Computing

A Microsoft-Contributed Change To Linux 6.13 Is Causing A Last Minute Ruckus

News Room
News Room

A change to the Linux 6.13 kernel contributed by a Microsoft engineer ended up changing Linux x86_64 code without proper authorization and in turn causing troubles for users and now set to be disabled ahead of the Linux 6.13 stable release expected next Sunday.

Back in November during the Linux 6.13 merge window was an interesting improvement to kernel modules contributed by a Microsoft engineer. The patches adapt Linux x86_64 to use large read only execute (ROX) pages for allocations of executable kernel. And in turn the large ROX pages to map text areas ends up reducing instruction TLB pressure and improving performance.

But it turns out this code breaks some Control Flow Integrity (CFI) enabled setups and leads to situations like failing to resume from hibernation on some Intel laptops.

Disable ROX

Intel engineer Peter Zijlstra queued up a patch this morning to tip/tip.git’s “x86/urgent” branch that in turn disables the EXECMEM_ROX support. He explained in this patch that will be submitted to Linus Torvalds with this week’s x86/urgent pull request:

“x86: Disable EXECMEM_ROX support

The whole module_writable_address() nonsense made a giant mess of alternative.c, not to mention it still contains bugs — notable some of the CFI variants crash and burn.

Mike has been working on patches to clean all this up again, but given the current state of things, this stuff just isn’t ready.

Disable for now, lets try again next cycle.”

The patch is leaving the EXECMEM_ROX code in place but making the Kconfig one-liner change so it won’t be built for the Linux x86_64 kernel builds.

Additionally, it turns out the Linux x86/x86_64 maintainers hadn’t even signed off on this change that was merged to the mainline Linux kernel. Longtime Linux developer Borislav Petkov of AMD remarked:

“I just love it how this went in without a single x86 maintainer Ack [acknowledgement], it broke a bunch of things and then it is still there instead of getting reverted.

Let’s not do this again please.”

Hopefully EXECMEM_ROX will come better-baked for the Linux v6.14 kernel cycle…

Share This Article
Previous Article Urgent iPhone warning over new bank raiding text that turns off scam protection
Next Article Texans coach Ryans fires back at ESPN star Rex Ryan after ‘bye week’ comment
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

China’s Horizon Robotics envisions to offer truly hands-off driving in three years · TechNode
Computing
Meta to fire thousands of staff as Zuckerberg warns of ‘intense year’
News
Realme P3 Pro appears on BIS; Here are the details
Mobile
2 private lunar landers head toward the moon in a roundabout journey
News
Lost your password?