xen/netback: don't call kfree_skb() with interrupts disabled
It is not allowed to call kfree_skb() from hardware interrupt context or with interrupts being disabled. So remove kfree_skb() from the spin_lock_irqsave() section and use the already existing "drop" label in xenvif_start_xmit() for dropping the SKB. At the same time replace the dev_kfree_skb() call there with a call of dev_kfree_skb_any(), as xenvif_start_xmit() can be called with disabled interrupts. This is XSA-424 / CVE-2022-42328 / CVE-2022-42329. Fixes: be81992f ("xen/netback: don't queue unlimited number of packages") Reported-by: Yang Yingliang <yangyingliang@huawei.com> Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Juergen Gross <jgross@suse.com>
parent
ad7f402a
-
mentioned in commit 2b81c566
-
mentioned in commit ff3f010d
-
mentioned in commit d3e1b615
-
mentioned in commit b5bc1e8a
-
mentioned in commit b41eab57
-
mentioned in commit c7c498cf
-
mentioned in commit 83632fc4
-
mentioned in commit 3eecd2bc
-
mentioned in commit 5d0fa6fc
-
mentioned in commit 4422241c
-
mentioned in commit 50e1ab7e
-
mentioned in commit 6b1d47f9
Please register or sign in to comment