CVE-2022-50100

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> sched/core: Do not requeue task on CPU excluded from cpus_mask<br /> <br /> The following warning was triggered on a large machine early in boot on<br /> a distribution kernel but the same problem should also affect mainline.<br /> <br /> WARNING: CPU: 439 PID: 10 at ../kernel/workqueue.c:2231 process_one_work+0x4d/0x440<br /> Call Trace:<br /> <br /> rescuer_thread+0x1f6/0x360<br /> kthread+0x156/0x180<br /> ret_from_fork+0x22/0x30<br /> <br /> <br /> Commit c6e7bd7afaeb ("sched/core: Optimize ttwu() spinning on p-&gt;on_cpu")<br /> optimises ttwu by queueing a task that is descheduling on the wakelist,<br /> but does not check if the task descheduling is still allowed to run on that CPU.<br /> <br /> In this warning, the problematic task is a workqueue rescue thread which<br /> checks if the rescue is for a per-cpu workqueue and running on the wrong CPU.<br /> While this is early in boot and it should be possible to create workers,<br /> the rescue thread may still used if the MAYDAY_INITIAL_TIMEOUT is reached<br /> or MAYDAY_INTERVAL and on a sufficiently large machine, the rescue<br /> thread is being used frequently.<br /> <br /> Tracing confirmed that the task should have migrated properly using the<br /> stopper thread to handle the migration. However, a parallel wakeup from udev<br /> running on another CPU that does not share CPU cache observes p-&gt;on_cpu and<br /> uses task_cpu(p), queues the task on the old CPU and triggers the warning.<br /> <br /> Check that the wakee task that is descheduling is still allowed to run<br /> on its current CPU and if not, wait for the descheduling to complete<br /> and select an allowed CPU.