Linux Kernel Intel Graphics Driver Full GT Reset Vulnerability in VF Access to GDRST Register

A vulnerability has been identified in the Linux kernel's Intel graphics driver, specifically within the virtual function (VF) management of the graphics technology (GT) reset process. The issue arises when a VF attempts to initiate a full GT reset without having the necessary access to the GDRST register, which is required for the reset operation. This can lead to a warning being triggered, indicating that the VF is trying to write to an inaccessible register. The vulnerability is related to the driver's handling of reset requests from VFs, particularly in response to detected hang conditions.

Impact

The vulnerability can cause a warning to be issued, indicating an invalid operation attempt by a virtual function, which could disrupt normal driver operations and potentially lead to performance issues or degraded functionality.

Reproduction

To reproduce this vulnerability, a virtual function (VF) must be configured to attempt a full graphics technology (GT) reset using the debug filesystem. This can be done by writing to the 'force_reset' file located in the debug directory for the appropriate GPU device. The driver will then attempt to perform the reset, but if the VF does not have access to the GDRST register, a warning will be generated, indicating that the VF is trying to write to an inaccessible register. This warning can be observed in the system logs, along with a stack trace showing the source of the issue in the driver's code.

Remediation

The vulnerability has been addressed in the Linux kernel by modifying the driver's behavior to send a VF_RESET action instead of attempting a GT reset when a VF lacks access to the GDRST register.