Linux Kernel pNFS Deadlock Vulnerability During Delegation Return

A deadlock vulnerability has been identified in the Linux kernel's pNFS implementation, specifically within the NFSv4 protocol handling. This issue arises when returning a delegation during the open() operation, leading to a hang in the process. The deadlock occurs because the delegation return is forced to wait for a layout return that cannot be completed due to an initiated state recovery, which itself is dependent on the open() operation finishing its delegation processing. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability causes a deadlock, where the process hangs indefinitely, waiting for a condition that cannot be met, effectively freezing the operation.

Reproduction

The deadlock can be reproduced by initiating an open() operation that requires processing of delegations while simultaneously triggering a state recovery. This can be done by manipulating NFSv4 delegation returns and layout returns, creating a scenario where the open() operation is left waiting for a delegation return to complete, but cannot do so because the state recovery process is blocked.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been addressed. Instructions for downloading the patched version are available on the official Linux kernel website.