Linux Kernel Hrtimer Migration Vulnerability During CPU Hotplug

A vulnerability exists in the Linux kernel's hrtimer management during CPU hotplug operations. When a CPU is marked as dying, hrtimers should be migrated to an online CPU to avoid disrupting bandwidth timer tasks. However, the outgoing CPU can still perform wakeups that rearm bandwidth timers, potentially leading to them being directed to an offline CPU, where they are ignored. This issue affects the RCU subsystem and the stop machine kthread, which can inadvertently arm timers from an offline CPU, causing them to be mismanaged. The vulnerability arises because the hrtimer infrastructure does not consistently migrate timers from offline to online CPUs, especially when timers are enqueued from a dying CPU.

Impact

The vulnerability can cause mismanagement of bandwidth timers, particularly in the RCU subsystem, by allowing timers to be armed from an offline CPU and then ignored, disrupting the expected timing and coordination of tasks.

Remediation

The vulnerability has been addressed by modifying the hrtimer infrastructure to ensure that timers are always migrated to an online CPU whenever they are enqueued from an offline CPU. This change allows for the removal of previous workarounds implemented for the RCU subsystem.