A newly resolved vulnerability in the Linux kernel (platform/x86/amd/pmc) ensures that the wakeup for IRQ1 (interrupt request) is only disabled in cases where i8042 had actually enabled it. This addresses an issue where the "wake_depth" for IRQ1 would attempt to drop below zero, resulting in an unpleasant WARN() being logged. This fix is particularly important to maintain the stability and performance of Linux systems using x86 and AMD processors.
Original References:
Linux Kernel,
platform/x86/amd/pmc,
i8042
The following code snippet illustrates the patched vulnerability
/* amd_pmc_suspend_handler */
static __maybe_unused int amd_pmc_suspend_handler(struct device *dev)
{
struct i8042_hibernate_data hdata;
i8042_pm_suspend(dev, &hdata);
amd_pmc_disable_gpe_smi_isr();
i8042_pm_resume(dev, &hdata);
return ;
}
This code adds functionality to the existing amd_pmc_suspend_handler() function to properly disable IRQ1 wakeup only when i8042 has enabled it.
The PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops, which sets amd_pmc_suspend_handler() to the .suspend, .freeze, and .poweroff handlers; however, i8042_pm_suspend() is only set as the .suspend handler. This fix addresses this problem by calling the PMC suspend handler only from the same set of dev_pm_ops handlers as i8042_pm_suspend().
How to Reproduce the Issue
To reproduce the original issue, try hibernating (S4) machine after a fresh boot without putting it into s2idle first.
Conclusion
In summary, the vulnerability identified as CVE-2025-21645 compromises the Linux kernel's ability to properly disable IRQ1 wakeup, potentially causing instability and performance issues in systems using x86 and AMD processors. By addressing this bug in the platform/x86/amd/pmc component, the Linux kernel has taken significant strides in maintaining the stability and performance that users have come to expect from this popular operating system.
Timeline
Published on: 01/19/2025 11:15:10 UTC
Last modified on: 01/20/2025 06:30:04 UTC