cve/published/2024/CVE-2024-56760.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-56760: PCI/MSI: Handle lack of irqdomain gracefully

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 PCI/MSI: Handle lack of irqdomain gracefully

 Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a
 RISCV platform which does not provide PCI/MSI support:

  WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121 pci_msi_setup_msi_irqs+0x2c/0x32
  __pci_enable_msix_range+0x30c/0x596
  pci_msi_setup_msi_irqs+0x2c/0x32
  pci_alloc_irq_vectors_affinity+0xb8/0xe2

 RISCV uses hierarchical interrupt domains and correctly does not implement
 the legacy fallback. The warning triggers from the legacy fallback stub.

 That warning is bogus as the PCI/MSI layer knows whether a PCI/MSI parent
 domain is associated with the device or not. There is a check for MSI-X,
 which has a legacy assumption. But that legacy fallback assumption is only
 valid when legacy support is enabled, but otherwise the check should simply
 return -ENOTSUPP.

 Loongarch tripped over the same problem and blindly enabled legacy support
 without implementing the legacy fallbacks. There are weak implementations
 which return an error, so the problem was papered over.

 Correct pci_msi_domain_supports() to evaluate the legacy mode and add
 the missing supported check into the MSI enable path to complete it.

 The Linux kernel CVE team has assigned CVE-2024-56760 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.6.69 with commit b1f7476e07b93d65a1a3643dcb4a7bed80d4328d
 	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.12.8 with commit aed157301c659a48f5564cc4568cf0e5c8831af0
 	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.13 with commit a60b990798eb17433d0283788280422b1bd94b18

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-56760
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/pci/msi/irqdomain.c
 	drivers/pci/msi/msi.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/b1f7476e07b93d65a1a3643dcb4a7bed80d4328d
 	https://git.kernel.org/stable/c/aed157301c659a48f5564cc4568cf0e5c8831af0
 	https://git.kernel.org/stable/c/a60b990798eb17433d0283788280422b1bd94b18
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-56760: PCI/MSI: Handle lack of irqdomain gracefully

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	PCI/MSI: Handle lack of irqdomain gracefully

	Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a
	RISCV platform which does not provide PCI/MSI support:

	WARNING: CPU: 1 PID: 1 at drivers/pci/msi/msi.h:121 pci_msi_setup_msi_irqs+0x2c/0x32
	__pci_enable_msix_range+0x30c/0x596
	pci_msi_setup_msi_irqs+0x2c/0x32
	pci_alloc_irq_vectors_affinity+0xb8/0xe2

	RISCV uses hierarchical interrupt domains and correctly does not implement
	the legacy fallback. The warning triggers from the legacy fallback stub.

	That warning is bogus as the PCI/MSI layer knows whether a PCI/MSI parent
	domain is associated with the device or not. There is a check for MSI-X,
	which has a legacy assumption. But that legacy fallback assumption is only
	valid when legacy support is enabled, but otherwise the check should simply
	return -ENOTSUPP.

	Loongarch tripped over the same problem and blindly enabled legacy support
	without implementing the legacy fallbacks. There are weak implementations
	which return an error, so the problem was papered over.

	Correct pci_msi_domain_supports() to evaluate the legacy mode and add
	the missing supported check into the MSI enable path to complete it.

	The Linux kernel CVE team has assigned CVE-2024-56760 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.6.69 with commit b1f7476e07b93d65a1a3643dcb4a7bed80d4328d
	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.12.8 with commit aed157301c659a48f5564cc4568cf0e5c8831af0
	Issue introduced in 6.2 with commit d2a463b297415ca6dd4d60bb1c867dd7c931587b and fixed in 6.13 with commit a60b990798eb17433d0283788280422b1bd94b18

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-56760
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/pci/msi/irqdomain.c
	drivers/pci/msi/msi.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/b1f7476e07b93d65a1a3643dcb4a7bed80d4328d
	https://git.kernel.org/stable/c/aed157301c659a48f5564cc4568cf0e5c8831af0
	https://git.kernel.org/stable/c/a60b990798eb17433d0283788280422b1bd94b18