Linux Kernel RCU Priority Boosting Vulnerability in rcutorture

A vulnerability in the Linux kernel's RCU (Read-Copy-Update) priority boosting mechanism has been identified within the rcutorture testing tool. This issue arises when the number of CPUs exceeds those activated at boot, causing later-activated CPUs to miss out on crucial performance boosts. Additionally, a timing flaw allows certain kthreads to be delayed while waiting for ksoftirqd threads, which can still be active at normal scheduling priority, despite the boosted kthreads running at FIFO priority. This vulnerability can be reproduced by running the rcutorture test with specific configurations that enable RCU boosting, after the ksoftirqd threads have been created, creating a window where the boosting fails.

Impact

Exploitation of this vulnerability can lead to improper RCU priority boosting, causing certain kthreads to wait unnecessarily for ksoftirqd threads, which can disrupt the intended performance and timing of RCU operations.

Reproduction

The vulnerability can be reproduced by using the rcutorture tool with the 'kvm.sh' script, applying the 'TREE01' configuration and the 'CONFIG_RCU_BOOST' option. This setup will activate the RCU boosting feature, but the ksoftirqd threads will still be running at normal priority, creating a conflict that the rcutorture test threads will have to wait on.