CVE-2024-56641

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/smc: initialize close_work early to avoid warning<br /> <br /> We encountered a warning that close_work was canceled before<br /> initialization.<br /> <br /> WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0<br /> Workqueue: events smc_lgr_terminate_work [smc]<br /> RIP: 0010:__flush_work+0x19e/0x1b0<br /> Call Trace:<br /> ? __wake_up_common+0x7a/0x190<br /> ? work_busy+0x80/0x80<br /> __cancel_work_timer+0xe3/0x160<br /> smc_close_cancel_work+0x1a/0x70 [smc]<br /> smc_close_active_abort+0x207/0x360 [smc]<br /> __smc_lgr_terminate.part.38+0xc8/0x180 [smc]<br /> process_one_work+0x19e/0x340<br /> worker_thread+0x30/0x370<br /> ? process_one_work+0x340/0x340<br /> kthread+0x117/0x130<br /> ? __kthread_cancel_work+0x50/0x50<br /> ret_from_fork+0x22/0x30<br /> <br /> This is because when smc_close_cancel_work is triggered, e.g. the RDMA<br /> driver is rmmod and the LGR is terminated, the conn-&gt;close_work is<br /> flushed before initialization, resulting in WARN_ON(!work-&gt;func).<br /> <br /> __smc_lgr_terminate | smc_connect_{rdma|ism}<br /> -------------------------------------------------------------<br /> | smc_conn_create<br /> | \- smc_lgr_register_conn<br /> for conn in lgr-&gt;conns_all |<br /> \- smc_conn_kill |<br /> \- smc_close_active_abort |<br /> \- smc_close_cancel_work |<br /> \- cancel_work_sync |<br /> \- __flush_work |<br /> (close_work) |<br /> | smc_close_init<br /> | \- INIT_WORK(&amp;close_work)<br /> <br /> So fix this by initializing close_work before establishing the<br /> connection.