CVE-2023-53029

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt

The commit 4af1b64f80fb ("octeontx2-pf: Fix lmtst ID used in aura free") uses the get/putcpu() to protect the usage of percpu pointer in ->aurafreeptr() callback, but it also unnecessarily disable the preemption for the blockable memory allocation. The commit 87b93b678e95 ("octeontx2-pf: Avoid use of GFPKERNEL in atomic context") tried to fix these sleep inside atomic warnings. But it only fix the one for the non-rt kernel. For the rt kernel, we still get the similar warnings like below. BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 1, name: swapper/0 preemptcount: 1, expected: 0 RCU nest depth: 0, expected: 0 3 locks held by swapper/0/1: #0: ffff800009fc5fe8 (rtnlmutex){+.+.}-{3:3}, at: rtnllock+0x24/0x30 #1: ffff000100c276c0 (&mbox->lock){+.+.}-{3:3}, at: otx2inithwresources+0x8c/0x3a4 #2: ffffffbfef6537e0 (&cpurcache->lock){+.+.}-{2:2}, at: allociovafast+0x1ac/0x2ac Preemption disabled at: [<ffff800008b1908c>] otx2rqaurapoolinit+0x14c/0x284 CPU: 20 PID: 1 Comm: swapper/0 Tainted: G W 6.2.0-rc3-rt1-yocto-preempt-rt #1 Hardware name: Marvell OcteonTX CN96XX board (DT) Call trace: dumpbacktrace.part.0+0xe8/0xf4 showstack+0x20/0x30 dumpstacklvl+0x9c/0xd8 dumpstack+0x18/0x34 _mightresched+0x188/0x224 rtspinlock+0x64/0x110 allociovafast+0x1ac/0x2ac iommudmaallociova+0xd4/0x110 _iommudmamap+0x80/0x144 iommudmamappage+0xe8/0x260 dmamappageattrs+0xb4/0xc0 _otx2allocrbuf+0x90/0x150 otx2rqaurapoolinit+0x1c8/0x284 otx2inithwresources+0xe4/0x3a4 otx2open+0xf0/0x610 _devopen+0x104/0x224 _devchangeflags+0x1e4/0x274 devchangeflags+0x2c/0x7c icopendevs+0x124/0x2f8 ipautoconfig+0x180/0x42c dooneinitcall+0x90/0x4dc dobasicsetup+0x10c/0x14c kernelinitfreeable+0x10c/0x13c kernelinit+0x2c/0x140 retfromfork+0x10/0x20

Of course, we can shuffle the get/putcpu() to only wrap the invocation of ->aurafreeptr() as what commit 87b93b678e95 does. But there are only two ->aurafreeptr() callbacks, otx2aurafreeptr() and cn10kaurafreeptr(). There is no usage of perpcu variable in the otx2aurafreeptr() at all, so the get/putcpu() seems redundant to it. We can move the get/putcpu() into the corresponding callback which really has the percpu variable usage and avoid the sprinkling of get/putcpu() in several places.