CVE-2022-49446

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nvdimm: Fix firmware activation deadlock scenarios<br /> <br /> Lockdep reports the following deadlock scenarios for CXL root device<br /> power-management, device_prepare(), operations, and device_shutdown()<br /> operations for &amp;#39;nd_region&amp;#39; devices:<br /> <br /> Chain exists of:<br /> &amp;nvdimm_region_key --&gt; &amp;nvdimm_bus-&gt;reconfig_mutex --&gt; system_transition_mutex<br /> <br /> Possible unsafe locking scenario:<br /> <br /> CPU0 CPU1<br /> ---- ----<br /> lock(system_transition_mutex);<br /> lock(&amp;nvdimm_bus-&gt;reconfig_mutex);<br /> lock(system_transition_mutex);<br /> lock(&amp;nvdimm_region_key);<br /> <br /> Chain exists of:<br /> &amp;cxl_nvdimm_bridge_key --&gt; acpi_scan_lock --&gt; &amp;cxl_root_key<br /> <br /> Possible unsafe locking scenario:<br /> <br /> CPU0 CPU1<br /> ---- ----<br /> lock(&amp;cxl_root_key);<br /> lock(acpi_scan_lock);<br /> lock(&amp;cxl_root_key);<br /> lock(&amp;cxl_nvdimm_bridge_key);<br /> <br /> These stem from holding nvdimm_bus_lock() over hibernate_quiet_exec()<br /> which walks the entire system device topology taking device_lock() along<br /> the way. The nvdimm_bus_lock() is protecting against unregistration,<br /> multiple simultaneous ops callers, and preventing activate_show() from<br /> racing activate_store(). For the first 2, the lock is redundant.<br /> Unregistration already flushes all ops users, and sysfs already prevents<br /> multiple threads to be active in an ops handler at the same time. For<br /> the last userspace should already be waiting for its last<br /> activate_store() to complete, and does not need activate_show() to flush<br /> the write side, so this lock usage can be deleted in these attributes.