CVE-2023-54267

In the Linux kernel, the following vulnerability has been resolved:

powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT

lppaca_shared_proc() takes a pointer to the lppaca which is typically
accessed through get_lppaca().  With DEBUG_PREEMPT enabled, this leads
to checking if preemption is enabled, for example:

  BUG: using smp_processor_id() in preemptible [00000000] code: grep/10693
  caller is lparcfg_data+0x408/0x19a0
  CPU: 4 PID: 10693 Comm: grep Not tainted 6.5.0-rc3 #2
  Call Trace:
    dump_stack_lvl+0x154/0x200 (unreliable)
    check_preemption_disabled+0x214/0x220
    lparcfg_data+0x408/0x19a0
    ...

This isn't actually a problem however, as it does not matter which
lppaca is accessed, the shared proc state will be the same.
vcpudispatch_stats_procfs_init() already works around this by disabling
preemption, but the lparcfg code does not, erroring any time
/proc/powerpc/lparcfg is accessed with DEBUG_PREEMPT enabled.

Instead of disabling preemption on the caller side, rework
lppaca_shared_proc() to not take a pointer and instead directly access
the lppaca, bypassing any potential preemption checks.

[mpe: Rework to avoid needing a definition in paca.h and lppaca.h]
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
References
https://git.kernel.org/stable/c/2935443dc9c28499223d8c881474259e4b998f2a
https://git.kernel.org/stable/c/3c5e8e666794d7dde6d14ea846c6c04f2bb34900
https://git.kernel.org/stable/c/4c8568cf4c45b415854195c8832b557cdefba57a
https://git.kernel.org/stable/c/953c54dfdc5d3eb7243ed902b50acb5ea1db4355
https://git.kernel.org/stable/c/eac030b22ea12cdfcbb2e941c21c03964403c63f
https://git.kernel.org/stable/c/f45ee5c074013a0fbfce77a5af5efddb01f5d4f4