Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN[EOL][EOL]syzbot reports a data-race when accessing the event_triggered, here is the[EOL]simplified stack when the issue occurred:[EOL][EOL]==================================================================[EOL]BUG: KCSAN: data-race in virtqueue_disable_cb / virtqueue_enable_cb_delayed[EOL][EOL]write to 0xffff8881025bc452 of 1 bytes by task 3288 on cpu 0:[EOL] virtqueue_enable_cb_delayed+0x42/0x3c0 drivers/virtio/virtio_ring.c:2653[EOL] start_xmit+0x230/0x1310 drivers/net/virtio_net.c:3264[EOL] __netdev_start_xmit include/linux/netdevice.h:5151 [inline][EOL] netdev_start_xmit include/linux/netdevice.h:5160 [inline][EOL] xmit_one net/core/dev.c:3800 [inline][EOL][EOL]read to 0xffff8881025bc452 of 1 bytes by interrupt on cpu 1:[EOL] virtqueue_disable_cb_split drivers/virtio/virtio_ring.c:880 [inline][EOL] virtqueue_disable_cb+0x92/0x180 drivers/virtio/virtio_ring.c:2566[EOL] skb_xmit_done+0x5f/0x140 drivers/net/virtio_net.c:777[EOL] vring_interrupt+0x161/0x190 drivers/virtio/virtio_ring.c:2715[EOL] __handle_irq_event_percpu+0x95/0x490 kernel/irq/handle.c:158[EOL] handle_irq_event_percpu kernel/irq/handle.c:193 [inline][EOL][EOL]value changed: 0x01 -> 0x00[EOL]==================================================================[EOL][EOL]When the data race occurs, the function virtqueue_enable_cb_delayed() sets[EOL]event_triggered to false, and virtqueue_disable_cb_split/packed() reads it[EOL]as false due to the race condition. Since event_triggered is an unreliable[EOL]hint used for optimization, this should only cause the driver temporarily[EOL]suggest that the device not send an interrupt notification when the event[EOL]index is used.[EOL][EOL]Fix this KCSAN reported data-race issue by explicitly tagging the access as[EOL]data_racy.

CREATE(Triage):(User=lchen-cn) [CVE-2025-38048 (https://nvd.nist.gov/vuln/detail/CVE-2025-38048)