CVE-2021-46990

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/64s: Fix crashes when toggling entry flush barrier<br /> <br /> The entry flush mitigation can be enabled/disabled at runtime via a<br /> debugfs file (entry_flush), which causes the kernel to patch itself to<br /> enable/disable the relevant mitigations.<br /> <br /> However depending on which mitigation we&amp;#39;re using, it may not be safe to<br /> do that patching while other CPUs are active. For example the following<br /> crash:<br /> <br /> sleeper[15639]: segfault (11) at c000000000004c20 nip c000000000004c20 lr c000000000004c20<br /> <br /> Shows that we returned to userspace with a corrupted LR that points into<br /> the kernel, due to executing the partially patched call to the fallback<br /> entry flush (ie. we missed the LR restore).<br /> <br /> Fix it by doing the patching under stop machine. The CPUs that aren&amp;#39;t<br /> doing the patching will be spinning in the core of the stop machine<br /> logic. That is currently sufficient for our purposes, because none of<br /> the patching we do is to that code or anywhere in the vicinity.