In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID: 3486953 Comm: rmdir Kdump: loaded Tainted: G RIP: 0010:kernfsshoulddrainopenfiles+0x1a1/0x1b0 RSP: 0018:ffff8881107ef9e0 EFLAGS: 00010202 RAX: 0000000080000002 RBX: ffff888154738c00 RCX: dffffc0000000000 RDX: 0000000000000007 RSI: 0000000000000004 RDI: ffff888154738c04 RBP: ffff888154738c04 R08: ffffffffaf27fa15 R09: ffffed102a8e7180 R10: ffff888154738c07 R11: 0000000000000000 R12: ffff888154738c08 R13: ffff888750f8c000 R14: ffff888750f8c0e8 R15: ffff888154738ca0 FS: 00007f84cd0be740(0000) GS:ffff8887ddc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555f9fbe00c8 CR3: 0000000153eec001 CR4: 0000000000370ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: kernfsdrain+0x15e/0x2f0 _kernfsremove+0x165/0x300 kernfsremovebynamens+0x7b/0xc0 cgrouprmfile+0x154/0x1c0 cgroupaddrmfiles+0x1c2/0x1f0 csscleardir+0x77/0x110 killcss+0x4c/0x1b0 cgroupdestroylocked+0x194/0x380 cgrouprmdir+0x2a/0x140 It can be explained by: rmdir echo 1 > cpuset.cpus kernfsfopwriteiter // active=0 cgrouprmfile kernfsremovebynamens kernfsgetactive // active=1 _kernfsremove // active=0x80000002 kernfsdrain cpusetwriteresmask waitevent //waiting (active == 0x80000001) kernfsbreakactiveprotection // active = 0x80000001 // continue kernfsunbreakactiveprotection // active = 0x80000002 ... kernfsshoulddrainopenfiles // warning occurs kernfsputactive This warning is caused by 'kernfsbreakactiveprotection' when it is writing to cpuset.cpus, and the cgroup is removed concurrently. The commit 3a5a6d0c2b03 ("cpuset: don't nest cgroupmutex inside getonlinecpus()") made cpusethotplugworkfn asynchronous, This change involves calling flushwork(), which can create a multiple processes circular locking dependency that involve cgroupmutex, potentially leading to a deadlock. To avoid deadlock. the commit 76bb5ab8f6e3 ("cpuset: break kernfs active protection in cpusetwriteresmask()") added 'kernfsbreakactiveprotection' in the cpusetwriteresmask. This could lead to this warning. After the commit 2125c0034c5d ("cgroup/cpuset: Make cpuset hotplug processing synchronous"), the cpusetwriteresmask no longer needs to wait the hotplug to finish, which means that concurrent hotplug and cpuset operations are no longer possible. Therefore, the deadlock doesn't exist anymore and it does not have to 'break active protection' now. To fix this warning, just remove kernfsbreakactiveprotection operation in the 'cpusetwriteresmask'.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.11.0-12.19", "binary_name": "block-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "block-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "crypto-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "crypto-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fat-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fat-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fb-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "firewire-core-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "floppy-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fs-core-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fs-core-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fs-secondary-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "fs-secondary-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "input-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "input-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "ipmi-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "ipmi-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "irda-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "irda-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "kernel-image-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "kernel-image-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-doc" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-headers-3.11.0-12" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-headers-3.11.0-12-generic" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-headers-3.11.0-12-generic-lpae" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-image-3.11.0-12-generic" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-image-3.11.0-12-generic-lpae" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-image-extra-3.11.0-12-generic" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-libc-dev" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-source-3.11.0" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-tools-3.11.0-12" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-tools-3.11.0-12-generic" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-tools-3.11.0-12-generic-lpae" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-tools-common" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-udebs-generic" }, { "binary_version": "3.11.0-12.19", "binary_name": "linux-udebs-generic-lpae" }, { "binary_version": "3.11.0-12.19", "binary_name": "md-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "md-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "message-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "mouse-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "mouse-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "multipath-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "multipath-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nfs-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nfs-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-pcmcia-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-shared-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-shared-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-usb-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "nic-usb-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "parport-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "parport-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "pata-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "pcmcia-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "pcmcia-storage-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "plip-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "plip-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "ppp-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "ppp-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "sata-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "sata-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "scsi-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "scsi-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "serial-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "speakup-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "speakup-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "squashfs-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "squashfs-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "storage-core-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "storage-core-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "usb-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "usb-modules-3.11.0-12-generic-lpae-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "virtio-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "vlan-modules-3.11.0-12-generic-di" }, { "binary_version": "3.11.0-12.19", "binary_name": "vlan-modules-3.11.0-12-generic-lpae-di" } ] }