| commit | ff022a181798d58b6c59830898a64d2e7b9569ea | [log] [tgz] |
|---|---|---|
| author | Juergen Gross <[email protected]> | Tue Dec 06 08:54:24 2022 +0100 |
| committer | Meena Shanmugam <[email protected]> | Fri Dec 16 23:11:20 2022 +0000 |
| tree | cf2f396ceb307046ccb7f2a14e0cb7f1890f6346 | |
| parent | ee9d2ca2d871d7a107e10e04df754086b90da825 [diff] |
xen/netback: don't call kfree_skb() with interrupts disabled
[ Upstream commit 74e7e1efdad45580cc3839f2a155174cf158f9b5 ]
It is not allowed to call kfree_skb() from hardware interrupt
context or with interrupts being disabled. So remove kfree_skb()
from the spin_lock_irqsave() section and use the already existing
"drop" label in xenvif_start_xmit() for dropping the SKB. At the
same time replace the dev_kfree_skb() call there with a call of
dev_kfree_skb_any(), as xenvif_start_xmit() can be called with
disabled interrupts.
This is XSA-424 / CVE-2022-42328 / CVE-2022-42329.
BUG=b/262368890,b/262369401
TEST=presubmit,validation
RELEASE_NOTE=Fixed CVE-2022-42328,CVE-2022-42329 in the Linux kernel.
cos-patch: security-moderate
Fixes: be81992f9086 ("xen/netback: don't queue unlimited number of packages")
Reported-by: Yang Yingliang <[email protected]>
Signed-off-by: Juergen Gross <[email protected]>
Reviewed-by: Jan Beulich <[email protected]>
Signed-off-by: Juergen Gross <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
Change-Id: I42ee54d4445655afa3d43589f37874960514bba7
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/40288
Tested-by: Cusky Presubmit Bot <[email protected]>
Reviewed-by: Oleksandr Tymoshenko <[email protected]>