CVE-2021-47454

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/smp: do not decrement idle task preempt count in CPU offline<br /> <br /> With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we<br /> get:<br /> <br /> BUG: scheduling while atomic: swapper/1/0/0x00000000<br /> no locks held by swapper/1/0.<br /> CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100<br /> Call Trace:<br /> dump_stack_lvl+0xac/0x108<br /> __schedule_bug+0xac/0xe0<br /> __schedule+0xcf8/0x10d0<br /> schedule_idle+0x3c/0x70<br /> do_idle+0x2d8/0x4a0<br /> cpu_startup_entry+0x38/0x40<br /> start_secondary+0x2ec/0x3a0<br /> start_secondary_prolog+0x10/0x14<br /> <br /> This is because powerpc&amp;#39;s arch_cpu_idle_dead() decrements the idle task&amp;#39;s<br /> preempt count, for reasons explained in commit a7c2bb8279d2 ("powerpc:<br /> Re-enable preemption before cpu_die()"), specifically "start_secondary()<br /> expects a preempt_count() of 0."<br /> <br /> However, since commit 2c669ef6979c ("powerpc/preempt: Don&amp;#39;t touch the idle<br /> task&amp;#39;s preempt_count during hotplug") and commit f1a0a376ca0c ("sched/core:<br /> Initialize the idle task with preemption disabled"), that justification no<br /> longer holds.<br /> <br /> The idle task isn&amp;#39;t supposed to re-enable preemption, so remove the<br /> vestigial preempt_enable() from the CPU offline path.<br /> <br /> Tested with pseries and powernv in qemu, and pseries on PowerVM.