Linux Kernel GFS2 Filesystem Recursive Memory Reclaim Vulnerability

A vulnerability in the Linux kernel's GFS2 filesystem can lead to recursive memory reclaim, causing stack memory exhaustion and potential deadlocks. This issue arises because the 'new_inode()' function sets the 'gfp_mask' of new inodes to 'GFP_HIGHUSER_MOVABLE', which includes the '__GFP_FS' flag. This allows memory allocations to recurse into filesystem reclaim operations. The problem is exacerbated by the fact that 'gfs2_unstuff_dinode()' is called during filesystem transactions, which can trigger memory reclaim and, if it recurses back into the filesystem, cause a deadlock. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to stack overflows and deadlocks within the GFS2 filesystem.

Reproduction

The vulnerability can be reproduced by creating a GFS2 filesystem and performing operations that trigger the 'gfs2_unstuff_dinode()' function within a filesystem transaction. This will cause the memory reclaim process to recurse into the filesystem, potentially leading to a deadlock.

Remediation

The vulnerability has been addressed by modifying the 'gfp_mask' of GFS2 inode address spaces to exclude the '__GFP_FS' flag, preventing recursive memory reclaim into the filesystem. Users should upgrade to the latest version of the Linux kernel where this patch is applied.