CVE-2024-57891: sched_ext: Fix invalid irq restore in scx_ops_bypass()
Description
In the Linux kernel, the following vulnerability has been resolved:
sched_ext: Fix invalid irq restore in scx_ops_bypass()
While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix raciness
in scx_ops_bypass()") forgot to convert an inner rq_unlock_irqrestore() to
rq_unlock() which could re-enable IRQ prematurely leading to the following
warning:
raw_local_irq_restore() called with IRQs enabled
WARNING: CPU: 1 PID: 96 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40
...
Sched_ext: create_dsq (enabling)
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : warn_bogus_irq_restore+0x30/0x40
lr : warn_bogus_irq_restore+0x30/0x40
...
Call trace:
warn_bogus_irq_restore+0x30/0x40 (P)
warn_bogus_irq_restore+0x30/0x40 (L)
scx_ops_bypass+0x224/0x3b8
scx_ops_enable.isra.0+0x2c8/0xaa8
bpf_scx_reg+0x18/0x30
...
irq event stamp: 33739
hardirqs last enabled at (33739): [] scx_ops_bypass+0x174/0x3b8
hardirqs last disabled at (33738): [] _raw_spin_lock_irqsave+0xb4/0xd8
Drop the stray _irqrestore().
Classification
CVE ID: CVE-2024-57891
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.5% (scored less or equal to compared to others)
EPSS Date: 2025-02-13 (when was this score calculated)
References
https://git.kernel.org/stable/c/786362ce60d79967875f43e0ba55ad7a5376c133https://git.kernel.org/stable/c/18b2093f4598d8ee67a8153badc93f0fa7686b8a