CVE-2023-54013

In the Linux kernel, the following vulnerability has been resolved:

interconnect: Fix locking for runpm vs reclaim

For cases where iccbwset() can be called in callbaths that could deadlock against shrinker/reclaim, such as runpm resume, we need to decouple the icc locking. Introduce a new iccbwlock for cases where we need to serialize bw aggregation and update to decouple that from paths that require memory allocation such as node/link creation/ destruction.

Fixes this lockdep splat:

====================================================== WARNING: possible circular locking dependency detected 6.2.0-rc8-debug+ #554 Not tainted

ring0/132 is trying to acquire lock: ffffff80871916d0 (&gmu->lock){+.+.}-{3:3}, at: a6xxpmresume+0xf0/0x234

but task is already holding lock: ffffffdb5aee57e8 (dmafencemap){++++}-{0:0}, at: msmjobrun+0x68/0x150

which lock already depends on the new lock.

the existing dependency chain (in reverse order) is:

-> #4 (dmafencemap){++++}-{0:0}: __dmafencemightwait+0x74/0xc0 dmaresvlockdep+0x1f4/0x2f4 dooneinitcall+0x104/0x2bc kernelinitfreeable+0x344/0x34c kernelinit+0x30/0x134 retfromfork+0x10/0x20

-> #3 (mmunotifierinvalidaterangestart){+.+.}-{0:0}: fsreclaimacquire+0x80/0xa8 slabprealloc_hook.constprop.0+0x40/0x25c __kmemcachealloc_node+0x60/0x1cc _kmalloc+0xd8/0x100 topologyparsecpucapacity+0x8c/0x178 getcpufornode+0x88/0xc4 parsecluster+0x1b0/0x28c parsecluster+0x8c/0x28c initcputopology+0x168/0x188 smppreparecpus+0x24/0xf8 kernelinitfreeable+0x18c/0x34c kernelinit+0x30/0x134 retfromfork+0x10/0x20

-> #2 (fs_reclaim){+.+.}-{0:0}: __fsreclaimacquire+0x3c/0x48 fsreclaimacquire+0x54/0xa8 slabprealloc_hook.constprop.0+0x40/0x25c __kmemcachealloc_node+0x60/0x1cc __kmalloc+0xd8/0x100 kzalloc.constprop.0+0x14/0x20 iccnodecreatenolock+0x4c/0xc4 iccnodecreate+0x38/0x58 qcomiccrpmhprobe+0x1b8/0x248 platformprobe+0x70/0xc4 reallyprobe+0x158/0x290 __driverprobedevice+0xc8/0xe0 driverprobedevice+0x44/0x100 __driverattach+0xf8/0x108 busforeachdev+0x78/0xc4 driverattach+0x2c/0x38 busadddriver+0xd0/0x1d8 driverregister+0xbc/0xf8 _platformdriverregister+0x30/0x3c qnocdriverinit+0x24/0x30 dooneinitcall+0x104/0x2bc kernelinitfreeable+0x344/0x34c kernelinit+0x30/0x134 retfromfork+0x10/0x20

-> #1 (icc_lock){+.+.}-{3:3}: __mutexlock+0xcc/0x3c8 mutexlocknested+0x30/0x44 iccsetbw+0x88/0x2b4 setoppbw+0x8c/0xd8 setopp+0x19c/0x300 devpmoppsetopp+0x84/0x94 a6xxgmuresume+0x18c/0x804 a6xxpmresume+0xf8/0x234 adrenoruntimeresume+0x2c/0x38 pmgenericruntime_resume+0x30/0x44 __rpmcallback+0x15c/0x174 rpmcallback+0x78/0x7c rpm_resume+0x318/0x524 __pmruntimeresume+0x78/0xbc adrenoloadgpu+0xc4/0x17c msmopen+0x50/0x120 drmfilealloc+0x17c/0x228 drmopenhelper+0x74/0x118 drmopen+0xa0/0x144 drmstubopen+0xd4/0xe4 chrdevopen+0x1b8/0x1e4 dodentryopen+0x2f8/0x38c vfsopen+0x34/0x40 pathopenat+0x64c/0x7b4 dofilpopen+0x54/0xc4 dosysopenat2+0x9c/0x100 dosys_open+0x50/0x7c _arm64sysopenat+0x28/0x34 invokesyscall+0x8c/0x128 el0svccommon.constprop.0+0xa0/0x11c doel0 ---truncated---