Linux Kernel GEM Shmem Purge Locking Vulnerability in Kunit Tests

A vulnerability exists in the Linux kernel's handling of Graphics Execution Manager (GEM) objects in shared memory (shmem) tests. The issue arises because the reservation lock for GEM objects is not properly managed during the purge operation, leading to potential errors. This vulnerability affects the Linux kernel stable tree, specifically in versions 6.16 and later.

Impact

Exploitation of this vulnerability could lead to improper handling of GEM object purging, potentially causing synchronization issues or errors in the Kunit test environment.

Reproduction

The vulnerability can be reproduced by running Kunit tests that utilize the 'drm_gem_shmem_purge_locked()' function without the appropriate reservation lock. This can be done by creating a test that calls 'drm_gem_shmem_purge_locked()' on a GEM object that is not properly locked, which will trigger a warning about the incorrect locking state.

Remediation

The vulnerability has been addressed by modifying the 'drm_gem_shmem_purge()' function to include the necessary reservation lock management. Users can apply the latest patches available in the Linux kernel stable tree to mitigate this issue.