CVE-2022-50053

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iavf: Fix reset error handling<br /> <br /> Do not call iavf_close in iavf_reset_task error handling. Doing so can<br /> lead to double call of napi_disable, which can lead to deadlock there.<br /> Removing VF would lead to iavf_remove task being stuck, because it<br /> requires crit_lock, which is held by iavf_close.<br /> Call iavf_disable_vf if reset fail, so that driver will clean up<br /> remaining invalid resources.<br /> During rapid VF resets, HW can fail to setup VF mailbox. Wrong<br /> error handling can lead to iavf_remove being stuck with:<br /> [ 5218.999087] iavf 0000:82:01.0: Failed to init adminq: -53<br /> ...<br /> [ 5267.189211] INFO: task repro.sh:11219 blocked for more than 30 seconds.<br /> [ 5267.189520] Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1<br /> [ 5267.189764] "echo 0 &gt; /proc/sys/kernel/hung_task_timeout_secs" disables this message.<br /> [ 5267.190062] task:repro.sh state:D stack: 0 pid:11219 ppid: 8162 flags:0x00000000<br /> [ 5267.190347] Call Trace:<br /> [ 5267.190647] <br /> [ 5267.190927] __schedule+0x460/0x9f0<br /> [ 5267.191264] schedule+0x44/0xb0<br /> [ 5267.191563] schedule_preempt_disabled+0x14/0x20<br /> [ 5267.191890] __mutex_lock.isra.12+0x6e3/0xac0<br /> [ 5267.192237] ? iavf_remove+0xf9/0x6c0 [iavf]<br /> [ 5267.192565] iavf_remove+0x12a/0x6c0 [iavf]<br /> [ 5267.192911] ? _raw_spin_unlock_irqrestore+0x1e/0x40<br /> [ 5267.193285] pci_device_remove+0x36/0xb0<br /> [ 5267.193619] device_release_driver_internal+0xc1/0x150<br /> [ 5267.193974] pci_stop_bus_device+0x69/0x90<br /> [ 5267.194361] pci_stop_and_remove_bus_device+0xe/0x20<br /> [ 5267.194735] pci_iov_remove_virtfn+0xba/0x120<br /> [ 5267.195130] sriov_disable+0x2f/0xe0<br /> [ 5267.195506] ice_free_vfs+0x7d/0x2f0 [ice]<br /> [ 5267.196056] ? pci_get_device+0x4f/0x70<br /> [ 5267.196496] ice_sriov_configure+0x78/0x1a0 [ice]<br /> [ 5267.196995] sriov_numvfs_store+0xfe/0x140<br /> [ 5267.197466] kernfs_fop_write_iter+0x12e/0x1c0<br /> [ 5267.197918] new_sync_write+0x10c/0x190<br /> [ 5267.198404] vfs_write+0x24e/0x2d0<br /> [ 5267.198886] ksys_write+0x5c/0xd0<br /> [ 5267.199367] do_syscall_64+0x3a/0x80<br /> [ 5267.199827] entry_SYSCALL_64_after_hwframe+0x46/0xb0<br /> [ 5267.200317] RIP: 0033:0x7f5b381205c8<br /> [ 5267.200814] RSP: 002b:00007fff8c7e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001<br /> [ 5267.201981] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5b381205c8<br /> [ 5267.202620] RDX: 0000000000000002 RSI: 00005569420ee900 RDI: 0000000000000001<br /> [ 5267.203426] RBP: 00005569420ee900 R08: 000000000000000a R09: 00007f5b38180820<br /> [ 5267.204327] R10: 000000000000000a R11: 0000000000000246 R12: 00007f5b383c06e0<br /> [ 5267.205193] R13: 0000000000000002 R14: 00007f5b383bb880 R15: 0000000000000002<br /> [ 5267.206041] <br /> [ 5267.206970] Kernel panic - not syncing: hung_task: blocked tasks<br /> [ 5267.207809] CPU: 48 PID: 551 Comm: khungtaskd Kdump: loaded Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1<br /> [ 5267.208726] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.11.0 11/02/2019<br /> [ 5267.209623] Call Trace:<br /> [ 5267.210569] <br /> [ 5267.211480] dump_stack_lvl+0x33/0x42<br /> [ 5267.212472] panic+0x107/0x294<br /> [ 5267.213467] watchdog.cold.8+0xc/0xbb<br /> [ 5267.214413] ? proc_dohung_task_timeout_secs+0x30/0x30<br /> [ 5267.215511] kthread+0xf4/0x120<br /> [ 5267.216459] ? kthread_complete_and_exit+0x20/0x20<br /> [ 5267.217505] ret_from_fork+0x22/0x30<br /> [ 5267.218459]