RE: [PATCH v7 3/3] hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> Sent: Monday, September 7, 2020 9:19 AM
> 
> From: Andres Beltran <lkmlabelt@xxxxxxxxx>
> 
> Currently, pointers to guest memory are passed to Hyper-V as
> transaction IDs in netvsc. In the face of errors or malicious
> behavior in Hyper-V, netvsc should not expose or trust the transaction
> IDs returned by Hyper-V to be valid guest memory addresses. Instead,
> use small integers generated by vmbus_requestor as requests
> (transaction) IDs.
> 
> Signed-off-by: Andres Beltran <lkmlabelt@xxxxxxxxx>
> Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
> Cc: Jakub Kicinski <kuba@xxxxxxxxxx>
> Cc: netdev@xxxxxxxxxxxxxxx
> ---
> Changes in v7:
> 	- Move the allocation of the request ID after the data has been
> 	  copied into the ring buffer (cf. 1/3).
> Changes in v2:
>         - Add casts to unsigned long to fix warnings on 32bit.
>         - Use an inline function to get the requestor size.
> 
>  drivers/net/hyperv/hyperv_net.h   | 13 +++++++++++++
>  drivers/net/hyperv/netvsc.c       | 22 ++++++++++++++++------
>  drivers/net/hyperv/rndis_filter.c |  1 +
>  include/linux/hyperv.h            |  1 +
>  4 files changed, 31 insertions(+), 6 deletions(-)
> 

Reviewed-by: Michael Kelley <mikelley@xxxxxxxxxxxxx>




[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux