xen/netfront: react properly to failing gnttab_end_foreign_access_ref() - bcachefs.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Juergen Gross <jgross@suse.com>	2022-02-25 16:05:43 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2022-03-11 10:15:13 +0100
commit	c307029d811e03546d18d0e512fe295b3103b8e5 (patch)
tree	d4d065189759a2d45ca58b6aeb4fe1f3e0264130 /arch/.gitignore
parent	92dc0e4a219602242407dedd987dc9c8263c959b (diff)

xen/netfront: react properly to failing gnttab_end_foreign_access_ref()

Commit 66e3531b33ee51dad17c463b4d9c9f52e341503d upstream. When calling gnttab_end_foreign_access_ref() the returned value must be tested and the reaction to that value should be appropriate. In case of failure in xennet_get_responses() the reaction should not be to crash the system, but to disable the network device. The calls in setup_netfront() can be replaced by calls of gnttab_end_foreign_access(). While at it avoid double free of ring pages and grant references via xennet_disconnect_backend() in this case. This is CVE-2022-23042 / part of XSA-396. Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com> Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'arch/.gitignore')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: