** Summary changed:
- L1TF mitigation not effective
+ L1TF mitigation not effective in some CPU and RAM combinations
** Description changed:
== SRU Justification ==
This regression has been reported in multiple bugs and affects Trust,
Xenial and Bionic. All releases need different backports, so T and X
will be sent in separate SRU requests.
- Due to this regression L1TF mitigation not effective.
+ Due to this bug in the original L1TF patch set, L1TF mitigation not
+ effective in certain CPU and installed RAM configurations.
== Fixes ==
9df9516940a6 ("x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on
32bit")
b0a182f87568 ("x86/speculation/l1tf: Fix off-by-one error when warning that
system has too much RAM")
cc51e5428ea5 ("x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+")
== Regression Potential ==
Low. These are security fixes and have all been cc'd to upstream
stable, so they have had additional upstream review.
== Test Case ==
A test kernel was built with these patches and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
-
Lenovo Thinkpad W530 system with 32 GB RAM
dmesg | grep -i l1tf
[ 0.038386] L1TF: System has more than MAX_PA/2 memory. L1TF mitigation
not effective.
[ 2652.469669] L1TF CPU bug present and SMT on, data leak possible. See
CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html
for details.
Related:
https://bugzilla.opensuse.org/show_bug.cgi?id=1105536
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-32-generic 4.15.0-32.35
ProcVersionSignature: Ubuntu 4.15.0-32.35-generic 4.15.18
Uname: Linux 4.15.0-32-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/controlC0: pgera 2809 F.... pulseaudio
CurrentDesktop: Unity:Unity7:ubuntu
Date: Thu Aug 23 03:38:40 2018
InstallationDate: Installed on 2018-08-11 (12 days ago)
InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64
(20180725)
MachineType: LENOVO 24382LU
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-32-generic
root=UUID=e2607c8a-4bd1-49fe-ad07-83046492fac5 ro quiet splash vt.handoff=1
RelatedPackageVersions:
linux-restricted-modules-4.15.0-32-generic N/A
linux-backports-modules-4.15.0-32-generic N/A
linux-firmware 1.173.1
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 06/11/2018
dmi.bios.vendor: LENOVO
dmi.bios.version: G5ETB2WW (2.72 )
dmi.board.asset.tag: Not Available
dmi.board.name: 24382LU
dmi.board.vendor: LENOVO
dmi.board.version: NO DPK
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: Not Available
dmi.modalias:
dmi:bvnLENOVO:bvrG5ETB2WW(2.72):bd06/11/2018:svnLENOVO:pn24382LU:pvrThinkPadW530:rvnLENOVO:rn24382LU:rvrNODPK:cvnLENOVO:ct10:cvrNotAvailable:
dmi.product.family: ThinkPad W530
dmi.product.name: 24382LU
dmi.product.version: ThinkPad W530
dmi.sys.vendor: LENOVO
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1788563
Title:
L1TF mitigation not effective in some CPU and RAM combinations
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1788563/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
