Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path[EOL][EOL]If request_irq() in i40e_vsi_request_irq_msix() fails in an iteration[EOL]later than the first, the error path wants to free the IRQs requested[EOL]so far. However, it uses the wrong dev_id argument for free_irq(), so[EOL]it does not free the IRQs correctly and instead triggers the warning:[EOL][EOL] Trying to free already-free IRQ 173[EOL] WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+0x192/0x2c0[EOL] Modules linked in: i40e(+) [...][EOL] CPU: 25 UID: 0 PID: 1091 Comm: NetworkManager Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)[EOL] Hardware name: [...][EOL] RIP: 0010:__free_irq+0x192/0x2c0[EOL] [...][EOL] Call Trace:[EOL]  <TASK>[EOL]  free_irq+0x32/0x70[EOL]  i40e_vsi_request_irq_msix.cold+0x63/0x8b [i40e][EOL]  i40e_vsi_request_irq+0x79/0x80 [i40e][EOL]  i40e_vsi_open+0x21f/0x2f0 [i40e][EOL]  i40e_open+0x63/0x130 [i40e][EOL]  __dev_open+0xfc/0x210[EOL]  __dev_change_flags+0x1fc/0x240[EOL]  netif_change_flags+0x27/0x70[EOL]  do_setlink.isra.0+0x341/0xc70[EOL]  rtnl_newlink+0x468/0x860[EOL]  rtnetlink_rcv_msg+0x375/0x450[EOL]  netlink_rcv_skb+0x5c/0x110[EOL]  netlink_unicast+0x288/0x3c0[EOL]  netlink_sendmsg+0x20d/0x430[EOL]  ____sys_sendmsg+0x3a2/0x3d0[EOL]  ___sys_sendmsg+0x99/0xe0[EOL]  __sys_sendmsg+0x8a/0xf0[EOL]  do_syscall_64+0x82/0x2c0[EOL]  entry_SYSCALL_64_after_hwframe+0x76/0x7e[EOL]  [...][EOL]  </TASK>[EOL] ---[ end trace 0000000000000000 ]---[EOL][EOL]Use the same dev_id for free_irq() as for request_irq().[EOL][EOL]I tested this with inserting code to fail intentionally.