Linux Kernel Fair-Class Starvation Vulnerability in Sched Ext Component

A vulnerability in the Linux kernel's scheduling extension can lead to system hangs. During the 'scx_enable()' process, the task switching loop alters the thread's scheduling class from fair to ext. Since the fair class has higher priority, workloads that saturate this class can indefinitely starve the enabling thread, causing the system to freeze. This issue arose when the enabling process shifted from 'preempt_disable()' to 'scx_bypass()', which fails to guard against fair-class starvation. Although the initial 'preempt_disable()' protection was not entirely effective, as it allowed for starvation in partial switch modes, the vulnerability has been addressed by redirecting the enabling process to a dedicated real-time kernel thread that is immune to starvation from both fair and ext class tasks. The 'scx_enable()' function now creates this thread on its first use, ensuring a smoother operation.

Impact

The vulnerability can cause the system to hang indefinitely, particularly under workloads that saturate the fair scheduling class.

Reproduction

To reproduce this issue, saturate the fair-class workloads while attempting to enable the 'scx' operations. This will create a scenario where the enabling thread is starved, leading to a system hang.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed.