CVE-2024-55642

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> block: Prevent potential deadlocks in zone write plug error recovery<br /> <br /> Zone write plugging for handling writes to zones of a zoned block<br /> device always execute a zone report whenever a write BIO to a zone<br /> fails. The intent of this is to ensure that the tracking of a zone write<br /> pointer is always correct to ensure that the alignment to a zone write<br /> pointer of write BIOs can be checked on submission and that we can<br /> always correctly emulate zone append operations using regular write<br /> BIOs.<br /> <br /> However, this error recovery scheme introduces a potential deadlock if a<br /> device queue freeze is initiated while BIOs are still plugged in a zone<br /> write plug and one of these write operation fails. In such case, the<br /> disk zone write plug error recovery work is scheduled and executes a<br /> report zone. This in turn can result in a request allocation in the<br /> underlying driver to issue the report zones command to the device. But<br /> with the device queue freeze already started, this allocation will<br /> block, preventing the report zone execution and the continuation of the<br /> processing of the plugged BIOs. As plugged BIOs hold a queue usage<br /> reference, the queue freeze itself will never complete, resulting in a<br /> deadlock.<br /> <br /> Avoid this problem by completely removing from the zone write plugging<br /> code the use of report zones operations after a failed write operation,<br /> instead relying on the device user to either execute a report zones,<br /> reset the zone, finish the zone, or give up writing to the device (which<br /> is a fairly common pattern for file systems which degrade to read-only<br /> after write failures). This is not an unreasonnable requirement as all<br /> well-behaved applications, FSes and device mapper already use report<br /> zones to recover from write errors whenever possible by comparing the<br /> current position of a zone write pointer with what their assumption<br /> about the position is.<br /> <br /> The changes to remove the automatic error recovery are as follows:<br /> - Completely remove the error recovery work and its associated<br /> resources (zone write plug list head, disk error list, and disk<br /> zone_wplugs_work work struct). This also removes the functions<br /> disk_zone_wplug_set_error() and disk_zone_wplug_clear_error().<br /> <br /> - Change the BLK_ZONE_WPLUG_ERROR zone write plug flag into<br /> BLK_ZONE_WPLUG_NEED_WP_UPDATE. This new flag is set for a zone write<br /> plug whenever a write opration targetting the zone of the zone write<br /> plug fails. This flag indicates that the zone write pointer offset is<br /> not reliable and that it must be updated when the next report zone,<br /> reset zone, finish zone or disk revalidation is executed.<br /> <br /> - Modify blk_zone_write_plug_bio_endio() to set the<br /> BLK_ZONE_WPLUG_NEED_WP_UPDATE flag for the target zone of a failed<br /> write BIO.<br /> <br /> - Modify the function disk_zone_wplug_set_wp_offset() to clear this<br /> new flag, thus implementing recovery of a correct write pointer<br /> offset with the reset (all) zone and finish zone operations.<br /> <br /> - Modify blkdev_report_zones() to always use the disk_report_zones_cb()<br /> callback so that disk_zone_wplug_sync_wp_offset() can be called for<br /> any zone marked with the BLK_ZONE_WPLUG_NEED_WP_UPDATE flag.<br /> This implements recovery of a correct write pointer offset for zone<br /> write plugs marked with BLK_ZONE_WPLUG_NEED_WP_UPDATE and within<br /> the range of the report zones operation executed by the user.<br /> <br /> - Modify blk_revalidate_seq_zone() to call<br /> disk_zone_wplug_sync_wp_offset() for all sequential write required<br /> zones when a zoned block device is revalidated, thus always resolving<br /> any inconsistency between the write pointer offset of zone write<br /> plugs and the actual write pointer position of sequential zones.