CVE-2025-21767

In the Linux kernel, the following vulnerability has been resolved:

clocksource: Use migratedisable() to avoid calling getrandom_u32() in atomic context

The following bug report happened with a PREEMPT_RT kernel:

BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:48 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 2012, name: kwatchdog preemptcount: 1, expected: 0 RCU nest depth: 0, expected: 0 getrandomu32+0x4f/0x110 clocksourceverifychoosecpus+0xab/0x1a0 clocksourceverifypercpu.part.0+0x6b/0x330 clocksourcewatchdogkthread+0x193/0x1a0

It is due to the fact that clocksourceverifychoosecpus() is invoked with preemption disabled. This function invokes getrandomu32() to obtain random numbers for choosing CPUs. The batchedentropy32 local lock and/or the basecrng.lock spinlock in driver/char/random.c will be acquired during the call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot be acquired in atomic context.

Fix this problem by using migratedisable() to allow smpprocessorid() to be reliably used without introducing atomic context. preemptdisable() is then called after clocksourceverifychoose_cpus() but before the clocksource measurement is being run to avoid introducing unexpected latency.