> > @@ -354,6 +354,8 @@ int hv_ringbuffer_write(struct vmbus_channel *channel, > > } > > desc = hv_get_ring_buffer(outring_info) + old_write; > > desc->trans_id = (rqst_id == VMBUS_NO_RQSTOR) ? requestid : rqst_id; > > + if (trans_id) > > + *trans_id = desc->trans_id; > > This line should *not* read the trans_id out of the ring buffer, since that > memory is shared with the Hyper-V host and subject to being maliciously > changed by the host. Need to set *trans_id only from local variables, and > somehow ensure the compiler doesn't generate code that reads the value > from the ring buffer. Maybe mark the desc->trans_id field as volatile, or cast > it as such? Or does WRITE_ONCE() work when setting it? I'd stick to WRITE_ONCE() (with a comment). Good catch! Thanks, Andrea
