CVE-2025-38040

In the Linux kernel, the following vulnerability has been resolved:

serial: mctrlgpio: split disablems into sync and no_sync APIs

The following splat has been observed on a SAMA5D27 platform using atmel_serial:

BUG: sleeping function called from invalid context at kernel/irq/manage.c:738 inatomic(): 1, irqsdisabled(): 128, nonblock: 0, pid: 27, name: kworker/u5:0 preemptcount: 1, expected: 0 INFO: lockdep is turned off. irq event stamp: 0 hardirqs last enabled at (0): [<00000000>] 0x0 hardirqs last disabled at (0): [<c01588f0>] copyprocess+0x1c4c/0x7bec softirqs last enabled at (0): [<c0158944>] copyprocess+0x1ca0/0x7bec softirqs last disabled at (0): [<00000000>] 0x0 CPU: 0 UID: 0 PID: 27 Comm: kworker/u5:0 Not tainted 6.13.0-rc7+ #74 Hardware name: Atmel SAMA5 Workqueue: hci0 hcipoweron [bluetooth] Call trace: unwindbacktrace from showstack+0x18/0x1c showstack from dumpstacklvl+0x44/0x70 dumpstack_lvl from __might_resched+0x38c/0x598 _mightresched from disableirq+0x1c/0x48 disableirq from mctrlgpiodisablems+0x74/0xc0 mctrlgpiodisablems from atmeldisablems.part.0+0x80/0x1f4 atmeldisablems.part.0 from atmelsettermios+0x764/0x11e8 atmelsettermios from uartchangelinesettings+0x15c/0x994 uartchangelinesettings from uartsettermios+0x2b0/0x668 uartsettermios from ttysettermios+0x600/0x8ec ttysettermios from ttyportsetflowcontrol+0x188/0x1e0 ttyportsetflowcontrol from wilcsetup+0xd0/0x524 [hciwilc] wilcsetup [hciwilc] from hcidevopensync+0x330/0x203c [bluetooth] hcidevopensync [bluetooth] from hcidevdoopen+0x40/0xb0 [bluetooth] hcidevdoopen [bluetooth] from hcipoweron+0x12c/0x664 [bluetooth] hcipoweron [bluetooth] from processonework+0x998/0x1a38 processonework from workerthread+0x6e0/0xfb4 workerthread from kthread+0x3d4/0x484 kthread from retfromfork+0x14/0x28

This warning is emitted when trying to toggle, at the highest level, some flow control (with serdevdevicesetflowcontrol) in a device driver. At the lowest level, the atmelserial driver is using serialmctrlgpio lib to enable/disable the corresponding IRQs accordingly. The warning emitted by CONFIGDEBUGATOMICSLEEP is due to disableirq (called in mctrlgpiodisablems) being possibly called in some atomic context (some tty drivers perform modem lines configuration in regions protected by port lock).

Split mctrlgpiodisablems into two differents APIs, a non-blocking one and a blocking one. Replace mctrlgpiodisablems calls with the relevant version depending on whether the call is protected by some port lock.