Linux Kernel Request Queue Freezing Vulnerability in Sysfs Store Callbacks

A vulnerability exists in the Linux kernel's handling of request queues within certain sysfs store callbacks. Freezing the request queue can lead to a deadlock, particularly when used with the dm-multipath driver and the queue_if_no_path option. This issue also causes delays during system boot on platforms where sysfs attributes are processed synchronously. The vulnerability affects several different versions and ranges of the Linux kernel.

Impact

The vulnerability can cause a deadlock situation, disrupting normal operations. This is particularly problematic for systems using the dm-multipath driver, as it can halt the multipath daemon, leading to potential I/O issues.

Reproduction

The deadlock can be reproduced by running test srp/002 without the patch applied. This will cause the multipath daemon to hang, as it tries to acquire a mutex that is held by a udev worker process, which is also waiting for the multipath daemon to release a lock, creating a circular wait condition.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability. The patch removes the freezing of request queues in sysfs store callbacks that do not require it, and adds a data racy annotation to suppress KCSAN data race reports.