Linux Kernel RISCV Preemption Vulnerability in Ftrace Handling

A vulnerability in the Linux kernel's handling of function tracing (ftrace) on RISCV architecture can lead to a kernel panic. This issue arises because an AUIPC + JALR pair is needed to encode an immediate jump to an address over 4K. The vulnerability occurs when kernel preemption is enabled, creating a dependency on patching code with stop_machine(). If a task is switched out during the AUIPC instruction and the ftrace function is changed before the task is switched back, it can result in an incorrect jump to an address with mixed bit values, causing a panic. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

To reproduce this vulnerability, enable kernel preemption on a RISCV system and use the ftrace functionality. The issue will manifest as a kernel panic, indicating a problem with the function tracing due to the preemption handling.

Remediation

Users can apply the available patch in the Linux kernel stable tree to address this vulnerability.