CVE-2023-54267

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT<br /> <br /> lppaca_shared_proc() takes a pointer to the lppaca which is typically<br /> accessed through get_lppaca(). With DEBUG_PREEMPT enabled, this leads<br /> to checking if preemption is enabled, for example:<br /> <br /> BUG: using smp_processor_id() in preemptible [00000000] code: grep/10693<br /> caller is lparcfg_data+0x408/0x19a0<br /> CPU: 4 PID: 10693 Comm: grep Not tainted 6.5.0-rc3 #2<br /> Call Trace:<br /> dump_stack_lvl+0x154/0x200 (unreliable)<br /> check_preemption_disabled+0x214/0x220<br /> lparcfg_data+0x408/0x19a0<br /> ...<br /> <br /> This isn&amp;#39;t actually a problem however, as it does not matter which<br /> lppaca is accessed, the shared proc state will be the same.<br /> vcpudispatch_stats_procfs_init() already works around this by disabling<br /> preemption, but the lparcfg code does not, erroring any time<br /> /proc/powerpc/lparcfg is accessed with DEBUG_PREEMPT enabled.<br /> <br /> Instead of disabling preemption on the caller side, rework<br /> lppaca_shared_proc() to not take a pointer and instead directly access<br /> the lppaca, bypassing any potential preemption checks.<br /> <br /> [mpe: Rework to avoid needing a definition in paca.h and lppaca.h]