In the Linux kernel, the following vulnerability has been resolved:
net/smc: initialize close_work early to avoid warning
We encountered a warning that close_work was canceled before initialization.
WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 flushwork+0x19e/0x1b0 Workqueue: events smclgrterminatework [smc] RIP: 0010:flushwork+0x19e/0x1b0 Call Trace: ? _wakeupcommon+0x7a/0x190 ? workbusy+0x80/0x80 _cancelworktimer+0xe3/0x160 smcclosecancelwork+0x1a/0x70 [smc] smccloseactiveabort+0x207/0x360 [smc] _smclgrterminate.part.38+0xc8/0x180 [smc] processonework+0x19e/0x340 workerthread+0x30/0x370 ? processonework+0x340/0x340 kthread+0x117/0x130 ? _kthreadcancelwork+0x50/0x50 retfrom_fork+0x22/0x30
This is because when smcclosecancelwork is triggered, e.g. the RDMA driver is rmmod and the LGR is terminated, the conn->closework is flushed before initialization, resulting in WARN_ON(!work->func).
| smc_conn_create
| \- smc_lgr_register_conn
for conn in lgr->connsall | - smcconnkill | - smccloseactiveabort | - smcclosecancelwork | - cancelworksync | - _flushwork | (closework) | | smccloseinit | - INITWORK(&closework)
So fix this by initializing close_work before establishing the connection.
[ { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0541db8ee32c09463a72d0987382b3a3336b0043", "signature_version": "v1", "target": { "function": "smc_connect_ism", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "335519717285604064351629582030465477607", "length": 1793.0 }, "id": "CVE-2024-56641-0084a21b" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f0c37002210aaede10dae849d1a78efc2243add2", "signature_version": "v1", "target": { "file": "net/smc/af_smc.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "241387172558184983194058901748891679321", "65395271526357111507042453504078245252", "310775782288692338209442168373168441066", "314067013031543130000478072427300301498", "130043729822950931321536645359538558989", "217181133736862386901876084276696623582", "258912460619509938158146522205897021937", "22069759908426177256635511903453952091", "93987255817786646047401151614205890708", "287656008215432680868132934983263583279", "37475151688074003047599936421992292098", "62053380930000063996040963484076719196", "288556133215617924423123580541812603421", "247728231216085187839875175731900191716", "324840896273415171459719430671891500924", "221776148474143849383127715210795130010" ] }, "id": "CVE-2024-56641-07921c48" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6638e52dcfafaf1b9cbc34544f0c832db0069ea1", "signature_version": "v1", "target": { "function": "smc_connect_rdma", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "27125914119553819622121304740673757837", "length": 3035.0 }, "id": "CVE-2024-56641-2f42b28f" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6638e52dcfafaf1b9cbc34544f0c832db0069ea1", "signature_version": "v1", "target": { "function": "smc_listen_work", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "277460891171739787812758547527883524116", "length": 2607.0 }, "id": "CVE-2024-56641-3bed04e6" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0541db8ee32c09463a72d0987382b3a3336b0043", "signature_version": "v1", "target": { "function": "smc_sk_init", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "308689239146567287406826866004350366235", "length": 853.0 }, "id": "CVE-2024-56641-3eeb116b" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6638e52dcfafaf1b9cbc34544f0c832db0069ea1", "signature_version": "v1", "target": { "function": "smc_sk_init", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "308689239146567287406826866004350366235", "length": 853.0 }, "id": "CVE-2024-56641-60cdf05a" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0541db8ee32c09463a72d0987382b3a3336b0043", "signature_version": "v1", "target": { "function": "smc_listen_work", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "277460891171739787812758547527883524116", "length": 2607.0 }, "id": "CVE-2024-56641-65782d21" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f0c37002210aaede10dae849d1a78efc2243add2", "signature_version": "v1", "target": { "function": "smc_connect_rdma", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "27125914119553819622121304740673757837", "length": 3035.0 }, "id": "CVE-2024-56641-86b68d3c" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6638e52dcfafaf1b9cbc34544f0c832db0069ea1", "signature_version": "v1", "target": { "file": "net/smc/af_smc.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "241387172558184983194058901748891679321", "65395271526357111507042453504078245252", "310775782288692338209442168373168441066", "314067013031543130000478072427300301498", "130043729822950931321536645359538558989", "217181133736862386901876084276696623582", "258912460619509938158146522205897021937", "22069759908426177256635511903453952091", "93987255817786646047401151614205890708", "287656008215432680868132934983263583279", "37475151688074003047599936421992292098", "62053380930000063996040963484076719196", "288556133215617924423123580541812603421", "247728231216085187839875175731900191716", "324840896273415171459719430671891500924", "221776148474143849383127715210795130010" ] }, "id": "CVE-2024-56641-8f27badc" }, { "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0541db8ee32c09463a72d0987382b3a3336b0043", "signature_version": "v1", "target": { "file": "net/smc/af_smc.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "241387172558184983194058901748891679321", "65395271526357111507042453504078245252", "310775782288692338209442168373168441066", "314067013031543130000478072427300301498", "130043729822950931321536645359538558989", "217181133736862386901876084276696623582", "258912460619509938158146522205897021937", "22069759908426177256635511903453952091", "93987255817786646047401151614205890708", "287656008215432680868132934983263583279", "37475151688074003047599936421992292098", "62053380930000063996040963484076719196", "288556133215617924423123580541812603421", "247728231216085187839875175731900191716", "324840896273415171459719430671891500924", "221776148474143849383127715210795130010" ] }, "id": "CVE-2024-56641-90a0409a" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f0c37002210aaede10dae849d1a78efc2243add2", "signature_version": "v1", "target": { "function": "smc_listen_work", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "339894859397414005814977181831532059529", "length": 2597.0 }, "id": "CVE-2024-56641-974a1be0" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0541db8ee32c09463a72d0987382b3a3336b0043", "signature_version": "v1", "target": { "function": "smc_connect_rdma", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "27125914119553819622121304740673757837", "length": 3035.0 }, "id": "CVE-2024-56641-a4ee83b9" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6638e52dcfafaf1b9cbc34544f0c832db0069ea1", "signature_version": "v1", "target": { "function": "smc_connect_ism", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "335519717285604064351629582030465477607", "length": 1793.0 }, "id": "CVE-2024-56641-dd48d370" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f0c37002210aaede10dae849d1a78efc2243add2", "signature_version": "v1", "target": { "function": "smc_sk_init", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "308689239146567287406826866004350366235", "length": 853.0 }, "id": "CVE-2024-56641-f6244da1" }, { "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f0c37002210aaede10dae849d1a78efc2243add2", "signature_version": "v1", "target": { "function": "smc_connect_ism", "file": "net/smc/af_smc.c" }, "digest": { "function_hash": "335519717285604064351629582030465477607", "length": 1793.0 }, "id": "CVE-2024-56641-fb1d5413" } ]