CVE-2025-21876
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/03/2025
Last modified:
27/03/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
iommu/vt-d: Fix suspicious RCU usage<br />
<br />
Commit ("iommu/vt-d: Allocate DMAR fault interrupts<br />
locally") moved the call to enable_drhd_fault_handling() to a code<br />
path that does not hold any lock while traversing the drhd list. Fix<br />
it by ensuring the dmar_global_lock lock is held when traversing the<br />
drhd list.<br />
<br />
Without this fix, the following warning is triggered:<br />
=============================<br />
WARNING: suspicious RCU usage<br />
6.14.0-rc3 #55 Not tainted<br />
-----------------------------<br />
drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!<br />
other info that might help us debug this:<br />
rcu_scheduler_active = 1, debug_locks = 1<br />
2 locks held by cpuhp/1/23:<br />
#0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0<br />
#1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0<br />
stack backtrace:<br />
CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55<br />
Call Trace:<br />
<br />
dump_stack_lvl+0xb7/0xd0<br />
lockdep_rcu_suspicious+0x159/0x1f0<br />
? __pfx_enable_drhd_fault_handling+0x10/0x10<br />
enable_drhd_fault_handling+0x151/0x180<br />
cpuhp_invoke_callback+0x1df/0x990<br />
cpuhp_thread_fun+0x1ea/0x2c0<br />
smpboot_thread_fn+0x1f5/0x2e0<br />
? __pfx_smpboot_thread_fn+0x10/0x10<br />
kthread+0x12a/0x2d0<br />
? __pfx_kthread+0x10/0x10<br />
ret_from_fork+0x4a/0x60<br />
? __pfx_kthread+0x10/0x10<br />
ret_from_fork_asm+0x1a/0x30<br />
<br />
<br />
Holding the lock in enable_drhd_fault_handling() triggers a lockdep splat<br />
about a possible deadlock between dmar_global_lock and cpu_hotplug_lock.<br />
This is avoided by not holding dmar_global_lock when calling<br />
iommu_device_register(), which initiates the device probe process.