CVE-2023-53563

In the Linux kernel, the following vulnerability has been resolved:

cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver

After loading the amd-pstate-ut driver, amdpstateutcheckperf() and amdpstateutcheckfreq() use cpufreqcpuget() to get the policy of the CPU and mark it as busy.

In these functions, cpufreqcpuput() should be used to release the policy, but it is not, so any other entity trying to access the policy is blocked indefinitely.

One such scenario is when amd_pstate mode is changed, leading to the following splat:

[ 1332.103727] INFO: task bash:2929 blocked for more than 120 seconds. [ 1332.110001] Not tainted 6.5.0-rc2-amd-pstate-ut #5 [ 1332.115315] "echo 0 > /proc/sys/kernel/hungtasktimeoutsecs" disables this message. [ 1332.123140] task:bash state:D stack:0 pid:2929 ppid:2873 flags:0x00004006 [ 1332.123143] Call Trace: [ 1332.123145] <TASK> [ 1332.123148] _schedule+0x3c1/0x16a0 [ 1332.123154] ? rawreadlockirqsave+0x2d/0x70 [ 1332.123157] schedule+0x6f/0x110 [ 1332.123160] scheduletimeout+0x14f/0x160 [ 1332.123162] ? preemptcountadd+0x86/0xd0 [ 1332.123165] _waitforcommon+0x92/0x190 [ 1332.123168] ? _pfxscheduletimeout+0x10/0x10 [ 1332.123170] waitforcompletion+0x28/0x30 [ 1332.123173] cpufreqpolicyputkobj+0x4d/0x90 [ 1332.123177] cpufreqpolicyfree+0x157/0x1d0 [ 1332.123178] ? preemptcountadd+0x58/0xd0 [ 1332.123180] cpufreqremovedev+0xb6/0x100 [ 1332.123182] subsysinterfaceunregister+0x114/0x120 [ 1332.123185] ? preemptcountadd+0x58/0xd0 [ 1332.123187] ? _pfxamdpstatechangedrivermode+0x10/0x10 [ 1332.123190] cpufrequnregisterdriver+0x3b/0xd0 [ 1332.123192] amdpstatechangedrivermode+0x1e/0x50 [ 1332.123194] storestatus+0xe9/0x180 [ 1332.123197] devattrstore+0x1b/0x30 [ 1332.123199] sysfskfwrite+0x42/0x50 [ 1332.123202] kernfsfopwriteiter+0x143/0x1d0 [ 1332.123204] vfswrite+0x2df/0x400 [ 1332.123208] ksyswrite+0x6b/0xf0 [ 1332.123210] _x64syswrite+0x1d/0x30 [ 1332.123213] dosyscall64+0x60/0x90 [ 1332.123216] ? fpregsassertstateconsistent+0x2e/0x50 [ 1332.123219] ? exittousermodeprepare+0x49/0x1a0 [ 1332.123223] ? irqentryexittousermode+0xd/0x20 [ 1332.123225] ? irqentryexit+0x3f/0x50 [ 1332.123226] ? excpagefault+0x8e/0x190 [ 1332.123228] entrySYSCALL64afterhwframe+0x6e/0xd8 [ 1332.123232] RIP: 0033:0x7fa74c514a37 [ 1332.123234] RSP: 002b:00007ffe31dd0788 EFLAGS: 00000246 ORIGRAX: 0000000000000001 [ 1332.123238] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fa74c514a37 [ 1332.123239] RDX: 0000000000000008 RSI: 000055e27c447aa0 RDI: 0000000000000001 [ 1332.123241] RBP: 000055e27c447aa0 R08: 00007fa74c5d1460 R09: 000000007fffffff [ 1332.123242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 1332.123244] R13: 00007fa74c61a780 R14: 00007fa74c616600 R15: 00007fa74c615a00 [ 1332.123247] </TASK>

Fix this by calling cpufreqcpuput() wherever necessary.

[ rjw: Subject and changelog edits ]