From: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> Sent: Monday, September 7, 2020 9:19 AM > > From: Andres Beltran <lkmlabelt@xxxxxxxxx> > > Currently, VMbus drivers use pointers into guest memory as request IDs > for interactions with Hyper-V. To be more robust in the face of errors > or malicious behavior from a compromised Hyper-V, avoid exposing > guest memory addresses to Hyper-V. Also avoid Hyper-V giving back a > bad request ID that is then treated as the address of a guest data > structure with no validation. Instead, encapsulate these memory > addresses and provide small integers as request IDs. > > Signed-off-by: Andres Beltran <lkmlabelt@xxxxxxxxx> > Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> > Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx> > --- > Changes in v7: > - Move the allocation of the request ID after the data has been > copied into the ring buffer. > Changes in v6: > - Offset request IDs by 1 keeping the original initialization > code. > Changes in v5: > - Add support for unsolicited messages sent by the host with a > request ID of 0. > Changes in v4: > - Use channel->rqstor_size to check if rqstor has been > initialized. > Changes in v3: > - Check that requestor has been initialized in > vmbus_next_request_id() and vmbus_request_addr(). > Changes in v2: > - Get rid of "rqstor" variable in __vmbus_open(). > > drivers/hv/channel.c | 174 ++++++++++++++++++++++++++++++++++++-- > drivers/hv/hyperv_vmbus.h | 3 +- > drivers/hv/ring_buffer.c | 28 +++++- > include/linux/hyperv.h | 22 +++++ > 4 files changed, 218 insertions(+), 9 deletions(-) > With my previous comments shown to be incorrect, I'm good with this code. Reviewed-by: Michael Kelley <mikelley@xxxxxxxxxxxxx>
