpu areas and
    allocate memory on first call. The additional level of indirection gives
    us a small performance penalty, in future we may consider introducing
    hypercall functions which avoid virt_to_phys() conversion and cache
    physical addresses of pcpu_flush/pcpu_flush_ex structures somewhere.

commit a3b7424392924e778b608e30ee321f7b10cc94b8
Author: Vitaly Kuznetsov <email address hidden>
Date: Fri Oct 6 17:48:54 2017 +0200

    x86/hyperv: Clear vCPU banks between calls to avoid flushing unneeded vCPUs

    hv_flush_pcpu_ex structures are not cleared between calls for performance
    reasons (they're variable size up to PAGE_SIZE each) but we must clear
    hv_vp_set.bank_contents part of it to avoid flushing unneeded vCPUs. The
    rest of the structure is formed correctly.

    To do the clearing in an efficient way stash the maximum possible vCPU
    number (this may differ from Linux CPU id).

Joshua R. Poulson (jrp)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-azure (Ubuntu):
status: New → Confirmed
Revision history for this message
Joshua R. Poulson (jrp) wrote :
Revision history for this message
Marcelo Cerri (mhcerri) wrote :
Changed in linux-azure (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Marcelo Cerri (mhcerri)
Revision history for this message
Marcelo Cerri (mhcerri) wrote :

I built test kernel based on the pull request above:

Marcelo Cerri (mhcerri)
information type: Private → Public
Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Xenial):
status: New → In Progress
assignee: nobody → Marcelo Cerri (mhcerri)
Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu):
status: In Progress → Fix Committed
Changed in linux-azure (Ubuntu Xenial):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (107.7 KiB)

This bug was fixed in the package linux-azure - 4.13.0-1005.7

linux-azure (4.13.0-1005.7) xenial; urgency=low

  * linux-azure: 4.13.0-1005.7 -proposed tracker (LP: #1741957)

  * CVE-2017-5754
    - Revert "UBUNTU: [Config] azure: updateconfigs to enable PTI"
    - [Config] azure: Enable PTI with UNWINDER_FRAME_POINTER

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

linux-azure (4.13.0-1004.6) xenial; urgency=low

  * linux-azure: 4.13.0-1004.6 -proposed tracker (LP: #1741747)

  [ Ubuntu: 4.13.0-24.28 ]

  * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745)
  * CVE-2017-5754
    - x86/cpu, x86/pti: Do not enable PTI on AMD processors

linux-azure (4.13.0-1003.5) xenial; urgency=low

  * linux-azure: 4.13.0-1003.5 -proposed tracker (LP: #1741557)

  * CVE-2017-5754
    - [Config] azure: updateconfigs to enable PTI

  [ Ubuntu: 4.13.0-23.27 ]

  * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556)
  * CVE-2017-5754
    - x86/mm: Add the 'nopcid' boot option to turn off PCID
    - x86/mm: Enable CR4.PCIDE on supported systems
    - x86/mm: Document how CR4.PCIDE restore works
    - x86/entry/64: Refactor IRQ stacks and make them NMI-safe
    - x86/entry/64: Initialize the top of the IRQ stack before switching stacks
    - x86/entry/64: Add unwind hint annotations
    - xen/x86: Remove SME feature in PV guests
    - x86/xen/64: Rearrange the SYSCALL entries
    - irq: Make the irqentry text section unconditional
    - x86/xen/64: Fix the reported SS and CS in SYSCALL
    - x86/paravirt/xen: Remove xen_patch()
    - x86/traps: Simplify pagefault tracing logic
    - x86/idt: Unify gate_struct handling for 32/64-bit kernels
    - x86/asm: Replace access to desc_struct:a/b fields
    - x86/xen: Get rid of paravirt op adjust_exception_frame
    - x86/paravirt: Remove no longer used paravirt functions
    - x86/entry: Fix idtentry unwind hint
    - x86/mm/64: Initialize CR4.PCIDE early
    - objtool: Add ORC unwind table generation
    - objtool, x86: Add facility for asm code to provide unwind hints
    - x86/unwind: Add the ORC unwinder
    - x86/kconfig: Consolidate unwinders into multiple choice selection
    - objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER
    - x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry
    - x86/mm: Give each mm TLB flush generation a unique ID
    - x86/mm: Track the TLB's tlb_gen and update the flushing algorithm
    - x86/mm: Rework lazy TLB mode and TLB freshness tracking
    - x86/mm: Implement PCID based optimization: try to preserve old TLB entries
      using PCID
    - x86/mm: Factor out CR3-building code
    - x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code
    - x86/mm: Flush more aggressively in lazy TLB mode
    - Revert "x86/mm: Stop calling leave_mm() in idle code"
    - kprobes/x86: Set up frame pointer in kprobe trampoline
    - x86/tracing: Introduce a static key for exception tracing
    - x86/boot: Add early cmdline parsing for options with arguments
    - mm, x86/mm...

Changed in linux-azure (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers