CVE-2024-53089

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> LoongArch: KVM: Mark hrtimer to expire in hard interrupt context<br /> <br /> Like commit 2c0d278f3293f ("KVM: LAPIC: Mark hrtimer to expire in hard<br /> interrupt context") and commit 9090825fa9974 ("KVM: arm/arm64: Let the<br /> timer expire in hardirq context on RT"), On PREEMPT_RT enabled kernels<br /> unmarked hrtimers are moved into soft interrupt expiry mode by default.<br /> Then the timers are canceled from an preempt-notifier which is invoked<br /> with disabled preemption which is not allowed on PREEMPT_RT.<br /> <br /> The timer callback is short so in could be invoked in hard-IRQ context.<br /> So let the timer expire on hard-IRQ context even on -RT.<br /> <br /> This fix a "scheduling while atomic" bug for PREEMPT_RT enabled kernels:<br /> <br /> BUG: scheduling while atomic: qemu-system-loo/1011/0x00000002<br /> Modules linked in: amdgpu rfkill nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat ns<br /> CPU: 1 UID: 0 PID: 1011 Comm: qemu-system-loo Tainted: G W 6.12.0-rc2+ #1774<br /> Tainted: [W]=WARN<br /> Hardware name: Loongson Loongson-3A5000-7A1000-1w-CRB/Loongson-LS3A5000-7A1000-1w-CRB, BIOS vUDK2018-LoongArch-V2.0.0-prebeta9 10/21/2022<br /> Stack : ffffffffffffffff 0000000000000000 9000000004e3ea38 9000000116744000<br /> 90000001167475a0 0000000000000000 90000001167475a8 9000000005644830<br /> 90000000058dc000 90000000058dbff8 9000000116747420 0000000000000001<br /> 0000000000000001 6a613fc938313980 000000000790c000 90000001001c1140<br /> 00000000000003fe 0000000000000001 000000000000000d 0000000000000003<br /> 0000000000000030 00000000000003f3 000000000790c000 9000000116747830<br /> 90000000057ef000 0000000000000000 9000000005644830 0000000000000004<br /> 0000000000000000 90000000057f4b58 0000000000000001 9000000116747868<br /> 900000000451b600 9000000005644830 9000000003a13998 0000000010000020<br /> 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d<br /> ...<br /> Call Trace:<br /> [] show_stack+0x38/0x180<br /> [] dump_stack_lvl+0x84/0xc0<br /> [] __schedule_bug+0x48/0x60<br /> [] __schedule+0x1114/0x1660<br /> [] schedule_rtlock+0x20/0x60<br /> [] rtlock_slowlock_locked+0x3f0/0x10a0<br /> [] rt_spin_lock+0x58/0x80<br /> [] hrtimer_cancel_wait_running+0x68/0xc0<br /> [] hrtimer_cancel+0x70/0x80<br /> [] kvm_restore_timer+0x50/0x1a0 [kvm]<br /> [] kvm_arch_vcpu_load+0x68/0x2a0 [kvm]<br /> [] kvm_sched_in+0x34/0x60 [kvm]<br /> [] finish_task_switch.isra.0+0x140/0x2e0<br /> [] __schedule+0x450/0x1660<br /> [] schedule+0x30/0x180<br /> [] kvm_vcpu_block+0x70/0x120 [kvm]<br /> [] kvm_vcpu_halt+0x60/0x3e0 [kvm]<br /> [] kvm_handle_gspr+0x3f4/0x4e0 [kvm]<br /> [] kvm_handle_exit+0x1c8/0x260 [kvm]