CVE-2023-54246

Summary

In the Linux kernel, the following vulnerability has been resolved:

rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()

The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hung_task_timeout_secs:

runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300"

[ 247.071753] INFO: task rcu_scale_write:59 blocked for more than 122 seconds. [ 247.072529] Not tainted 6.4.0-rc1-00134-gb9ed6de8d4ff #7 [ 247.073400] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 247.074331] task:rcu_scale_write state:D stack:30144 pid:59 ppid:2 flags:0x00004000 [ 247.075346] Call Trace: [ 247.075660] <TASK> [ 247.075965] __schedule+0x635/0x1280 [ 247.076448] ? __pfx___schedule+0x10/0x10 [ 247.076967] ? schedule_timeout+0x2dc/0x4d0 [ 247.077471] ? __pfx_lock_release+0x10/0x10 [ 247.078018] ? enqueue_timer+0xe2/0x220 [ 247.078522] schedule+0x84/0x120 [ 247.078957] schedule_timeout+0x2e1/0x4d0 [ 247.079447] ? __pfx_schedule_timeout+0x10/0x10 [ 247.080032] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.080591] ? __pfx_process_timeout+0x10/0x10 [ 247.081163] ? __pfx_sched_set_fifo_low+0x10/0x10 [ 247.081760] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.082287] rcu_scale_writer+0x6b1/0x7f0 [ 247.082773] ? mark_held_locks+0x29/0xa0 [ 247.083252] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.083865] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.084412] kthread+0x179/0x1c0 [ 247.084759] ? __pfx_kthread+0x10/0x10 [ 247.085098] ret_from_fork+0x2c/0x50 [ 247.085433] </TASK>

This commit therefore replaces schedule_timeout_uninterruptible() with schedule_timeout_idle().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdf37e66bfdbb57e8cae7dbf39a0c66b1b8701338 < 55887adc76e19aec9763186e2c1d0a3481d20e96affected
LinuxLinuxdf37e66bfdbb57e8cae7dbf39a0c66b1b8701338 < 4f03fba096bfded90e0d71eba8839a46922164d1affected
LinuxLinuxdf37e66bfdbb57e8cae7dbf39a0c66b1b8701338 < 83ed0cdb6ae0383dd14b02375c353773836884edaffected
LinuxLinuxdf37e66bfdbb57e8cae7dbf39a0c66b1b8701338 < 9416dccb31fdb190d25d57e97674f232651f6560affected
LinuxLinuxdf37e66bfdbb57e8cae7dbf39a0c66b1b8701338 < e60c122a1614b4f65b29a7bef9d83b9fd30e937aaffected
LinuxLinux4.7affected
LinuxLinux0 < 4.7unaffected
LinuxLinux5.10.197 <= 5.10.*unaffected
LinuxLinux5.15.133 <= 5.15.*unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References