CVE-2024-26854

In the Linux kernel, the following vulnerability has been resolved:

ice: fix uninitialized dplls mutex usage

The pf->dplls.lock mutex is initialized too late, after its first use. Move it to the top of icedpllinit. Note that the "errexit" error path destroys the mutex. And the mutex is the last thing destroyed in icedplldeinit. This fixes the following warning with CONFIGDEBUG_MUTEXES:

ice 0000:10:00.0: The DDP package was successfully loaded: ICE OS Default Package version 1.3.36.0 ice 0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16 link) ice 0000:10:00.0: PTP init successful ------------[ cut here ]------------ DEBUGLOCKSWARNON(lock->magic != lock) WARNING: CPU: 0 PID: 410 at kernel/locking/mutex.c:587 mutexlock+0x773/0xd40 Modules linked in: crct10difpclmul crc32pclmul crc32cintel polyvalclmulni polyvalgeneric ice(+) nvme nvmec> CPU: 0 PID: 410 Comm: kworker/0:4 Not tainted 6.8.0-rc5+ #3 Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant DL110 Gen10 Plus, BIOS U56 10/19/2023 Workqueue: events workforcpufn RIP: 0010:mutexlock+0x773/0xd40 Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d 9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a> RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 RDX: 0000000000000002 RSI: ffffffff85ac2bff RDI: 00000000ffffffff RBP: ff7eb1a3417a7b80 R08: 0000000000000000 R09: 00000000ffffbfff R10: ff7eb1a3417a7978 R11: ff32b80f7fd2e568 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: ff32b7f02c50e0d8 FS: 0000000000000000(0000) GS:ff32b80efe800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4: 0000000000771ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ? _warn+0x84/0x170 ? _mutexlock+0x773/0xd40 ? reportbug+0x1c7/0x1d0 ? prbreadvalid+0x1b/0x30 ? handlebug+0x42/0x70 ? excinvalidop+0x18/0x70 ? asmexcinvalidop+0x1a/0x20 ? _mutexlock+0x773/0xd40 ? rcuiswatching+0x11/0x50 ? _kmallocnodetrackcaller+0x346/0x490 ? icedplllockstatusget+0x28/0x50 [ice] ? _pfxicedplllockstatusget+0x10/0x10 [ice] ? icedplllockstatusget+0x28/0x50 [ice] icedplllockstatusget+0x28/0x50 [ice] dplldevicegetone+0x14f/0x2e0 dplldeviceeventsend+0x7d/0x150 dplldeviceregister+0x124/0x180 icedpllinitdpll+0x7b/0xd0 [ice] icedpllinit+0x224/0xa40 [ice] ? _devinfo+0x70/0x90 iceload+0x468/0x690 [ice] iceprobe+0x75b/0xa10 [ice] ? rawspinunlockirqrestore+0x4f/0x80 ? processonework+0x1a3/0x500 localpciprobe+0x47/0xa0 workforcpufn+0x17/0x30 processonework+0x20d/0x500 workerthread+0x1df/0x3e0 ? _pfxworkerthread+0x10/0x10 kthread+0x103/0x140 ? _pfxkthread+0x10/0x10 retfromfork+0x31/0x50 ? _pfxkthread+0x10/0x10 retfromforkasm+0x1b/0x30 </TASK> irq event stamp: 125197 hardirqs last enabled at (125197): [<ffffffff8416409d>] finishtaskswitch.isra.0+0x12d/0x3d0 hardirqs last disabled at (125196): [<ffffffff85134044>] _schedule+0xea4/0x19f0 softirqs last enabled at (105334): [<ffffffff84e1e65a>] napigetfragscheck+0x1a/0x60 softirqs last disabled at (105332): [<ffffffff84e1e65a>] napigetfrags_check+0x1a/0x60 ---[ end trace 0000000000000000 ]---