cve/published/2024/CVE-2024-53223.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-53223: clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs

 Base clocks are the first in being probed and are real dependencies of the
 rest of fixed, factor and peripheral clocks. For old ralink SoCs RT2880,
 RT305x and RT3883 'xtal' must be defined first since in any other case,
 when fixed clocks are probed they are delayed until 'xtal' is probed so the
 following warning appears:

  WARNING: CPU: 0 PID: 0 at drivers/clk/ralink/clk-mtmips.c:499 rt3883_bus_recalc_rate+0x98/0x138
  Modules linked in:
  CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.43 #0
  Stack : 805e58d0 00000000 00000004 8004f950 00000000 00000004 00000000 00000000
  80669c54 80830000 80700000 805ae570 80670068 00000001 80669bf8 00000000
  00000000 00000000 805ae570 80669b38 00000020 804db7dc 00000000 00000000
  203a6d6d 80669b78 80669e48 70617773 00000000 805ae570 00000000 00000009
  00000000 00000001 00000004 00000001 00000000 00000000 83fe43b0 00000000
  ...
  Call Trace:
  [<800065d0>] show_stack+0x64/0xf4
  [<804bca14>] dump_stack_lvl+0x38/0x60
  [<800218ac>] __warn+0x94/0xe4
  [<8002195c>] warn_slowpath_fmt+0x60/0x94
  [<80259ff8>] rt3883_bus_recalc_rate+0x98/0x138
  [<80254530>] __clk_register+0x568/0x688
  [<80254838>] of_clk_hw_register+0x18/0x2c
  [<8070b910>] rt2880_clk_of_clk_init_driver+0x18c/0x594
  [<8070b628>] of_clk_init+0x1c0/0x23c
  [<806fc448>] plat_time_init+0x58/0x18c
  [<806fdaf0>] time_init+0x10/0x6c
  [<806f9bc4>] start_kernel+0x458/0x67c

  ---[ end trace 0000000000000000 ]---

 When this driver was mainlined we could not find any active users of old
 ralink SoCs so we cannot perform any real tests for them. Now, one user
 of a Belkin f9k1109 version 1 device which uses RT3883 SoC appeared and
 reported some issues in openWRT:
 - https://github.com/openwrt/openwrt/issues/16054

 Thus, define a 'rt2880_xtal_recalc_rate()' just returning the expected
 frequency 40Mhz and use it along the old ralink SoCs to have a correct
 boot trace with no warnings and a working clock plan from the beggining.

 The Linux kernel CVE team has assigned CVE-2024-53223 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.6.64 with commit fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a
 	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.11.11 with commit fe09d609f2304c7775789090e3f006d786852148
 	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.12.2 with commit e29306c0e1ae4b434db32c90705844c77f701be5
 	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.13 with commit d34db686a3d74bd564bfce2ada15011c556269fc

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-53223
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/clk/ralink/clk-mtmips.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a
 	https://git.kernel.org/stable/c/fe09d609f2304c7775789090e3f006d786852148
 	https://git.kernel.org/stable/c/e29306c0e1ae4b434db32c90705844c77f701be5
 	https://git.kernel.org/stable/c/d34db686a3d74bd564bfce2ada15011c556269fc
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-53223: clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs

	Base clocks are the first in being probed and are real dependencies of the
	rest of fixed, factor and peripheral clocks. For old ralink SoCs RT2880,
	RT305x and RT3883 'xtal' must be defined first since in any other case,
	when fixed clocks are probed they are delayed until 'xtal' is probed so the
	following warning appears:

	WARNING: CPU: 0 PID: 0 at drivers/clk/ralink/clk-mtmips.c:499 rt3883_bus_recalc_rate+0x98/0x138
	Modules linked in:
	CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.43 #0
	Stack : 805e58d0 00000000 00000004 8004f950 00000000 00000004 00000000 00000000
	80669c54 80830000 80700000 805ae570 80670068 00000001 80669bf8 00000000
	00000000 00000000 805ae570 80669b38 00000020 804db7dc 00000000 00000000
	203a6d6d 80669b78 80669e48 70617773 00000000 805ae570 00000000 00000009
	00000000 00000001 00000004 00000001 00000000 00000000 83fe43b0 00000000
	...
	Call Trace:
	[<800065d0>] show_stack+0x64/0xf4
	[<804bca14>] dump_stack_lvl+0x38/0x60
	[<800218ac>] __warn+0x94/0xe4
	[<8002195c>] warn_slowpath_fmt+0x60/0x94
	[<80259ff8>] rt3883_bus_recalc_rate+0x98/0x138
	[<80254530>] __clk_register+0x568/0x688
	[<80254838>] of_clk_hw_register+0x18/0x2c
	[<8070b910>] rt2880_clk_of_clk_init_driver+0x18c/0x594
	[<8070b628>] of_clk_init+0x1c0/0x23c
	[<806fc448>] plat_time_init+0x58/0x18c
	[<806fdaf0>] time_init+0x10/0x6c
	[<806f9bc4>] start_kernel+0x458/0x67c

	---[ end trace 0000000000000000 ]---

	When this driver was mainlined we could not find any active users of old
	ralink SoCs so we cannot perform any real tests for them. Now, one user
	of a Belkin f9k1109 version 1 device which uses RT3883 SoC appeared and
	reported some issues in openWRT:
	- https://github.com/openwrt/openwrt/issues/16054

	Thus, define a 'rt2880_xtal_recalc_rate()' just returning the expected
	frequency 40Mhz and use it along the old ralink SoCs to have a correct
	boot trace with no warnings and a working clock plan from the beggining.

	The Linux kernel CVE team has assigned CVE-2024-53223 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.6.64 with commit fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a
	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.11.11 with commit fe09d609f2304c7775789090e3f006d786852148
	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.12.2 with commit e29306c0e1ae4b434db32c90705844c77f701be5
	Issue introduced in 6.5 with commit 6f3b15586eef736831abe6a14f2a6906bc0dc074 and fixed in 6.13 with commit d34db686a3d74bd564bfce2ada15011c556269fc

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-53223
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/clk/ralink/clk-mtmips.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a
	https://git.kernel.org/stable/c/fe09d609f2304c7775789090e3f006d786852148
	https://git.kernel.org/stable/c/e29306c0e1ae4b434db32c90705844c77f701be5
	https://git.kernel.org/stable/c/d34db686a3d74bd564bfce2ada15011c556269fc