Linux Kernel Cherry View and Broxton SoC Lock Inversion Vulnerability

A vulnerability in the Linux kernel's Intel graphics driver can lead to a deadlock when pinning a virtual memory area (VMA) to the Graphics General Purpose Translation Table (GGTT) on Cherry View processors or Broxton generation SoCs with Virtualization Technology for Directed I/O (VTD) enabled. This issue arises because the operation can cause a circular locking dependency between the reservation and CPU hotplug locks, potentially freezing the system.

Impact

Exploitation of this vulnerability can cause a system freeze by creating a deadlock situation, where two or more processes are unable to proceed because each is waiting for the other to release a resource.

Reproduction

To reproduce this vulnerability, load the Intel graphics driver on a Cherry View family processor or a Broxton generation SoC with VTD enabled. Once the driver is active, the vulnerability can be triggered by pinning a VMA to the GGTT address space, which will invoke a function that updates the GGTT while the CPU hotplug lock is also acquired. This sequence of actions will create the locking inversion that leads to the deadlock.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for updating the kernel can be found in the official Linux documentation.