Linux Kernel SCHED_DEADLINE Missing ENQUEUE_REPLENISH Vulnerability During Priority Inheritance De-boosting

A vulnerability in the Linux kernel's SCHED_DEADLINE scheduling can lead to improper bandwidth accounting. When a SCHED_DEADLINE task, acting as a lock holder, is switched to a lower priority while still holding a mutex, it may not correctly inherit the necessary parameters from a blocking DEADLINE task, the donor. This oversight can cause the lock holder to be misidentified as not boosted, leading to a corruption in bandwidth management. The issue arises in real-time kernels, particularly on large machines, and has been observed to trigger warnings about missing REPLENISH flags and underflows in running bandwidth calculations.

Impact

Failing to properly manage the scheduling parameters can disrupt the intended behavior of real-time tasks, potentially leading to performance issues or missed deadlines in time-sensitive applications.

Reproduction

The vulnerability can be reproduced by running the stress-ng tool with a SCHED_DEADLINE task that blocks on a priority-inheritance mutex held by another DEADLINE task. While the mutex is held, change the scheduling policy of the lock holder to a lower priority class. This sequence will demonstrate the failure to properly inherit DEADLINE parameters, allowing the issue to manifest.

Remediation

Users can apply the patch available in the Linux kernel stable tree to address this vulnerability. The patch introduces a new function that ensures proper inheritance of DEADLINE parameters and replenishment of bandwidth accounting during scheduling changes.