Linux Kernel Coresight CTI Driver Runtime Power Management Hang Vulnerability

A vulnerability in the Linux kernel's Coresight CTI driver can cause a hang during performance tracing. This issue arises because the functions 'cti_enable_hw()' and 'cti_disable_hw()' are called from an atomic context, where they should not use runtime power management. The problem was introduced by a recent commit that reverted a previous change in the SCMI power domain, leading to a deadlock on the Juno platform when performing Coresight-related tasks. The hang occurs because the runtime PM calls can inadvertently cause a sleep while interacting with firmware, which is not permissible in this context.

Impact

Exploitation of this vulnerability leads to a deadlock, causing the system to hang indefinitely.

Reproduction

The vulnerability can be reproduced on the ARM Juno Development Platform by running the 'perf record' command with the 'cs_etm' event. This command triggers the Coresight performance tracing, which invokes the 'cti_enable_hw()' function. Due to the improper use of runtime power management in an atomic context, this operation causes a hang on the system.

Remediation

The vulnerability has been addressed by removing the unnecessary runtime power management calls from the Coresight CTI driver functions. Users should ensure they are running a version of the Linux kernel that includes this fix.