Description

In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" This reverts commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"), which causes a deadlock by recursively taking pci_rescan_remove_lock when sriov_del_vfs() is called as part of pci_stop_and_remove_bus_device(). For example with the following sequence of commands: $ echo > /sys/bus/pci/devices//sriov_numvfs $ echo 1 > /sys/bus/pci/devices//remove A trimmed trace of the deadlock on a mlx5 device is as below: zsh/5715 is trying to acquire lock: 000002597926ef50 (pci_rescan_remove_lock){+.+.}-{3:3}, at: sriov_disable+0x34/0x140 but task is already holding lock: 000002597926ef50 (pci_rescan_remove_lock){+.+.}-{3:3}, at: pci_stop_and_remove_bus_device_locked+0x24/0x80 ... Call Trace: [] dump_stack_lvl+0xc0/0x110 [] print_deadlock_bug+0x31e/0x330 [] __lock_acquire+0x16c8/0x32f0 [] lock_acquire+0x14c/0x350 [] __mutex_lock_common+0xe6/0x1520 [] mutex_lock_nested+0x3c/0x50 [] sriov_disable+0x34/0x140 [] mlx5_sriov_disable+0x50/0x80 [mlx5_core] [] remove_one+0x5e/0xf0 [mlx5_core] [] pci_device_remove+0x3c/0xa0 [] device_release_driver_internal+0x18e/0x280 [] pci_stop_bus_device+0x82/0xa0 [] pci_stop_and_remove_bus_device_locked+0x5e/0x80 [] remove_store+0x72/0x90 [] kernfs_fop_write_iter+0x15a/0x200 [] vfs_write+0x24c/0x300 [] ksys_write+0x86/0x110 [] __do_syscall+0x14c/0x400 [] system_call+0x6e/0x90 This alone is not a complete fix as it restores the issue the cited commit tried to solve. A new fix will be provided as a follow on.