CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: stmmac: protect updates of 64-bit statistics counters<br /> <br /> As explained by a comment in , write side of struct<br /> u64_stats_sync must ensure mutual exclusion, or one seqcount update could<br /> be lost on 32-bit platforms, thus blocking readers forever. Such lockups<br /> have been observed in real world after stmmac_xmit() on one CPU raced with<br /> stmmac_napi_poll_tx() on another CPU.<br /> <br /> To fix the issue without introducing a new lock, split the statics into<br /> three parts:<br /> <br /> 1. fields updated only under the tx queue lock,<br /> 2. fields updated only during NAPI poll,<br /> 3. fields updated only from interrupt context,<br /> <br /> Updates to fields in the first two groups are already serialized through<br /> other locks. It is sufficient to split the existing struct u64_stats_sync<br /> so that each group has its own.<br /> <br /> Note that tx_set_ic_bit is updated from both contexts. Split this counter<br /> so that each context gets its own, and calculate their sum to get the total<br /> value in stmmac_get_ethtool_stats().<br /> <br /> For the third group, multiple interrupts may be processed by different CPUs<br /> at the same time, but interrupts on the same CPU will not nest. Move fields<br /> from this group to a newly created per-cpu struct stmmac_pcpu_stats.