Linux Kernel Flexible Proportions Hardirq Safety Vulnerability

A race condition vulnerability has been identified in the Linux kernel's flexible proportions code, specifically in the 'fprop_new_period' function. This vulnerability can lead to a deadlock situation where the function loops indefinitely, unable to complete its execution. The issue arises when a timer fires and the 'fprop_new_period' function is called to update a sequence counter. If a hard interrupt occurs during this process, it can disrupt the normal flow, causing the function to misinterpret the sequence state and get stuck. This deadlock scenario is particularly likely to occur with FUSE backends, where the writeout throughput is maximized, creating a perfect storm for the race condition to manifest.

Impact

Exploitation of this vulnerability can cause a deadlock, where the system gets stuck in a loop, unable to proceed with normal operations. This can lead to a significant slowdown or halt in processes that rely on the affected function, disrupting overall system performance.

Reproduction

The vulnerability can be reproduced by configuring a FUSE backend to maximize writeout throughput, which is a rare but possible scenario. Once this configuration is in place, the 'fprop_new_period' function can be called in a way that triggers the race condition. This can be done by allowing a timer to fire while the system is processing a hard interrupt, creating the conditions for the deadlock to occur.

Remediation

The vulnerability has been addressed by modifying the 'fprop_new_period' function to ensure that the sequence counter is updated in a way that is safe from hard interrupts. Users should apply the latest patches available in the Linux kernel stable tree to mitigate this issue.