{"id":"CVE-2023-53216","summary":"arm64: efi: Make efi_rt_lock a raw_spinlock","details":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: efi: Make efi_rt_lock a raw_spinlock\n\nRunning a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs\nthe following:\n  BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46\n  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9, name: kworker/u320:0\n  preempt_count: 2, expected: 0\n  RCU nest depth: 0, expected: 0\n  3 locks held by kworker/u320:0/9:\n  #0: ffff3fff8c27d128 ((wq_completion)efi_rts_wq){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41)\n  #1: ffff80000861bdd0 ((work_completion)(&efi_rts_work.work)){+.+.}-{0:0}, at: process_one_work (./include/linux/atomic/atomic-long.h:41)\n  #2: ffffdf7e1ed3e460 (efi_rt_lock){+.+.}-{3:3}, at: efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101)\n  Preemption disabled at:\n  efi_virtmap_load (./arch/arm64/include/asm/mmu_context.h:248)\n  CPU: 0 PID: 9 Comm: kworker/u320:0 Tainted: G        W          6.2.0-rc3-rt1\n  Hardware name: WIWYNN Mt.Jade Server System B81.03001.0005/Mt.Jade Motherboard, BIOS 1.08.20220218 (SCP: 1.08.20220218) 2022/02/18\n  Workqueue: efi_rts_wq efi_call_rts\n  Call trace:\n  dump_backtrace (arch/arm64/kernel/stacktrace.c:158)\n  show_stack (arch/arm64/kernel/stacktrace.c:165)\n  dump_stack_lvl (lib/dump_stack.c:107 (discriminator 4))\n  dump_stack (lib/dump_stack.c:114)\n  __might_resched (kernel/sched/core.c:10134)\n  rt_spin_lock (kernel/locking/rtmutex.c:1769 (discriminator 4))\n  efi_call_rts (drivers/firmware/efi/runtime-wrappers.c:101)\n  [...]\n\nThis seems to come from commit ff7a167961d1 (\"arm64: efi: Execute\nruntime services from a dedicated stack\") which adds a spinlock. This\nspinlock is taken through:\nefi_call_rts()\n\\-efi_call_virt()\n  \\-efi_call_virt_pointer()\n    \\-arch_efi_call_virt_setup()\n\nMake 'efi_rt_lock' a raw_spinlock to avoid being preempted.\n\n[ardb: The EFI runtime services are called with a different set of\n       translation tables, and are permitted to use the SIMD registers.\n       The context switch code preserves/restores neither, and so EFI\n       calls must be made with preemption disabled, rather than only\n       disabling migration.]","modified":"2026-04-02T09:43:48.817709Z","published":"2025-09-15T14:21:43.935Z","related":["SUSE-SU-2025:03615-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53216.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/030b1c4217a4f504c7d0795a2bd86b7181e56f11"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0e68b5517d3767562889f1d83fdb828c26adb24f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4e8f7d998b582a99aadedd07ae6086e99b89c97a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6a72729ed6accc86dad5522895e8fa2f96642a2c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b38969fa01662ec539a0d08a8ea5ec6f31fa4ed"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53216.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53216"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4012603cbd469223f225637d265a233f034c567a"},{"fixed":"030b1c4217a4f504c7d0795a2bd86b7181e56f11"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"de2af657cab92afc13a4ccd8780370481ed0eb61"},{"fixed":"6a72729ed6accc86dad5522895e8fa2f96642a2c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f75a91c82dc805af8f718ff106ec9c090234b37b"},{"fixed":"8b38969fa01662ec539a0d08a8ea5ec6f31fa4ed"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ff7a167961d1b97e0e205f245f806e564d3505e7"},{"fixed":"4e8f7d998b582a99aadedd07ae6086e99b89c97a"},{"fixed":"0e68b5517d3767562889f1d83fdb828c26adb24f"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53216.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}