{"id":"CVE-2023-53730","summary":"blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost\n\nadjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled\nwhen unlock. DEADLOCK might happen if we have held other locks and disabled\nIRQ before invoking it.\n\nFix it by using spin_lock_irqsave() instead, which can keep IRQ state\nconsistent with before when unlock.\n\n  ================================\n  WARNING: inconsistent lock state\n  5.10.0-02758-g8e5f91fd772f #26 Not tainted\n  --------------------------------\n  inconsistent {IN-HARDIRQ-W} -\u003e {HARDIRQ-ON-W} usage.\n  kworker/2:3/388 [HC0[0]:SC0[0]:HE0:SE1] takes:\n  ffff888118c00c28 (&bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n  ffff888118c00c28 (&bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n  {IN-HARDIRQ-W} state was registered at:\n    __lock_acquire+0x3d7/0x1070\n    lock_acquire+0x197/0x4a0\n    __raw_spin_lock_irqsave\n    _raw_spin_lock_irqsave+0x3b/0x60\n    bfq_idle_slice_timer_body\n    bfq_idle_slice_timer+0x53/0x1d0\n    __run_hrtimer+0x477/0xa70\n    __hrtimer_run_queues+0x1c6/0x2d0\n    hrtimer_interrupt+0x302/0x9e0\n    local_apic_timer_interrupt\n    __sysvec_apic_timer_interrupt+0xfd/0x420\n    run_sysvec_on_irqstack_cond\n    sysvec_apic_timer_interrupt+0x46/0xa0\n    asm_sysvec_apic_timer_interrupt+0x12/0x20\n  irq event stamp: 837522\n  hardirqs last  enabled at (837521): [\u003cffffffff84b9419d\u003e] __raw_spin_unlock_irqrestore\n  hardirqs last  enabled at (837521): [\u003cffffffff84b9419d\u003e] _raw_spin_unlock_irqrestore+0x3d/0x40\n  hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] __raw_spin_lock_irq\n  hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] _raw_spin_lock_irq+0x43/0x50\n  softirqs last  enabled at (835852): [\u003cffffffff84e00558\u003e] __do_softirq+0x558/0x8ec\n  softirqs last disabled at (835845): [\u003cffffffff84c010ff\u003e] asm_call_irq_on_stack+0xf/0x20\n\n  other info that might help us debug this:\n   Possible unsafe locking scenario:\n\n         CPU0\n         ----\n    lock(&bfqd-\u003elock);\n    \u003cInterrupt\u003e\n      lock(&bfqd-\u003elock);\n\n   *** DEADLOCK ***\n\n  3 locks held by kworker/2:3/388:\n   #0: ffff888107af0f38 ((wq_completion)kthrotld){+.+.}-{0:0}, at: process_one_work+0x742/0x13f0\n   #1: ffff8881176bfdd8 ((work_completion)(&td-\u003edispatch_work)){+.+.}-{0:0}, at: process_one_work+0x777/0x13f0\n   #2: ffff888118c00c28 (&bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n   #2: ffff888118c00c28 (&bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n\n  stack backtrace:\n  CPU: 2 PID: 388 Comm: kworker/2:3 Not tainted 5.10.0-02758-g8e5f91fd772f #26\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n  Workqueue: kthrotld blk_throtl_dispatch_work_fn\n  Call Trace:\n   __dump_stack lib/dump_stack.c:77 [inline]\n   dump_stack+0x107/0x167\n   print_usage_bug\n   valid_state\n   mark_lock_irq.cold+0x32/0x3a\n   mark_lock+0x693/0xbc0\n   mark_held_locks+0x9e/0xe0\n   __trace_hardirqs_on_caller\n   lockdep_hardirqs_on_prepare.part.0+0x151/0x360\n   trace_hardirqs_on+0x5b/0x180\n   __raw_spin_unlock_irq\n   _raw_spin_unlock_irq+0x24/0x40\n   spin_unlock_irq\n   adjust_inuse_and_calc_cost+0x4fb/0x970\n   ioc_rqos_merge+0x277/0x740\n   __rq_qos_merge+0x62/0xb0\n   rq_qos_merge\n   bio_attempt_back_merge+0x12c/0x4a0\n   blk_mq_sched_try_merge+0x1b6/0x4d0\n   bfq_bio_merge+0x24a/0x390\n   __blk_mq_sched_bio_merge+0xa6/0x460\n   blk_mq_sched_bio_merge\n   blk_mq_submit_bio+0x2e7/0x1ee0\n   __submit_bio_noacct_mq+0x175/0x3b0\n   submit_bio_noacct+0x1fb/0x270\n   blk_throtl_dispatch_work_fn+0x1ef/0x2b0\n   process_one_work+0x83e/0x13f0\n   process_scheduled_works\n   worker_thread+0x7e3/0xd80\n   kthread+0x353/0x470\n   ret_from_fork+0x1f/0x30","modified":"2026-04-02T09:45:06.269313Z","published":"2025-10-22T13:23:58.419Z","related":["SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4111-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4301-1","SUSE-SU-2025:4320-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53730.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3376c4fe2db4aea2dc721a27a999c41fdb45b54f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8563b58a4360e648ce18f0e98a75a4be51667431"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8ceeb3fc86a83700bb1585c189006080a47e8506"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8d211554679d0b23702bd32ba04aeac0c1c4f660"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9279a1b74ad98039d5d44d26b9e7a9cfe655b6d3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/eb120c0aff5ceab9c9c46b87f302465bbf2bbaed"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53730.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53730"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b0853ab4a238c54b8f97ca7dde1ae156e2bbd5e4"},{"fixed":"8563b58a4360e648ce18f0e98a75a4be51667431"},{"fixed":"eb120c0aff5ceab9c9c46b87f302465bbf2bbaed"},{"fixed":"8ceeb3fc86a83700bb1585c189006080a47e8506"},{"fixed":"9279a1b74ad98039d5d44d26b9e7a9cfe655b6d3"},{"fixed":"3376c4fe2db4aea2dc721a27a999c41fdb45b54f"},{"fixed":"8d211554679d0b23702bd32ba04aeac0c1c4f660"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53730.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.10.0"},{"fixed":"5.10.188"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.121"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.39"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.3.13"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.4.0"},{"fixed":"6.4.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53730.json"}}],"schema_version":"1.7.5"}