Linux Kernel Rockchip ARM SMP Initialization Hang Vulnerability

A vulnerability in the Linux kernel's handling of symmetric multiprocessing (SMP) initialization for Rockchip ARM processors, particularly the RK3188 model, can lead to a kernel hang. This issue arises because the main CPU writes trampoline code to SRAM while secondary CPUs are powered on. In some cases, the secondary CPUs execute this trampoline code prematurely, causing the kernel to hang. The problem has been addressed by modifying the initialization process to occur when all secondary CPUs are powered down, thereby preventing the hang.

Impact

The vulnerability can cause a kernel hang during the initialization of secondary CPUs, leading to a system freeze or unresponsiveness.

Reproduction

The vulnerability can be reproduced on a system running the Linux kernel with Rockchip ARM architecture, specifically on devices with the RK3188 CPU. During the SMP initialization process, the main CPU writes trampoline code to SRAM while secondary CPUs are still powered on. This can be observed by monitoring the CPU0 thread activity, where the 'rockchip_smp_prepare_cpus' function indicates the number of cores active.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.