Linux Kernel NVMe Multipath Lock Dependency Warning Vulnerability

A vulnerability in the Linux kernel's NVMe multipath handling can lead to a deadlock scenario. This issue arises from the way partition scanning is managed, creating a dependency that can cause conflicts in the workqueue processing. The problem has been observed in the Linux kernel stable tree, affecting various versions.

Impact

The vulnerability can cause a deadlock, where the system becomes unresponsive due to conflicting dependencies in the task execution order.

Reproduction

The vulnerability can be reproduced by running the Blktests test cases nvme/014, 057, and 058. These test cases occasionally trigger a lock dependency warning, indicating a potential deadlock situation.

Remediation

The vulnerability has been addressed by modifying the NVMe multipath code to manage partition scanning through the NVMe workqueue, rather than the default block device workqueue. Users should update to the latest version of the Linux kernel stable tree where this fix has been applied.