CVE-2024-47143

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> dma-debug: fix a possible deadlock on radix_lock<br /> <br /> radix_lock() shouldn&amp;#39;t be held while holding dma_hash_entry[idx].lock<br /> otherwise, there&amp;#39;s a possible deadlock scenario when<br /> dma debug API is called holding rq_lock():<br /> <br /> CPU0 CPU1 CPU2<br /> dma_free_attrs()<br /> check_unmap() add_dma_entry() __schedule() //out<br /> (A) rq_lock()<br /> get_hash_bucket()<br /> (A) dma_entry_hash<br /> check_sync()<br /> (A) radix_lock() (W) dma_entry_hash<br /> dma_entry_free()<br /> (W) radix_lock()<br /> // CPU2&amp;#39;s one<br /> (W) rq_lock()<br /> <br /> CPU1 situation can happen when it extending radix tree and<br /> it tries to wake up kswapd via wake_all_kswapd().<br /> <br /> CPU2 situation can happen while perf_event_task_sched_out()<br /> (i.e. dma sync operation is called while deleting perf_event using<br /> etm and etr tmc which are Arm Coresight hwtracing driver backends).<br /> <br /> To remove this possible situation, call dma_entry_free() after<br /> put_hash_bucket() in check_unmap().