Linux Kernel Cgroup/Cpuset Kernfs Active Break Removal Vulnerability

A vulnerability in the Linux kernel's cgroup cpuset management has been addressed. The issue arose from a warning related to the kernfs active protection mechanism. When the cpuset.cpus file was modified, the cgroup removal process could interfere, leading to a warning about active protection not being properly managed. This situation was caused by recent changes that made cpuset hotplug processing asynchronous, creating potential circular locking dependencies that could result in deadlocks. The vulnerability has been resolved by synchronizing cpuset hotplug processing, eliminating the need for manual intervention in the active protection, and preventing concurrent hotplug and cpuset operations from conflicting.

Impact

The vulnerability could lead to warnings about improper management of kernfs active protection, potentially causing confusion or misinterpretation of the cpuset management state.

Reproduction

To reproduce this vulnerability, remove a cpuset directory while concurrently writing to the cpuset.cpus file. This can be done by echoing a value into cpuset.cpus while the cgroup is being removed, which will trigger a warning about the active protection not being properly handled.

Remediation

The vulnerability has been addressed in the Linux kernel by synchronizing cpuset hotplug processing and removing the need for manual intervention in the kernfs active protection. Users should update to the latest version of the Linux kernel where this vulnerability has been fixed.