Re: [PATCH hyperv-next] Drivers: hv: vmbus: Copy packets sent by Hyper-V out of the ring buffer
From: Wei Liu
Date: Thu May 06 2021 - 13:49:52 EST
On Thu, Apr 08, 2021 at 06:14:39PM +0200, Andrea Parri (Microsoft) wrote:
> From: Andres Beltran <lkmlabelt@xxxxxxxxx>
>
> Pointers to ring-buffer packets sent by Hyper-V are used within the
> guest VM. Hyper-V can send packets with erroneous values or modify
> packet fields after they are processed by the guest. To defend
> against these scenarios, return a copy of the incoming VMBus packet
> after validating its length and offset fields in hv_pkt_iter_first().
> In this way, the packet can no longer be modified by the host.
>
> Signed-off-by: Andres Beltran <lkmlabelt@xxxxxxxxx>
> Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> ---
> drivers/hv/channel.c | 9 ++--
> drivers/hv/hv_fcopy.c | 1 +
> drivers/hv/hv_kvp.c | 1 +
> drivers/hv/hyperv_vmbus.h | 2 +-
> drivers/hv/ring_buffer.c | 82 ++++++++++++++++++++++++++-----
> drivers/net/hyperv/hyperv_net.h | 7 +++
> drivers/net/hyperv/netvsc.c | 2 +
> drivers/net/hyperv/rndis_filter.c | 2 +
> drivers/scsi/storvsc_drv.c | 10 ++++
> include/linux/hyperv.h | 48 +++++++++++++++---
> net/vmw_vsock/hyperv_transport.c | 4 +-
> 11 files changed, 143 insertions(+), 25 deletions(-)
In theory this patch needs acks from network and scsi maintainers, but
the changes are so small and specific to Hyper-V drivers. In the
interest of making progress, I will be picking up this patch shortly
unless I hear objections.
Wei.