CVE-2024-36936

In the Linux kernel, the following vulnerability has been resolved:
efi/unaccepted: touch soft lockup during memory accept Commit 50e782a86c98
(“efi/unaccepted: Fix soft lockups caused by parallel memory acceptance”)
has released the spinlock so other CPUs can do memory acceptance in
parallel and not triggers softlockup on other CPUs. However the softlock up
was intermittent shown up if the memory of the TD guest is large, and the
timeout of softlockup is set to 1 second: RIP:
0010:_raw_spin_unlock_irqrestore Call Trace: ? __hrtimer_run_queues <IRQ> ?
hrtimer_interrupt ? watchdog_timer_fn ? __sysvec_apic_timer_interrupt ?
__pfx_watchdog_timer_fn ? sysvec_apic_timer_interrupt </IRQ> ?
__hrtimer_run_queues <TASK> ? hrtimer_interrupt ?
asm_sysvec_apic_timer_interrupt ? _raw_spin_unlock_irqrestore ?
__sysvec_apic_timer_interrupt ? sysvec_apic_timer_interrupt accept_memory
try_to_accept_memory do_huge_pmd_anonymous_page get_page_from_freelist
__handle_mm_fault __alloc_pages __folio_alloc ? __tdx_hypercall
handle_mm_fault vma_alloc_folio do_user_addr_fault
do_huge_pmd_anonymous_page exc_page_fault ? __do_huge_pmd_anonymous_page
asm_exc_page_fault __handle_mm_fault When the local irq is enabled at the
end of accept_memory(), the softlockup detects that the watchdog on single
CPU has not been fed for a while. That is to say, even other CPUs will not
be blocked by spinlock, the current CPU might be stunk with local irq
disabled for a while, which hurts not only nmi watchdog but also
softlockup. Chao Gao pointed out that the memory accept could be time
costly and there was similar report before. Thus to avoid any softlocup
detection during this stage, give the softlockup a flag to skip the timeout
check at the end of accept_memory(), by invoking
touch_softlockup_watchdog().