漏洞标题
clk: mediatek: 在探测期间对控制器执行运行时PM获取
漏洞描述信息
在Linux内核中,已解决以下漏洞:
clk:mediatek:在探测阶段对控制器进行运行时电源管理获取
mt8183-mfgcfg在探测阶段与genpd存在相互依赖关系,导致以下调用堆栈中的死锁:
CPU0: genpd_lock --> clk_prepare_lock
genpd_power_off_work_fn()
genpd_lock()
generic_pm_domain::power_off()
clk_unprepare()
clk_prepare_lock()
CPU1: clk_prepare_lock --> genpd_lock
clk_register()
__clk_core_init()
clk_prepare_lock()
clk_pm_runtime_get()
genpd_lock()
在探测函数中进行运行时电源管理获取,以确保clk_register()不会获取genpd锁。我们不认为这会导致任何回退,因此不仅修改mt8183-mfgcfg,还对所有mediatek时钟控制器的探测进行此操作。
已在MT8183和MT8192 Chromebooks上验证。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
漏洞类别
加锁机制不恰当
漏洞标题
clk: mediatek: Do a runtime PM get on controllers during probe
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
clk: mediatek: Do a runtime PM get on controllers during probe
mt8183-mfgcfg has a mutual dependency with genpd during the probing
stage, which leads to a deadlock in the following call stack:
CPU0: genpd_lock --> clk_prepare_lock
genpd_power_off_work_fn()
genpd_lock()
generic_pm_domain::power_off()
clk_unprepare()
clk_prepare_lock()
CPU1: clk_prepare_lock --> genpd_lock
clk_register()
__clk_core_init()
clk_prepare_lock()
clk_pm_runtime_get()
genpd_lock()
Do a runtime PM get at the probe function to make sure clk_register()
won't acquire the genpd lock. Instead of only modifying mt8183-mfgcfg,
do this on all mediatek clock controller probings because we don't
believe this would cause any regression.
Verified on MT8183 and MT8192 Chromebooks.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Linux kernel 安全漏洞
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于出现死锁问题。
CVSS信息
N/A
漏洞类别
其他