Linux Kernel ptr_ring Hard Interrupt Blocking Vulnerability

A vulnerability in the Linux kernel's ptr_ring implementation was introduced by a hard interrupt blocking in the ptr_ring_resize_multiple() function. This issue was identified by syzbot, which reported a warning related to the blocking of hard interrupts. The vulnerability arises because the current users of ptr_ring_resize_multiple() do not require hard interrupts to be masked. The issue has been addressed by modifying the function to only block bottom halves of interrupts, renaming it to ptr_ring_resize_multiple_bh(). Additionally, a similar change was made to the skb_array_resize_multiple() function. The vulnerability was present in Linux kernel version 6.11.0-rc3.

Impact

Blocking hard interrupts can lead to performance degradation and potentially cause deadlocks in the system, as critical interrupt-driven tasks may be delayed or prevented from executing.

Reproduction

The vulnerability can be reproduced by using the ptr_ring_resize_multiple() function in a context where hard interrupts are active. This will trigger a warning about the improper blocking of hard interrupts, indicating that the function is not safe to use in that context.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been addressed. Consult the Linux kernel changelog or your distribution's update guidelines for specific instructions.