CVE-2022-49765

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/9p: use a dedicated spinlock for trans_fd<br /> <br /> Shamelessly copying the explanation from Tetsuo Handa&amp;#39;s suggested<br /> patch[1] (slightly reworded):<br /> syzbot is reporting inconsistent lock state in p9_req_put()[2],<br /> for p9_tag_remove() from p9_req_put() from IRQ context is using<br /> spin_lock_irqsave() on "struct p9_client"-&gt;lock but trans_fd<br /> (not from IRQ context) is using spin_lock().<br /> <br /> Since the locks actually protect different things in client.c and in<br /> trans_fd.c, just replace trans_fd.c&amp;#39;s lock by a new one specific to the<br /> transport (client.c&amp;#39;s protect the idr for fid/tag allocations,<br /> while trans_fd.c&amp;#39;s protects its own req list and request status field<br /> that acts as the transport&amp;#39;s state machine)