From: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> Sent: Monday, September 7, 2020 9:19 AM > > From: Andres Beltran <lkmlabelt@xxxxxxxxx> > > Currently, pointers to guest memory are passed to Hyper-V as > transaction IDs in netvsc. In the face of errors or malicious > behavior in Hyper-V, netvsc should not expose or trust the transaction > IDs returned by Hyper-V to be valid guest memory addresses. Instead, > use small integers generated by vmbus_requestor as requests > (transaction) IDs. > > Signed-off-by: Andres Beltran <lkmlabelt@xxxxxxxxx> > Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> > Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> > Cc: "David S. Miller" <davem@xxxxxxxxxxxxx> > Cc: Jakub Kicinski <kuba@xxxxxxxxxx> > Cc: netdev@xxxxxxxxxxxxxxx > --- > Changes in v7: > - Move the allocation of the request ID after the data has been > copied into the ring buffer (cf. 1/3). > Changes in v2: > - Add casts to unsigned long to fix warnings on 32bit. > - Use an inline function to get the requestor size. > > drivers/net/hyperv/hyperv_net.h | 13 +++++++++++++ > drivers/net/hyperv/netvsc.c | 22 ++++++++++++++++------ > drivers/net/hyperv/rndis_filter.c | 1 + > include/linux/hyperv.h | 1 + > 4 files changed, 31 insertions(+), 6 deletions(-) > Reviewed-by: Michael Kelley <mikelley@xxxxxxxxxxxxx>