CVE-2025-21876

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix suspicious RCU usage

Commit <d74169ceb0d2> ("iommu/vt-d: Allocate DMAR fault interrupts locally") moved the call to enabledrhdfaulthandling() to a code path that does not hold any lock while traversing the drhd list. Fix it by ensuring the dmarglobal_lock lock is held when traversing the drhd list.

Without this fix, the following warning is triggered: ============================= WARNING: suspicious RCU usage 6.14.0-rc3 #55 Not tainted

drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!! other info that might help us debug this: rcuscheduleractive = 1, debuglocks = 1 2 locks held by cpuhp/1/23: #0: ffffffff84a67c50 (cpuhotpluglock){++++}-{0:0}, at: cpuhpthreadfun+0x87/0x2c0 #1: ffffffff84a6a380 (cpuhpstate-up){+.+.}-{0:0}, at: cpuhpthreadfun+0x87/0x2c0 stack backtrace: CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55 Call Trace: <TASK> dumpstacklvl+0xb7/0xd0 lockdeprcususpicious+0x159/0x1f0 ? __pfxenabledrhd_faulthandling+0x10/0x10 enabledrhdfaulthandling+0x151/0x180 cpuhpinvokecallback+0x1df/0x990 cpuhpthreadfun+0x1ea/0x2c0 smpbootthreadfn+0x1f5/0x2e0 ? __pfxsmpbootthread_fn+0x10/0x10 kthread+0x12a/0x2d0 ? __pfxkthread+0x10/0x10 retfrom_fork+0x4a/0x60 ? __pfxkthread+0x10/0x10 retfromforkasm+0x1a/0x30 </TASK>

Holding the lock in enabledrhdfaulthandling() triggers a lockdep splat about a possible deadlock between dmargloballock and cpuhotpluglock. This is avoided by not holding dmargloballock when calling iommudevice_register(), which initiates the device probe process.