CVE-2023-52836

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> locking/ww_mutex/test: Fix potential workqueue corruption<br /> <br /> In some cases running with the test-ww_mutex code, I was seeing<br /> odd behavior where sometimes it seemed flush_workqueue was<br /> returning before all the work threads were finished.<br /> <br /> Often this would cause strange crashes as the mutexes would be<br /> freed while they were being used.<br /> <br /> Looking at the code, there is a lifetime problem as the<br /> controlling thread that spawns the work allocates the<br /> "struct stress" structures that are passed to the workqueue<br /> threads. Then when the workqueue threads are finished,<br /> they free the stress struct that was passed to them.<br /> <br /> Unfortunately the workqueue work_struct node is in the stress<br /> struct. Which means the work_struct is freed before the work<br /> thread returns and while flush_workqueue is waiting.<br /> <br /> It seems like a better idea to have the controlling thread<br /> both allocate and free the stress structures, so that we can<br /> be sure we don&amp;#39;t corrupt the workqueue by freeing the structure<br /> prematurely.<br /> <br /> So this patch reworks the test to do so, and with this change<br /> I no longer see the early flush_workqueue returns.