> -----Original Message----- > From: Greg KH [mailto:gregkh@xxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, February 8, 2017 10:55 PM > To: KY Srinivasan <kys@xxxxxxxxxxxxx> > Cc: linux-kernel@xxxxxxxxxxxxxxx; devel@xxxxxxxxxxxxxxxxxxxxxx; > olaf@xxxxxxxxx; apw@xxxxxxxxxxxxx; vkuznets@xxxxxxxxxx; > jasowang@xxxxxxxxxx; leann.ogasawara@xxxxxxxxxxxxx; > keescook@xxxxxxxxxx; stephen@xxxxxxxxxxxxxxxxxx; sds@xxxxxxxxxxxxx; > stable@xxxxxxxxxxxxxxx > Subject: Re: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the > hypercall page > > On Wed, Feb 08, 2017 at 06:30:56PM -0700, kys@xxxxxxxxxxxxxxxxxxxxxx > wrote: > > From: K. Y. Srinivasan <kys@xxxxxxxxxxxxx> > > > > The hypercall page only needs to be executable but currently it is setup to > > be writable as well. Fix the issue. > > > > Signed-off-by: K. Y. Srinivasan <kys@xxxxxxxxxxxxx> > > Cc: <stable@xxxxxxxxxxxxxxx> > > What type of bug is this fixing that it is needed to be backported? > Does this affect any current users? How far back should it go? This issue has been there from day 1 and the mapping was setup after the scan was done (for questionable mappings) and so we did not see it. Now, we are setting up the hypercall page much earlier in the boot sequence and so this issue was noticed. Once this is committed, I will send the patch for stable. The main issue is that the page can be written and is executable and could be a vulnerability. Thanks, K. Y > > thanks, > > greg k-h _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel