Hi,
On Thu, Dec 17, 2020 at 08:08:28PM +0000, Noah Meyerhans wrote:
> Package: src:linux
> Version: 4.19.160-2
> Severity: important
> Tags: upstream fixed-upstream
> Control: fixed -1 5.9.15-1
> Control: fixed -1 5.10~rc7-1~exp1
> Control: found -1 5.9.11-1
>
> Opening a bug for visibility. Arguably this could be Severity: grave given
> that memory corruption can lead to data loss. It has been fixed upstream in
> 4.19.161, 5.9.12, and 5.10. I'm not sure about the status for 4.9/stretch
> LTS.
>
> There is a memory corruption bug impacting arm64. The upstream fix was made
> in 5.10 with commit ff1712f953e2 ("arm64: pgtable: Ensure dirty bit is
> preserved across pte_wrprotect()"). The upstream commit [1] describes the
> issue as:
>
> With hardware dirty bit management, calling pte_wrprotect() on a
> writable, dirty PTE will lose the dirty state and return a
> read-only, clean entry.
>
> Impact from the issue has been observed in the real world on systems running
> redis, as described at https://github.com/redis/redis/issues/8124 (note in
> particular comments [2] and [3], where the kernel connection is made).
>
> 1.
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff1712f953e27f0b0718762ec17d0adb15c9fd0b
> 2. https://github.com/redis/redis/issues/8124#issuecomment-745791340
> 3. https://github.com/redis/redis/issues/8124#issuecomment-745838911
Thanks. Pending currently with the ongoing rebase in the v4.19.y
series in
https://salsa.debian.org/kernel-team/linux/-/merge_requests/295 .
Just we need to check if this warrants a regression update issued
earlier via stable-updates.
Salvatore
