CVE-2025-68373

In the Linux kernel, the following vulnerability has been resolved:

md: avoid repeated calls to del_gendisk

There is a uaf problem which is found by case 23rdev-lifetime:

Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdi_unregister+0x4b/0x170 Call Trace: <TASK> _delgendisk+0x356/0x3e0 mddevunlock+0x351/0x360 rdevattrstore+0x217/0x280 kernfsfopwriteiter+0x14a/0x210 vfswrite+0x29e/0x550 ksyswrite+0x74/0xf0 dosyscall64+0xbb/0x380 entrySYSCALL64afterhwframe+0x77/0x7f RIP: 0033:0x7ff5250a177e

The sequence is: 1. rdev remove path gets reconfigmutex 2. rdev remove path release reconfigmutex in mddevunlock 3. md stop calls domdstop and sets MDDELETED 4. rdev remove path calls delgendisk because MDDELETED is set 5. md stop path release reconfigmutex and calls delgendisk again

So there is a race condition we should resolve. This patch adds a flag MDDODELETE to avoid the race condition.