Linux Kernel Page Table Synchronization Vulnerability in 4-Level Paging with Persistent Memory

A vulnerability in the Linux kernel has been identified, which causes intermittent boot failures on machines using 4-level paging and a large amount of persistent memory. The issue arises because the kernel panics while initializing the vmemmap (struct page array) when the vmemmap region spans two PGD entries. The new PGD entry is only installed in init_mm.pgd, not in the page tables of other tasks. This desynchronization leads to a page fault error, causing the kernel to crash.

Impact

The vulnerability can cause a kernel panic, leading to a crash of the operating system.

Reproduction

The vulnerability can be reproduced by booting a machine with 4-level paging and a large amount of persistent memory. During the boot process, the kernel will encounter a page fault for a not-present page, leading to a crash. This issue can also be triggered by accessing the vmemmap area before the corresponding top-level entries in the page tables have been synchronized, which can happen if the vmemmap optimization is enabled.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. These patches move the page table synchronization declarations to a central header file, ensuring that the synchronization is properly handled and reducing the risk of future regressions.