CVE-2021-47454

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47454
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47454.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47454
Related
Published
2024-05-22T07:15:10Z
Modified
2024-09-18T03:17:28.361585Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

powerpc/smp: do not decrement idle task preempt count in CPU offline

With PREEMPT_COUNT=y, when a CPU is offlined and then onlined again, we get:

BUG: scheduling while atomic: swapper/1/0/0x00000000 no locks held by swapper/1/0. CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.0-rc2+ #100 Call Trace: dumpstacklvl+0xac/0x108 _schedulebug+0xac/0xe0 _schedule+0xcf8/0x10d0 scheduleidle+0x3c/0x70 doidle+0x2d8/0x4a0 cpustartupentry+0x38/0x40 startsecondary+0x2ec/0x3a0 startsecondaryprolog+0x10/0x14

This is because powerpc's archcpuidledead() decrements the idle task's preempt count, for reasons explained in commit a7c2bb8279d2 ("powerpc: Re-enable preemption before cpudie()"), specifically "startsecondary() expects a preemptcount() of 0."

However, since commit 2c669ef6979c ("powerpc/preempt: Don't touch the idle task's preempt_count during hotplug") and commit f1a0a376ca0c ("sched/core: Initialize the idle task with preemption disabled"), that justification no longer holds.

The idle task isn't supposed to re-enable preemption, so remove the vestigial preempt_enable() from the CPU offline path.

Tested with pseries and powernv in qemu, and pseries on PowerVM.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.84-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.16-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.16-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}