Linux Kernel Spinlock IRQ Flag Vulnerability in Device Power Management

A vulnerability exists in the Linux kernel's power management subsystem, specifically within the device_pm_check_callbacks() function. This issue arises because the function can be called while holding a spinlock, which leads to an improper handling of interrupt flags. The function uses spin_lock_irq() and spin_unlock_irq(), without preserving the CPU's interrupt state, creating a potential for interrupt handling errors. The vulnerability was identified in version 5.17.0-rc6.

Impact

The vulnerability can lead to incorrect interrupt flag handling, which may cause disruptions in how the system manages interrupts. This could potentially allow for interrupts to be missed or improperly processed, leading to unpredictable behavior in the system's operation.

Reproduction

The vulnerability can be reproduced by calling the device_pm_check_callbacks() function while holding a spinlock, particularly in scenarios where the generic power domain (genpd) is using spinlocks instead of mutexes. This sequence of actions will trigger a warning about the improper restoration of interrupt flags, indicating that the vulnerability is present.