CVE-2022-49379 Information

Description

In the Linux kernel the following vulnerability has been resolved:

driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction

Mounting NFS rootfs was timing out when deferred_probe_timeout was non-zero [1]. This was because ip_auto_config() initcall times out waiting for the network interfaces to show up when deferred_probe_timeout was non-zero. While ip_auto_config() calls wait_for_device_probe() to make sure any currently running deferred probe work or asynchronous probe finishes that wasn’t sufficient to account for devices being deferred until deferred_probe_timeout.

Commit 35a672363ab3 (\driver core: Ensure wait_for_device_probe() waits until the deferred_probe_timeout fires) tried to fix that by making sure wait_for_device_probe() waits for deferred_probe_timeout to expire before returning.

However if wait_for_device_probe() is called from the kernel_init() context:

• Before deferred_probe_initcall() [2] it causes the boot process to hang due to a deadlock.

• After deferred_probe_initcall() [3] it blocks kernel_init() from continuing till deferred_probe_timeout expires and beats the point of deferred_probe_timeout that’s trying to wait for userspace to load modules.

Neither of this is good. So revert the changes to wait_for_device_probe().

[1] - https://lore.kernel.org/lkml/TYAPR01MB45443DF63B9EF29054F7C41FD8C60@TYAPR01MB4544.jpnprd01.prod.outlook.com/ [2] - https://lore.kernel.org/lkml/YowHNo4sBjr9ijZr@dev-arch.thelio-3990X/ [3] - https://lore.kernel.org/lkml/Yo3WvGnNk3LvLb7R@linutronix.de/

Reference

https://git.kernel.org/stable/c/29357883a89193863f3cc6a2c5e0b42ceb022761 https://git.kernel.org/stable/c/4ad6af07efcca85369c21e4897b3020cff2c170b https://git.kernel.org/stable/c/528229474e1cbb1b3451cb713d94aecb5f6ee264 https://git.kernel.org/stable/c/5ee76c256e928455212ab759c51d198fedbe7523 https://git.kernel.org/stable/c/71cbce75031aed26c72c2dc8a83111d181685f1b