CVE-2022-49133

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amdkfd: svm range restore work deadlock when process exit<br /> <br /> kfd_process_notifier_release flush svm_range_restore_work<br /> which calls svm_range_list_lock_and_flush_work to flush deferred_list<br /> work, but if deferred_list work mmput release the last user, it will<br /> call exit_mmap -&gt; notifier_release, it is deadlock with below backtrace.<br /> <br /> Move flush svm_range_restore_work to kfd_process_wq_release to avoid<br /> deadlock. Then svm_range_restore_work take task-&gt;mm ref to avoid mm is<br /> gone while validating and mapping ranges to GPU.<br /> <br /> Workqueue: events svm_range_deferred_list_work [amdgpu]<br /> Call Trace:<br /> wait_for_completion+0x94/0x100<br /> __flush_work+0x12a/0x1e0<br /> __cancel_work_timer+0x10e/0x190<br /> cancel_delayed_work_sync+0x13/0x20<br /> kfd_process_notifier_release+0x98/0x2a0 [amdgpu]<br /> __mmu_notifier_release+0x74/0x1f0<br /> exit_mmap+0x170/0x200<br /> mmput+0x5d/0x130<br /> svm_range_deferred_list_work+0x104/0x230 [amdgpu]<br /> process_one_work+0x220/0x3c0