CVE-2022-50045

BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 1, name: swapper preemptcount: 1, expected: 0 RCU nest depth: 0, expected: 0 1 lock held by swapper/1: #0: c157efb0 (hosespinlock){+.+.}-{2:2}, at: pcibiosalloccontroller+0x64/0x220 Preemption disabled at: [<00000000>] 0x0 CPU: 0 PID: 1 Comm: swapper Not tainted 5.19.0-yocto-standard+ #1 Call Trace: [d101dc90] [c073b264] dumpstacklvl+0x50/0x8c (unreliable) [d101dcb0] [c0093b70] _mightresched+0x258/0x2a8 [d101dcd0] [c0d3e634] _mutexlock+0x6c/0x6ec [d101dd50] [c0a84174] ofaliasgetid+0x50/0xf4 [d101dd80] [c002ec78] pcibiosalloccontroller+0x1b8/0x220 [d101ddd0] [c140c9dc] pmacpciinit+0x198/0x784 [d101de50] [c140852c] discoverphbs+0x30/0x4c [d101de60] [c0007fd4] dooneinitcall+0x94/0x344 [d101ded0] [c1403b40] kernelinitfreeable+0x1a8/0x22c [d101df10] [c00086e0] kernelinit+0x34/0x160 [d101df30] [c001b334] retfromkernel_thread+0x5c/0x64

This is because pcibiosalloccontroller() holds hosespinlock but ofaliasgetid() takes of_mutex which can sleep.

The hosespinlock protects the phbbitmap, and also the hoselist, but it doesn't need to be held while getphb_number() calls the OF routines, because those are only looking up information in the device tree.

So fix it by having getphbnumber() take the hosespinlock itself, only where required, and then dropping the lock before returning. pcibiosalloccontroller() then needs to take the lock again before the listadd() but that's safe, the order of the list is not important.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a79e4395619c926ea7e828b2023c0fbe2776385b

Fixed

6f75057c21eab12c6ccb7f06f859641a6edfab99

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

205826dcac3271ab04fb97d66f1b4f8219723259

Fixed

5db5ce0f1963c6c8275719a80cb65e9c98d32726

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3ec50b8a0128359ff4ad4061a75c3322d0ab6ac9

Fixed

ccb0a42d3f40c436295e0fef57ab613ae5b925a4

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

47a8fe1b154aa6d836582365b1c70684af8597e4

Fixed

a868f771ee41c97a25a04b8c632a7f06689b307b

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ef0f4eeaba2463a77ac5a4e42c30717deb3c7b62

Fixed

1d9e75c3d8cdf7c96a94cb77450d4ee070279e6a

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f35c7f506fb96a23a1961c7314c5931ec8bc473e

Fixed

90f195c01a2e8d8da6281791617e21109719c981

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0fe1e96fef0a5c53b4c0d1500d356f3906000f81

Fixed

8d48562a2729742f767b0fdd994d6b2a56a49c63

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e0274da3ac318296fed503422ccda98ce67e99cb

Affected versions

v2.*

v2.6.12

v2.6.12-rc2

v2.6.12-rc3

v2.6.12-rc4

v2.6.12-rc5

v2.6.12-rc6

v2.6.13

v2.6.13-rc1

v2.6.13-rc2

v2.6.13-rc3

v2.6.13-rc4

v2.6.13-rc5

v2.6.13-rc6

v2.6.13-rc7

v2.6.14

v2.6.14-rc1

v2.6.14-rc2

v2.6.14-rc3

v2.6.14-rc4

v2.6.14-rc5

v2.6.15

v2.6.15-rc1

v2.6.15-rc2

v2.6.15-rc3

v2.6.15-rc4

v2.6.15-rc5

v2.6.15-rc6

v2.6.15-rc7

v2.6.16

v2.6.16-rc1

v2.6.16-rc2

v2.6.16-rc3

v2.6.16-rc4

v2.6.16-rc5

v2.6.16-rc6

v2.6.17

v2.6.17-rc1

v2.6.17-rc2

v2.6.17-rc3

v2.6.17-rc4

v2.6.17-rc5

v2.6.17-rc6

v2.6.18

v2.6.18-rc1

v2.6.18-rc2

v2.6.18-rc3

v2.6.18-rc4

v2.6.18-rc5

v2.6.18-rc6

v2.6.18-rc7

v2.6.19

v2.6.19-rc1

v2.6.19-rc2

v2.6.19-rc3

v2.6.19-rc4

v2.6.19-rc5

v2.6.19-rc6

v2.6.20

v2.6.20-rc1

v2.6.20-rc2

v2.6.20-rc3

v2.6.20-rc4

v2.6.20-rc5

v2.6.20-rc6

v2.6.20-rc7

v2.6.21

v2.6.21-rc1

v2.6.21-rc2

v2.6.21-rc3

v2.6.21-rc4

v2.6.21-rc5

v2.6.21-rc6

v2.6.21-rc7

v2.6.22

v2.6.22-rc1

v2.6.22-rc2

v2.6.22-rc3

v2.6.22-rc4

v2.6.22-rc5

v2.6.22-rc6

v2.6.22-rc7

v2.6.23

v2.6.23-rc1

v2.6.23-rc2

v2.6.23-rc3

v2.6.23-rc4

v2.6.23-rc5

v2.6.23-rc6

v2.6.23-rc7

v2.6.23-rc8

v2.6.23-rc9

v2.6.24

v2.6.24-rc1

v2.6.24-rc2

v2.6.24-rc3

v2.6.24-rc4

v2.6.24-rc5

v2.6.24-rc6

v2.6.24-rc7

v2.6.24-rc8

v2.6.25

v2.6.25-rc1

v2.6.25-rc2

v2.6.25-rc3

v2.6.25-rc4

v2.6.25-rc5

v2.6.25-rc6

v2.6.25-rc7

v2.6.25-rc8

v2.6.25-rc9

v2.6.26

v2.6.26-rc1

v2.6.26-rc2

v2.6.26-rc3

v2.6.26-rc4

v2.6.26-rc5

v2.6.26-rc6

v2.6.26-rc7

v2.6.26-rc8

v2.6.26-rc9

v2.6.27

v2.6.27-rc1

v2.6.27-rc2

v2.6.27-rc3

v2.6.27-rc4

v2.6.27-rc5

v2.6.27-rc6

v2.6.27-rc7

v2.6.27-rc8

v2.6.27-rc9

v2.6.28

v2.6.28-rc1

v2.6.28-rc2

v2.6.28-rc3

v2.6.28-rc4

v2.6.28-rc5

v2.6.28-rc6

v2.6.28-rc7

v2.6.28-rc8

v2.6.28-rc9

v2.6.29

v2.6.29-rc1

v2.6.29-rc2

v2.6.29-rc3

v2.6.29-rc4

v2.6.29-rc5

v2.6.29-rc6

v2.6.29-rc7

v2.6.29-rc8

v2.6.30

v2.6.30-rc1

v2.6.30-rc2

v2.6.30-rc3

v2.6.30-rc4

v2.6.30-rc5

v2.6.30-rc6

v2.6.30-rc7

v2.6.30-rc8

v2.6.31

v2.6.31-rc1

v2.6.31-rc2

v2.6.31-rc3

v2.6.31-rc4

v2.6.31-rc5

v2.6.31-rc6

v2.6.31-rc7

v2.6.31-rc8

v2.6.31-rc9

v2.6.32

v2.6.32-rc1

v2.6.32-rc2

v2.6.32-rc3

v2.6.32-rc4

v2.6.32-rc5

v2.6.32-rc6

v2.6.32-rc7

v2.6.32-rc8

v2.6.33

v2.6.33-rc1

v2.6.33-rc2

v2.6.33-rc3

v2.6.33-rc4

v2.6.33-rc5

v2.6.33-rc6

v2.6.33-rc7

v2.6.33-rc8

v2.6.34

v2.6.34-rc1

v2.6.34-rc2

v2.6.34-rc3

v2.6.34-rc4

v2.6.34-rc5

v2.6.34-rc6

v2.6.34-rc7

v2.6.35

v2.6.35-rc1

v2.6.35-rc2

v2.6.35-rc3

v2.6.35-rc4

v2.6.35-rc5

v2.6.35-rc6

v2.6.36

v2.6.36-rc1

v2.6.36-rc2

v2.6.36-rc3

v2.6.36-rc4

v2.6.36-rc5

v2.6.36-rc6

v2.6.36-rc7

v2.6.36-rc8

v2.6.37

v2.6.37-rc1

v2.6.37-rc2

v2.6.37-rc3

v2.6.37-rc4

v2.6.37-rc5

v2.6.37-rc6

v2.6.37-rc7

v2.6.37-rc8

v2.6.38

v2.6.38-rc1

v2.6.38-rc2

v2.6.38-rc3

v2.6.38-rc4

v2.6.38-rc5

v2.6.38-rc6

v2.6.38-rc7

v2.6.38-rc8

v2.6.39

v2.6.39-rc1

v2.6.39-rc2

v2.6.39-rc3

v2.6.39-rc4

v2.6.39-rc5

v2.6.39-rc6

v2.6.39-rc7

v3.*

v3.0

v3.0-rc1

v3.0-rc2

v3.0-rc3

v3.0-rc4

v3.0-rc5

v3.0-rc6

v3.0-rc7

v3.1

v3.1-rc1

v3.1-rc10

v3.1-rc2

v3.1-rc3

v3.1-rc4

v3.1-rc5

v3.1-rc6

v3.1-rc7

v3.1-rc8

v3.1-rc9

v3.10

v3.10-rc1

v3.10-rc2

v3.10-rc3

v3.10-rc4

v3.10-rc5

v3.10-rc6

v3.10-rc7

v3.11

v3.11-rc1

v3.11-rc2

v3.11-rc3

v3.11-rc4

v3.11-rc5

v3.11-rc6

v3.11-rc7

v3.12

v3.12-rc1

v3.12-rc2

v3.12-rc3

v3.12-rc4

v3.12-rc5

v3.12-rc6

v3.12-rc7

v3.13

v3.13-rc1

v3.13-rc2

v3.13-rc3

v3.13-rc4

v3.13-rc5

v3.13-rc6

v3.13-rc7

v3.13-rc8

v3.14

v3.14-rc1

v3.14-rc2

v3.14-rc3

v3.14-rc4

v3.14-rc5

v3.14-rc6

v3.14-rc7

v3.14-rc8

v3.15

v3.15-rc1

v3.15-rc2

v3.15-rc3

v3.15-rc4

v3.15-rc5

v3.15-rc6

v3.15-rc7

v3.15-rc8

v3.16

v3.16-rc1

v3.16-rc2

v3.16-rc3

v3.16-rc4

v3.16-rc5

v3.16-rc6

v3.16-rc7

v3.17

v3.17-rc1

v3.17-rc2

v3.17-rc3

v3.17-rc4

v3.17-rc5

v3.17-rc6

v3.17-rc7

v3.18

v3.18-rc1

v3.18-rc2

v3.18-rc3

v3.18-rc4

v3.18-rc5

v3.18-rc6

v3.18-rc7

v3.19

v3.19-rc1

v3.19-rc2

v3.19-rc3

v3.19-rc4

v3.19-rc5

v3.19-rc6

v3.19-rc7

v3.2

v3.2-rc1

v3.2-rc2

v3.2-rc3

v3.2-rc4

v3.2-rc5

v3.2-rc6

v3.2-rc7

v3.3

v3.3-rc1

v3.3-rc2

v3.3-rc3

v3.3-rc4

v3.3-rc5

v3.3-rc6

v3.3-rc7

v3.4

v3.4-rc1

v3.4-rc2

v3.4-rc3

v3.4-rc4

v3.4-rc5

v3.4-rc6

v3.4-rc7

v3.5

v3.5-rc1

v3.5-rc2

v3.5-rc3

v3.5-rc4

v3.5-rc5

v3.5-rc6

v3.5-rc7

v3.6

v3.6-rc1

v3.6-rc2

v3.6-rc3

v3.6-rc4

v3.6-rc5

v3.6-rc6

v3.6-rc7

v3.7

v3.7-rc1

v3.7-rc2

v3.7-rc3

v3.7-rc4

v3.7-rc5

v3.7-rc6

v3.7-rc7

v3.7-rc8

v3.8

v3.8-rc1

v3.8-rc2

v3.8-rc3

v3.8-rc4

v3.8-rc5

v3.8-rc6

v3.8-rc7

v3.9

v3.9-rc1

v3.9-rc2

v3.9-rc3

v3.9-rc4

v3.9-rc5

v3.9-rc6

v3.9-rc7

v3.9-rc8

v4.*

v4.0

v4.0-rc1

v4.0-rc2

v4.0-rc3

v4.0-rc4

v4.0-rc5

v4.0-rc6

v4.0-rc7

v4.1

v4.1-rc1

v4.1-rc2

v4.1-rc3

v4.1-rc4

v4.1-rc5

v4.1-rc6

v4.1-rc7

v4.1-rc8

v4.10

v4.10-rc1

v4.10-rc2

v4.10-rc3

v4.10-rc4

v4.10-rc5

v4.10-rc6

v4.10-rc7

v4.10-rc8

v4.11

v4.11-rc1

v4.11-rc2

v4.11-rc3

v4.11-rc4

v4.11-rc5

v4.11-rc6

v4.11-rc7

v4.11-rc8

v4.12

v4.12-rc1

v4.12-rc2

v4.12-rc3

v4.12-rc4

v4.12-rc5

v4.12-rc6

v4.12-rc7

v4.13

v4.13-rc1

v4.13-rc2

v4.13-rc3

v4.13-rc4

v4.13-rc5

v4.13-rc6

v4.13-rc7

v4.14

v4.14-rc1

v4.14-rc2

v4.14-rc3

v4.14-rc4

v4.14-rc5

v4.14-rc6

v4.14-rc7

v4.14-rc8

v4.15

v4.15-rc1

v4.15-rc2

v4.15-rc3

v4.15-rc4

v4.15-rc5

v4.15-rc6

v4.15-rc7

v4.15-rc8

v4.15-rc9

v4.16

v4.16-rc1

v4.16-rc2

v4.16-rc3

v4.16-rc4

v4.16-rc5

v4.16-rc6

v4.16-rc7

v4.17

v4.17-rc1

v4.17-rc2

v4.17-rc3

v4.17-rc4

v4.17-rc5

v4.17-rc6

v4.17-rc7

v4.18

v4.18-rc1

v4.18-rc2

v4.18-rc3

v4.18-rc4

v4.18-rc5

v4.18-rc6

v4.18-rc7

v4.18-rc8

v4.19

v4.19-rc1

v4.19-rc2

v4.19-rc3

v4.19-rc4

v4.19-rc5

v4.19-rc6

v4.19-rc7

v4.19-rc8

v4.2

v4.2-rc1

v4.2-rc2

v4.2-rc3

v4.2-rc4

v4.2-rc5

v4.2-rc6

v4.2-rc7

v4.2-rc8

v4.20

v4.20-rc1

v4.20-rc2

v4.20-rc3

v4.20-rc4

v4.20-rc5

v4.20-rc6

v4.20-rc7

v4.3

v4.3-rc1

v4.3-rc2

v4.3-rc3

v4.3-rc4

v4.3-rc5

v4.3-rc6

v4.3-rc7

v4.4

v4.4-rc1

v4.4-rc2

v4.4-rc3

v4.4-rc4

v4.4-rc5

v4.4-rc6

v4.4-rc7

v4.4-rc8

v4.5

v4.5-rc1

v4.5-rc2

v4.5-rc3

v4.5-rc4

v4.5-rc5

v4.5-rc6

v4.5-rc7

v4.6

v4.6-rc1

v4.6-rc2

v4.6-rc3

v4.6-rc4

v4.6-rc5

v4.6-rc6

v4.6-rc7

v4.7

v4.7-rc1

v4.7-rc2

v4.7-rc3

v4.7-rc4

v4.7-rc5

v4.7-rc6

v4.7-rc7

v4.8

v4.8-rc1

v4.8-rc2

v4.8-rc3

v4.8-rc4

v4.8-rc5

v4.8-rc6

v4.8-rc7

v4.8-rc8

v4.9

v4.9-rc1

v4.9-rc2

v4.9-rc3

v4.9-rc4

v4.9-rc5

v4.9-rc6

v4.9-rc7

v4.9-rc8

v5.*

v5.0

v5.0-rc1

v5.0-rc2

v5.0-rc3

v5.0-rc4

v5.0-rc5

v5.0-rc6

v5.0-rc7

v5.0-rc8

v5.1

v5.1-rc1

v5.1-rc2

v5.1-rc3

v5.1-rc4

v5.1-rc5

v5.1-rc6

v5.1-rc7

v5.10

v5.10-rc1

v5.10-rc2

v5.10-rc3

v5.10-rc4

v5.10-rc5

v5.10-rc6

v5.10-rc7

v5.10.137

v5.11

v5.11-rc1

v5.11-rc2

v5.11-rc3

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.61

v5.15.62

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.18.1

v5.18.10

v5.18.11

v5.18.12

v5.18.13

v5.18.14

v5.18.15

v5.18.16

v5.18.17

v5.18.2

v5.18.3

v5.18.4

v5.18.5

v5.18.6

v5.18.7

v5.18.8

v5.18.9

v5.19

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v5.19.2

v5.19.3

v5.2

v5.2-rc1

v5.2-rc2

v5.2-rc3

v5.2-rc4

v5.2-rc5

v5.2-rc6

v5.2-rc7

v5.3

v5.3-rc1

v5.3-rc2

v5.3-rc3

v5.3-rc4

v5.3-rc5

v5.3-rc6

v5.3-rc7

v5.3-rc8

v5.4

v5.4-rc1

v5.4-rc2

v5.4-rc3

v5.4-rc4

v5.4-rc5

v5.4-rc6

v5.4-rc7

v5.4-rc8

v5.5

v5.5-rc1

v5.5-rc2

v5.5-rc3

v5.5-rc4

v5.5-rc5

v5.5-rc6

v5.5-rc7

v5.6

v5.6-rc1

v5.6-rc2

v5.6-rc3

v5.6-rc4

v5.6-rc5

v5.6-rc6

v5.6-rc7

v5.7

v5.7-rc1

v5.7-rc2

v5.7-rc3

v5.7-rc4

v5.7-rc5

v5.7-rc6

v5.7-rc7

v5.8

v5.8-rc1

v5.8-rc2

v5.8-rc3

v5.8-rc4

v5.8-rc5

v5.8-rc6

v5.8-rc7

v5.9

v5.9-rc1

v5.9-rc2

v5.9-rc3

v5.9-rc4

v5.9-rc5

v5.9-rc6

v5.9-rc7

v5.9-rc8

v6.*

v6.0-rc1

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.10.137

Fixed

5.10.138

Type: ECOSYSTEM
Events: Introduced

5.15.61

Fixed

5.15.63

Type: ECOSYSTEM
Events: Introduced

5.19.2

Fixed

5.19.4