Linux Kernel Ceph Module Deadlock Vulnerability

A deadlock vulnerability has been identified in the Ceph file system implementation of the Linux kernel. This issue arises when the client holds certain file operation caps while waiting for a metadata server (MDS) to respond, creating a circular wait condition. The vulnerability occurs in scenarios where a file is created with read-write permissions and the request is sent to a specific MDS. The problem is triggered when the client attempts to write to the file, prompting a request for file metadata that conflicts with the client's held caps, leading to a deadlock.

Impact

Exploitation of this vulnerability causes a deadlock condition, where the system becomes unresponsive due to circular waiting, effectively halting progress on the involved operations.

Reproduction

To reproduce this vulnerability, mount a Ceph file system with the 'wsync' option. Create a file with read-write permissions, which will initiate a request to the metadata server. Once the file is created, write to it, which will trigger a request for file metadata. This request will conflict with the file operation caps held by the client, causing a deadlock with the metadata server.