Linux Kernel net/mlx5 Lockdep Assertion Synchronization Unload Event Vulnerability

A lock dependency assertion issue has been addressed in the Linux kernel's net/mlx5 component. This vulnerability arose during the synchronization reset unload process, particularly when the 'devlink reload fw_activate' option was used. The problem occurred because the Physical Function (PF) held the devlink lock while managing the unload event, leading to a double-locking situation. The solution involves delegating the handling of the synchronization reset unload event back to the devlink callback process, thereby avoiding the double-locking issue and resolving the associated lockdep warning.

Impact

Exploitation of this vulnerability could lead to a deadlock situation, where two or more processes are unable to proceed because each is waiting for the other to release a resource, potentially causing system instability.

Reproduction

To reproduce this issue, initiate a synchronization reset unload event in the net/mlx5 component while the devlink lock is already held by the Physical Function. This can be done by using the 'devlink reload fw_activate' option, which triggers the unload event while the lock is still active, creating a lock dependency assertion warning.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.