CVE-2022-50491: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2022-50491) was discovered related to the coresight cti component. The issue involves ctienablehw() and ctidisablehw() being called from an atomic context, which shouldn't use runtime PM as it can result in a sleep when communicating with firmware (NVD).

The vulnerability occurs when ctienablehw() and ctidisablehw() are called from an atomic context and attempt to use runtime PM, which can cause a sleep during firmware communication. This issue became apparent after commit 3c6656337852 which reverted 'firmware: armscmi: Add clock management to the SCMI power domain'. The problem was previously masked because pmruntime_put() was called with the wrong device until commit 692c9a499b28 (NVD).

When triggered, this vulnerability causes a system hang on Juno hardware when running Perf Coresight tests or executing specific commands like 'perf record -e cs_etm//u -- ls'. The issue manifests as a sleeping function being called from an invalid context, which can lead to system instability (NVD).

The issue has been fixed by removing the runtime PM calls completely, as they were determined to be unnecessary since the required operations must have already been performed when building the path for a trace (NVD).