Linux Kernel Per-CPU Page Allocation Spinlock Vulnerability on Uniprocessor Systems

A vulnerability has been identified in the Linux kernel's handling of per-cpu page allocations on uniprocessor (UP) systems. The issue arises in the page allocation code, where spinlocks are used to manage concurrency. When an interrupt occurs, it can disrupt the normal operation of these spinlocks, leading to a potential corruption of the per-cpu page structure. This problem was introduced by a previous change that left interrupts enabled for per-cpu allocations, without properly accounting for how this could cause conflicts on UP systems.

Impact

The vulnerability can lead to a corruption of the per-cpu page allocation structure, which could disrupt normal memory management operations and potentially cause instability in the system.

Reproduction

The vulnerability can be reproduced on a uniprocessor system by enabling the kernel's lock debugging features. This will expose the spinlock trylock failure, which is a symptom of the underlying issue. The problem occurs in the 'drain_pages_zone' function, where the code attempts to lock a spinlock for per-cpu page management. If an interrupt occurs at this moment, it can interfere with the locking process, especially under the SMP=n configuration, where the spinlock implementation is not designed to handle such interruptions.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the latest version can be found on the official Linux kernel website.