cve/published/2024/CVE-2024-57838.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 s390/entry: Mark IRQ entries to fix stack depot warnings

 The stack depot filters out everything outside of the top interrupt
 context as an uninteresting or irrelevant part of the stack traces. This
 helps with stack trace de-duplication, avoiding an explosion of saved
 stack traces that share the same IRQ context code path but originate
 from different randomly interrupted points, eventually exhausting the
 stack depot.

 Filtering uses in_irqentry_text() to identify functions within the
 .irqentry.text and .softirqentry.text sections, which then become the
 last stack trace entries being saved.

 While __do_softirq() is placed into the .softirqentry.text section by
 common code, populating .irqentry.text is architecture-specific.

 Currently, the .irqentry.text section on s390 is empty, which prevents
 stack depot filtering and de-duplication and could result in warnings
 like:

 Stack depot reached limit capacity
 WARNING: CPU: 0 PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+0x39a/0x3c8

 with PREEMPT and KASAN enabled.

 Fix this by moving the IO/EXT interrupt handlers from .kprobes.text into
 the .irqentry.text section and updating the kprobes blacklist to include
 the .irqentry.text section.

 This is done only for asynchronous interrupts and explicitly not for
 program checks, which are synchronous and where the context beyond the
 program check is important to preserve. Despite machine checks being
 somewhat in between, they are extremely rare, and preserving context
 when possible is also of value.

 SVCs and Restart Interrupts are not relevant, one being always at the
 boundary to user space and the other being a one-time thing.

 IRQ entries filtering is also optionally used in ftrace function graph,
 where the same logic applies.

 The Linux kernel CVE team has assigned CVE-2024-57838 to this issue.


 Affected and fixed versions
 ===========================

 	Fixed in 5.15.174 with commit ca687fdce5b95f84d91d6e36ac77047771eb3dfc
 	Fixed in 6.1.120 with commit 5bb7a2c3afcf8732dc65ea49c09147b07da1d993
 	Fixed in 6.6.64 with commit 1af22528fee8072b7adc007b8ca49cc4ea62689e
 	Fixed in 6.12.4 with commit 473ffae3030188f1c6b80e1b3631a26b4adf7b32
 	Fixed in 6.13 with commit 45c9f2b856a075a34873d00788d2e8a250c1effd

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-57838
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	arch/s390/kernel/entry.S
 	arch/s390/kernel/kprobes.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/ca687fdce5b95f84d91d6e36ac77047771eb3dfc
 	https://git.kernel.org/stable/c/5bb7a2c3afcf8732dc65ea49c09147b07da1d993
 	https://git.kernel.org/stable/c/1af22528fee8072b7adc007b8ca49cc4ea62689e
 	https://git.kernel.org/stable/c/473ffae3030188f1c6b80e1b3631a26b4adf7b32
 	https://git.kernel.org/stable/c/45c9f2b856a075a34873d00788d2e8a250c1effd
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	s390/entry: Mark IRQ entries to fix stack depot warnings

	The stack depot filters out everything outside of the top interrupt
	context as an uninteresting or irrelevant part of the stack traces. This
	helps with stack trace de-duplication, avoiding an explosion of saved
	stack traces that share the same IRQ context code path but originate
	from different randomly interrupted points, eventually exhausting the
	stack depot.

	Filtering uses in_irqentry_text() to identify functions within the
	.irqentry.text and .softirqentry.text sections, which then become the
	last stack trace entries being saved.

	While __do_softirq() is placed into the .softirqentry.text section by
	common code, populating .irqentry.text is architecture-specific.

	Currently, the .irqentry.text section on s390 is empty, which prevents
	stack depot filtering and de-duplication and could result in warnings
	like:

	Stack depot reached limit capacity
	WARNING: CPU: 0 PID: 286113 at lib/stackdepot.c:252 depot_alloc_stack+0x39a/0x3c8

	with PREEMPT and KASAN enabled.

	Fix this by moving the IO/EXT interrupt handlers from .kprobes.text into
	the .irqentry.text section and updating the kprobes blacklist to include
	the .irqentry.text section.

	This is done only for asynchronous interrupts and explicitly not for
	program checks, which are synchronous and where the context beyond the
	program check is important to preserve. Despite machine checks being
	somewhat in between, they are extremely rare, and preserving context
	when possible is also of value.

	SVCs and Restart Interrupts are not relevant, one being always at the
	boundary to user space and the other being a one-time thing.

	IRQ entries filtering is also optionally used in ftrace function graph,
	where the same logic applies.

	The Linux kernel CVE team has assigned CVE-2024-57838 to this issue.


	Affected and fixed versions
	===========================

	Fixed in 5.15.174 with commit ca687fdce5b95f84d91d6e36ac77047771eb3dfc
	Fixed in 6.1.120 with commit 5bb7a2c3afcf8732dc65ea49c09147b07da1d993
	Fixed in 6.6.64 with commit 1af22528fee8072b7adc007b8ca49cc4ea62689e
	Fixed in 6.12.4 with commit 473ffae3030188f1c6b80e1b3631a26b4adf7b32
	Fixed in 6.13 with commit 45c9f2b856a075a34873d00788d2e8a250c1effd

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-57838
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	arch/s390/kernel/entry.S
	arch/s390/kernel/kprobes.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/ca687fdce5b95f84d91d6e36ac77047771eb3dfc
	https://git.kernel.org/stable/c/5bb7a2c3afcf8732dc65ea49c09147b07da1d993
	https://git.kernel.org/stable/c/1af22528fee8072b7adc007b8ca49cc4ea62689e
	https://git.kernel.org/stable/c/473ffae3030188f1c6b80e1b3631a26b4adf7b32
	https://git.kernel.org/stable/c/45c9f2b856a075a34873d00788d2e8a250c1effd