CVE-2024-56589: Resolving Linux Kernel Vulnerability in SCSI - hisi_sas Driver

A vulnerability has been addressed and resolved in the Linux kernel, specifically in the SCSI subsystem and the hisi_sas device driver. The vulnerability led to soft lockup situations where CPU usage is continuously consumed, preventing the watchdog thread from running and causing call traces.

The vulnerability was found in the "scsi: hisi_sas: Add cond_resched() for no forced preemption model" kernel configuration. This issue most commonly occurred when an expander was connected to 12 high-performance SAS SSDs.

The core of the issue was in how the hisi_sas driver would execute both the hardware interrupt handler and the interrupt thread on the same CPU. In situations with heavy performance, the function irq_wait_for_interrupt() would always return if several interrupts occurred, thus leading to complete CPU consumption. Additionally, the CPU was unable to run the watchdog thread and therefore would generate call traces when the watchdog time exceeded its specified limit.

To resolve the vulnerability, the developers added the cond_resched() function to ensure that the watchdog thread would get a chance to execute. For more information on the issue and details of the solution, refer to the original release notes here.

Here is the code snippet of the patch that resolves the issue

+++ b/drivers/scsi/hisi_sas/hisi_sas_main.c
@@ -801,7 +801,7 @@ static irqreturn_t cq_interrupt_v3_hw(int irq_no, void *p)
 	irq_thread_fn(irq_no, p);

 	spin_unlock_irqrestore(&hisi_hba->lock, flags);
-
+	_cond_resched();
 	return IRQ_HANDLED;
 }

In summary, the vulnerability led to soft lockups and call traces due to the hardware interrupt handler and the interrupt thread running on the same CPU which resulted in CPU exhaustion. The resolution involved adding the cond_resched() function to provide the watchdog thread an opportunity to run, thereby avoiding soft lockup situations. Original references to this solution can be found in the release notes and the submitted patches, here:

- Release notes
- Patch submission and discussion

It is important to update your kernel to the patched version to ensure protection against this vulnerability in your systems.

Timeline

Published on: 12/27/2024 15:15:18 UTC
Last modified on: 01/20/2025 06:23:39 UTC