CVE-2021-46939 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability CVE-2021-46939 occurs in the Linux kernel's tracing subsystem, specifically in the `trace_clock_global()` function. This function is responsible for updating the "prev_time" value, which is used to track the timing of events in the system.

 The issue arises when a single recursion event happens while tracing, causing `trace_clock_global()` to take a spin lock and then try to take it again, resulting in a deadlock situation. This can lead to strange lockups and system hangs.

 To fix this vulnerability, the `trace_clock_global()` function has been restructured to never block. Instead of taking a lock to update the "prev_time" value, the function now uses a trylock to grab the lock for updating the prev_time. If the trylock fails, the function simply tries again the next time. This ensures that tracing never blocks and prevents deadlock situations.

 The affected versions of the Linux kernel are 2.6.30 and later, up to 5.13. The issue has been fixed in various commits, including 91ca6f6a91f6, 859b47a43f5a, 1fca00920327, d43d56dbf452, c64da3294a7d, a33614d52e97, 6e2418576228, and aafe104aa909. The affected file is `kernel/trace/trace_clock.c`.

 The Linux kernel CVE team recommends updating to the latest stable kernel version to fix this issue, as well as other bugfixes. If updating is impossible, individual changes can be cherry-picked from the specified commits. However, cherry-picking individual commits is not recommended or supported by the Linux kernel community.
	The vulnerability CVE-2021-46939 occurs in the Linux kernel's tracing subsystem, specifically in the `trace_clock_global()` function. This function is responsible for updating the "prev_time" value, which is used to track the timing of events in the system.

	The issue arises when a single recursion event happens while tracing, causing `trace_clock_global()` to take a spin lock and then try to take it again, resulting in a deadlock situation. This can lead to strange lockups and system hangs.

	To fix this vulnerability, the `trace_clock_global()` function has been restructured to never block. Instead of taking a lock to update the "prev_time" value, the function now uses a trylock to grab the lock for updating the prev_time. If the trylock fails, the function simply tries again the next time. This ensures that tracing never blocks and prevents deadlock situations.

	The affected versions of the Linux kernel are 2.6.30 and later, up to 5.13. The issue has been fixed in various commits, including 91ca6f6a91f6, 859b47a43f5a, 1fca00920327, d43d56dbf452, c64da3294a7d, a33614d52e97, 6e2418576228, and aafe104aa909. The affected file is `kernel/trace/trace_clock.c`.

	The Linux kernel CVE team recommends updating to the latest stable kernel version to fix this issue, as well as other bugfixes. If updating is impossible, individual changes can be cherry-picked from the specified commits. However, cherry-picking individual commits is not recommended or supported by the Linux kernel community.