CVE-2022-50491

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> coresight: cti: Fix hang in cti_disable_hw()<br /> <br /> cti_enable_hw() and cti_disable_hw() are called from an atomic context<br /> so shouldn&amp;#39;t use runtime PM because it can result in a sleep when<br /> communicating with firmware.<br /> <br /> Since commit 3c6656337852 ("Revert "firmware: arm_scmi: Add clock<br /> management to the SCMI power domain""), this causes a hang on Juno when<br /> running the Perf Coresight tests or running this command:<br /> <br /> perf record -e cs_etm//u -- ls<br /> <br /> This was also missed until the revert commit because pm_runtime_put()<br /> was called with the wrong device until commit 692c9a499b28 ("coresight:<br /> cti: Correct the parameter for pm_runtime_put")<br /> <br /> With lock and scheduler debugging enabled the following is output:<br /> <br /> coresight cti_sys0: cti_enable_hw -- dev:cti_sys0 parent: 20020000.cti<br /> BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1151<br /> in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 330, name: perf-exec<br /> preempt_count: 2, expected: 0<br /> RCU nest depth: 0, expected: 0<br /> INFO: lockdep is turned off.<br /> irq event stamp: 0<br /> hardirqs last enabled at (0): [] 0x0<br /> hardirqs last disabled at (0): [] copy_process+0xa0c/0x1948<br /> softirqs last enabled at (0): [] copy_process+0xa0c/0x1948<br /> softirqs last disabled at (0): [] 0x0<br /> CPU: 3 PID: 330 Comm: perf-exec Not tainted 6.0.0-00053-g042116d99298 #7<br /> Hardware name: ARM LTD ARM Juno Development Platform/ARM Juno Development Platform, BIOS EDK II Sep 13 2022<br /> Call trace:<br /> dump_backtrace+0x134/0x140<br /> show_stack+0x20/0x58<br /> dump_stack_lvl+0x8c/0xb8<br /> dump_stack+0x18/0x34<br /> __might_resched+0x180/0x228<br /> __might_sleep+0x50/0x88<br /> __pm_runtime_resume+0xac/0xb0<br /> cti_enable+0x44/0x120<br /> coresight_control_assoc_ectdev+0xc0/0x150<br /> coresight_enable_path+0xb4/0x288<br /> etm_event_start+0x138/0x170<br /> etm_event_add+0x48/0x70<br /> event_sched_in.isra.122+0xb4/0x280<br /> merge_sched_in+0x1fc/0x3d0<br /> visit_groups_merge.constprop.137+0x16c/0x4b0<br /> ctx_sched_in+0x114/0x1f0<br /> perf_event_sched_in+0x60/0x90<br /> ctx_resched+0x68/0xb0<br /> perf_event_exec+0x138/0x508<br /> begin_new_exec+0x52c/0xd40<br /> load_elf_binary+0x6b8/0x17d0<br /> bprm_execve+0x360/0x7f8<br /> do_execveat_common.isra.47+0x218/0x238<br /> __arm64_sys_execve+0x48/0x60<br /> invoke_syscall+0x4c/0x110<br /> el0_svc_common.constprop.4+0xfc/0x120<br /> do_el0_svc+0x34/0xc0<br /> el0_svc+0x40/0x98<br /> el0t_64_sync_handler+0x98/0xc0<br /> el0t_64_sync+0x170/0x174<br /> <br /> Fix the issue by removing the runtime PM calls completely. They are not<br /> needed here because it must have already been done when building the<br /> path for a trace.<br /> <br /> [ Fix build warnings ]