Linux Kernel PowerPC PCI Locking Vulnerability in get_phb_number() Function

A vulnerability has been identified in the Linux kernel's PowerPC PCI implementation, specifically within the get_phb_number() function. This issue arises from a recent change that introduced a DEBUG_ATOMIC_SLEEP warning on certain systems. The warning indicates that a sleeping function was called from an invalid context, disrupting the expected execution flow. The root cause lies in the interaction between pcibios_alloc_controller() and the device tree lookup routines, which can sleep. The hose_spinlock, used to protect critical data structures, was improperly held during these operations, leading to potential concurrency issues.

Impact

Exploitation of this vulnerability could cause a DEBUG_ATOMIC_SLEEP warning, indicating a disruption in the expected execution context, which could potentially be exploited to cause a denial of service by disrupting normal kernel operations.

Reproduction

The vulnerability can be reproduced by invoking the get_phb_number() function in a context where the hose_spinlock is held. This will trigger a DEBUG_ATOMIC_SLEEP warning, indicating that a sleeping function was called from an invalid context, disrupting normal execution flow.

Remediation

Users can apply the latest patches from the official Linux kernel repository to address this vulnerability.