Re: CVE-2024-26905: btrfs: fix data races when accessing the reserved amount of block reserves

[Greg Kroah-Hartman]

On Mon, Jul 29, 2024 at 01:46:37PM +0100, Filipe Manana wrote:
> On Wed, Apr 17, 2024 at 12:29:20PM +0200, Greg Kroah-Hartman wrote:
> > Description
> > ===========
> > 
> > In the Linux kernel, the following vulnerability has been resolved:
> > 
> > btrfs: fix data races when accessing the reserved amount of block reserves
> > 
> 
> Greg, can you clarify why is this being classified as a CVE?

The text of the changelog made it sound like a race condition that was
being fixed, except for this bit:

> > So add a helper to get the reserved amount of a block reserve while
> > holding the lock. The value may be not be up to date anymore when used by
> > need_preemptive_reclaim() and btrfs_preempt_reclaim_metadata_space(), but
> > that's ok since the worst it can do is cause more reclaim work do be done
> > sooner rather than later. Reading the field while holding the lock instead
> > of using the data_race() annotation is used in order to prevent load
> > tearing.

That paragraph explains that this really isn't a vulnerability, sorry
about that.  I'll go reject this CVE id now, thanks for the review!

greg k-h