xen/netfront: fix leaking data in shared pages

jira VULN-1438
cve CVE-2022-33740
commit-author Roger Pau Monne <[email protected]>
commit 307c8de
upstream-diff This kernel hasn't switched to page_pool_dev_alloc_pages
              so we are simply adding __GFP_ZERO to the existing
              alloc_page call.

When allocating pages to be used for shared communication with the
backend always zero them, this avoids leaking unintended data present
on the pages.

This is CVE-2022-33740, part of XSA-403.

	Signed-off-by: Roger Pau Monné <[email protected]>
	Reviewed-by: Jan Beulich <[email protected]>
	Reviewed-by: Juergen Gross <[email protected]>
	Signed-off-by: Juergen Gross <[email protected]>
(cherry picked from commit 307c8de)
	Signed-off-by: Brett Mastbergen <[email protected]>

Author: bmastbergen

drivers/net/xen-netfront.c

@@ -266,7 +266,7 @@ static struct sk_buff *xennet_alloc_one_rx_buffer(struct netfront_queue *queue)
 	if (unlikely(!skb))
 		return NULL;
 
-	page = alloc_page(GFP_ATOMIC | __GFP_NOWARN);
+	page = alloc_page(GFP_ATOMIC | __GFP_NOWARN | __GFP_ZERO);
 	if (!page) {
 		kfree_skb(skb);
 		return NULL;