Comment 19 for bug 2032176

I dug a little deeper and this is possibly a missing fixup to the patches added for fixing CVE-2023-0597 ("x86/mm: Randomize per-cpu entry area"). This pulled in the following change as a pre-req:

commit e131d62bc709a4aa437bd92686d95a8c96227ed7
Author: Andrey Ryabinin <email address hidden>
Date: Thu Jun 8 05:10:51 2023 +0300

    x86/kasan: Map shadow for percpu pages on demand

This had a couple of fixups but we seem to miss the following:

commit 1cfaac2400c73378e78182a706be0f3ac8b93cd7
Author: Sean Christopherson <email address hidden>
Date: Thu Nov 10 20:35:04 2022 +0000

    x86/kasan: Populate shadow for shared chunk of the CPU entry area

    Popuplate the shadow for the shared portion of the CPU entry area, i.e.
    the read-only IDT mapping, during KASAN initialization. A recent change
    modified KASAN to map the per-CPU areas on-demand, but forgot to keep a
    shadow for the common area that is shared amongst all CPUs.

    Map the common area in KASAN init instead of letting idt_map_in_cea() do
    the dirty work so that it Just Works in the unlikely event more shared
    data is shoved into the CPU entry area.

    The bug manifests as a not-present #PF when software attempts to lookup
    an IDT entry, e.g. when KVM is handling IRQs on Intel CPUs (KVM performs
    direct CALL to the IRQ handler to avoid the overhead of INTn):

     BUG: unable to handle page fault for address: fffffbc0000001d8
     #PF: supervisor read access in kernel mode
     #PF: error_code(0x0000) - not-present page
     PGD 16c03a067 P4D 16c03a067 PUD 0
     Oops: 0000 [#1] PREEMPT SMP KASAN
  ...

However the Oops we see has no KASAN set, so I am not completely sure. If I would provide an unsigned(!) test kernel in a PPA, would you be able to get that installed in a juju runner manually?