CVE-2023-52559

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/vt-d: Avoid memory allocation in iommu_suspend()<br /> <br /> The iommu_suspend() syscore suspend callback is invoked with IRQ disabled.<br /> Allocating memory with the GFP_KERNEL flag may re-enable IRQs during<br /> the suspend callback, which can cause intermittent suspend/hibernation<br /> problems with the following kernel traces:<br /> <br /> Calling iommu_suspend+0x0/0x1d0<br /> ------------[ cut here ]------------<br /> WARNING: CPU: 0 PID: 15 at kernel/time/timekeeping.c:868 ktime_get+0x9b/0xb0<br /> ...<br /> CPU: 0 PID: 15 Comm: rcu_preempt Tainted: G U E 6.3-intel #r1<br /> RIP: 0010:ktime_get+0x9b/0xb0<br /> ...<br /> Call Trace:<br /> <br /> tick_sched_timer+0x22/0x90<br /> ? __pfx_tick_sched_timer+0x10/0x10<br /> __hrtimer_run_queues+0x111/0x2b0<br /> hrtimer_interrupt+0xfa/0x230<br /> __sysvec_apic_timer_interrupt+0x63/0x140<br /> sysvec_apic_timer_interrupt+0x7b/0xa0<br /> <br /> <br /> asm_sysvec_apic_timer_interrupt+0x1f/0x30<br /> ...<br /> ------------[ cut here ]------------<br /> Interrupts enabled after iommu_suspend+0x0/0x1d0<br /> WARNING: CPU: 0 PID: 27420 at drivers/base/syscore.c:68 syscore_suspend+0x147/0x270<br /> CPU: 0 PID: 27420 Comm: rtcwake Tainted: G U W E 6.3-intel #r1<br /> RIP: 0010:syscore_suspend+0x147/0x270<br /> ...<br /> Call Trace:<br /> <br /> hibernation_snapshot+0x25b/0x670<br /> hibernate+0xcd/0x390<br /> state_store+0xcf/0xe0<br /> kobj_attr_store+0x13/0x30<br /> sysfs_kf_write+0x3f/0x50<br /> kernfs_fop_write_iter+0x128/0x200<br /> vfs_write+0x1fd/0x3c0<br /> ksys_write+0x6f/0xf0<br /> __x64_sys_write+0x1d/0x30<br /> do_syscall_64+0x3b/0x90<br /> entry_SYSCALL_64_after_hwframe+0x72/0xdc<br /> <br /> Given that only 4 words memory is needed, avoid the memory allocation in<br /> iommu_suspend().