CVE-2023-53070

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent<br /> <br /> Commit 0c80f9e165f8 ("ACPI: PPTT: Leave the table mapped for the runtime usage")<br /> enabled to map PPTT once on the first invocation of acpi_get_pptt() and<br /> never unmapped the same allowing it to be used at runtime with out the<br /> hassle of mapping and unmapping the table. This was needed to fetch LLC<br /> information from the PPTT in the cpuhotplug path which is executed in<br /> the atomic context as the acpi_get_table() might sleep waiting for a<br /> mutex.<br /> <br /> However it missed to handle the case when there is no PPTT on the system<br /> which results in acpi_get_pptt() being called from all the secondary<br /> CPUs attempting to fetch the LLC information in the atomic context<br /> without knowing the absence of PPTT resulting in the splat like below:<br /> <br /> | BUG: sleeping function called from invalid context at kernel/locking/semaphore.c:164<br /> | in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1<br /> | preempt_count: 1, expected: 0<br /> | RCU nest depth: 0, expected: 0<br /> | no locks held by swapper/1/0.<br /> | irq event stamp: 0<br /> | hardirqs last enabled at (0): 0x0<br /> | hardirqs last disabled at (0): copy_process+0x61c/0x1b40<br /> | softirqs last enabled at (0): copy_process+0x61c/0x1b40<br /> | softirqs last disabled at (0): 0x0<br /> | CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.3.0-rc1 #1<br /> | Call trace:<br /> | dump_backtrace+0xac/0x138<br /> | show_stack+0x30/0x48<br /> | dump_stack_lvl+0x60/0xb0<br /> | dump_stack+0x18/0x28<br /> | __might_resched+0x160/0x270<br /> | __might_sleep+0x58/0xb0<br /> | down_timeout+0x34/0x98<br /> | acpi_os_wait_semaphore+0x7c/0xc0<br /> | acpi_ut_acquire_mutex+0x58/0x108<br /> | acpi_get_table+0x40/0xe8<br /> | acpi_get_pptt+0x48/0xa0<br /> | acpi_get_cache_info+0x38/0x140<br /> | init_cache_level+0xf4/0x118<br /> | detect_cache_attributes+0x2e4/0x640<br /> | update_siblings_masks+0x3c/0x330<br /> | store_cpu_topology+0x88/0xf0<br /> | secondary_start_kernel+0xd0/0x168<br /> | __secondary_switched+0xb8/0xc0<br /> <br /> Update acpi_get_pptt() to consider the fact that PPTT is once checked and<br /> is not available on the system and return NULL avoiding any attempts to<br /> fetch PPTT and thereby avoiding any possible sleep waiting for a mutex<br /> in the atomic context.