From: Greg Kroah-Hartman Date: Sun, 6 Jul 2025 11:46:05 +0000 (+0200) Subject: 6.1-stable patches X-Git-Tag: v5.15.187~67 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4847a7597872c6d6362e168d935c84ee7d75361a;p=thirdparty%2Fkernel%2Fstable-queue.git 6.1-stable patches added patches: rtc-cmos-use-spin_lock_irqsave-in-cmos_interrupt.patch series --- diff --git a/queue-6.1/rtc-cmos-use-spin_lock_irqsave-in-cmos_interrupt.patch b/queue-6.1/rtc-cmos-use-spin_lock_irqsave-in-cmos_interrupt.patch new file mode 100644 index 0000000000..dd542d9e61 --- /dev/null +++ b/queue-6.1/rtc-cmos-use-spin_lock_irqsave-in-cmos_interrupt.patch @@ -0,0 +1,80 @@ +From 00a39d8652ff9088de07a6fe6e9e1893452fe0dd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Mateusz=20Jo=C5=84czyk?= +Date: Sat, 7 Jun 2025 23:06:08 +0200 +Subject: rtc: cmos: use spin_lock_irqsave in cmos_interrupt +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Mateusz Jończyk + +commit 00a39d8652ff9088de07a6fe6e9e1893452fe0dd upstream. + +cmos_interrupt() can be called in a non-interrupt context, such as in +an ACPI event handler (which runs in an interrupt thread). Therefore, +usage of spin_lock(&rtc_lock) is insecure. Use spin_lock_irqsave() / +spin_unlock_irqrestore() instead. + +Before a misguided +commit 6950d046eb6e ("rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ") +the cmos_interrupt() function used spin_lock_irqsave(). That commit +changed it to spin_lock() and broke locking, which was partially fixed in +commit 13be2efc390a ("rtc: cmos: Disable irq around direct invocation of cmos_interrupt()") + +That second commit did not take account of the ACPI fixed event handler +pathway, however. It introduced local_irq_disable() workarounds in +cmos_check_wkalrm(), which can cause problems on PREEMPT_RT kernels +and are now unnecessary. + +Add an explicit comment so that this change will not be reverted by +mistake. + +Cc: stable@vger.kernel.org +Fixes: 6950d046eb6e ("rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ") +Signed-off-by: Mateusz Jończyk +Reviewed-by: Sebastian Andrzej Siewior +Tested-by: Chris Bainbridge +Reported-by: Chris Bainbridge +Closes: https://lore.kernel.org/all/aDtJ92foPUYmGheF@debian.local/ +Link: https://lore.kernel.org/r/20250607210608.14835-1-mat.jonczyk@o2.pl +Signed-off-by: Alexandre Belloni +Signed-off-by: Greg Kroah-Hartman +--- + drivers/rtc/rtc-cmos.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +--- a/drivers/rtc/rtc-cmos.c ++++ b/drivers/rtc/rtc-cmos.c +@@ -697,8 +697,12 @@ static irqreturn_t cmos_interrupt(int ir + { + u8 irqstat; + u8 rtc_control; ++ unsigned long flags; + +- spin_lock(&rtc_lock); ++ /* We cannot use spin_lock() here, as cmos_interrupt() is also called ++ * in a non-irq context. ++ */ ++ spin_lock_irqsave(&rtc_lock, flags); + + /* When the HPET interrupt handler calls us, the interrupt + * status is passed as arg1 instead of the irq number. But +@@ -732,7 +736,7 @@ static irqreturn_t cmos_interrupt(int ir + hpet_mask_rtc_irq_bit(RTC_AIE); + CMOS_READ(RTC_INTR_FLAGS); + } +- spin_unlock(&rtc_lock); ++ spin_unlock_irqrestore(&rtc_lock, flags); + + if (is_intr(irqstat)) { + rtc_update_irq(p, 1, irqstat); +@@ -1289,9 +1293,7 @@ static void cmos_check_wkalrm(struct dev + * ACK the rtc irq here + */ + if (t_now >= cmos->alarm_expires && cmos_use_acpi_alarm()) { +- local_irq_disable(); + cmos_interrupt(0, (void *)cmos->rtc); +- local_irq_enable(); + return; + } + diff --git a/queue-6.1/series b/queue-6.1/series new file mode 100644 index 0000000000..eb14904dfb --- /dev/null +++ b/queue-6.1/series @@ -0,0 +1 @@ +rtc-cmos-use-spin_lock_irqsave-in-cmos_interrupt.patch