Linux Kernel Blk-Iocost Spin Lock Vulnerability in Adjust Inuse and Calc Cost Function

A deadlock vulnerability has been identified in the Linux kernel's block I/O cost management, specifically within the 'adjust_inuse_and_calc_cost' function. The issue arises because the function uses 'spin_lock_irq()', which can lead to IRQ being enabled upon unlocking. This behavior creates a risk of deadlock if other locks are held and IRQs are disabled before the function is called. The vulnerability affects several versions of the Linux kernel, including 5.10.0-02758-g8e5f91fd772f.

Impact

Exploitation of this vulnerability can lead to a deadlock situation, where the system becomes unresponsive due to locked resources not being released.

Reproduction

The vulnerability can be reproduced by invoking the 'adjust_inuse_and_calc_cost' function while holding other locks and having IRQs disabled. This sequence of actions will trigger a deadlock, as the function attempts to acquire a lock while an interrupt is active, creating a conflict that halts progress.

Remediation

The vulnerability has been addressed by modifying the 'adjust_inuse_and_calc_cost' function to use 'spin_lock_irqsave()', which preserves the IRQ state correctly. Users should apply the latest patches available in the Linux kernel stable tree to mitigate this issue.