Intel and AMD engineers stepped in for the 11th time to address code contributions from Microsoft developers that could break Linux 6.13 on some systems.
At face value, this change, made in the fall, was a beneficial improvement. This was a change to Linux x86_64 to use large read-only execution (ROX) pages for caching executable pages. The theory was that the changes would improve performance.
However, this code is causing problems in some setups, and yesterday Intel’s Peter Zijlstra committed an emergency patch to disable this code. The stable release of the 6.13 kernel was scheduled for this weekend.
Zijlstra writes: “The whole module_writable_address() nonsense has wreaked havoc on alternative.c. Needless to say, it still contains bugs — some notable (sic) CFI variants have crashed and burned. Masu.
Control Flow Integrity (CFI) is an anti-malware technology that aims to prevent attackers from redirecting a program’s control flow. This change may cause issues with some CFI-enabled setups, including reports of Intel Alder Lake machines being unable to resume from hibernation.
Zijlstra said Microsoft engineers are “working on a patch to make all of this clean again, but it’s not ready yet given the current situation. Disable it for now and try again next cycle.” Let’s do it.”
The source of the problem still exists, but will not be included in future stable kernel builds.
AMD engineer Borislav Petkov pointed out that the maintainers of Linux x86_64 have not approved this change and commented: It will be undone, so please stop. ”
Microsoft is notorious for having questionable quality control standards for releases of its flagship operating system, Windows. It’s not really surprising that one of the company’s engineers would drop dangerous code into the Linux kernel. Regardless of the employer, the unfortunate individual is not the first to do such a thing and will not be the last.
However, there are concerns about the process that allowed it to remain in the build this close to public release. It’s interesting, but alarming, that both Intel and AMD engineers were involved in addressing an issue contributed by Microsoft engineers that never made it to a stable release. Petkov is not alone in wondering how changes were made without review by Linux x86/x86_64 maintainers. ®
