Drivers: hv: vmbus: Restrict vmbus_devices on isolated guests Only the VSCs or ICs that have been hardened and that are critical for the successful adoption of Confidential VMs should be allowed if the guest is running isolated. This change reduces the footprint of the code that will be exercised by Confidential VMs and hence the exposure to bugs and vulnerabilities. Signed-off-by: Andrea Parri (Microsoft) <[email protected]> Reviewed-by: Michael Kelley <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Wei Liu <[email protected]>

commit: 21a4e356d3588806307555c149b80cec3dedb180 [log] [tgz]
author: Andrea Parri (Microsoft) <[email protected]> Mon Feb 01 15:48:12 2021 +0100
committer: Wei Liu <[email protected]> Thu Feb 11 08:47:05 2021 +0000
tree: c4ad61b4490f41e466122fb109c9fcb5642b24a4
parent: a6c76bb08dc7f7ff2b1c381002eb6c7211746182 [diff] [blame]
diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h
index f0d48a3..e3426f8 100644
--- a/include/linux/hyperv.h
+++ b/include/linux/hyperv.h

@@ -789,6 +789,7 @@ struct vmbus_device {
 	u16  dev_type;
 	guid_t guid;
 	bool perf_device;
+	bool allowed_in_isolated;
 };
 
 #define VMBUS_DEFAULT_MAX_PKT_SIZE 4096
commit	21a4e356d3588806307555c149b80cec3dedb180	[log] [tgz]
author	Andrea Parri (Microsoft) <[email protected]>	Mon Feb 01 15:48:12 2021 +0100
committer	Wei Liu <[email protected]>	Thu Feb 11 08:47:05 2021 +0000
tree	c4ad61b4490f41e466122fb109c9fcb5642b24a4
parent	a6c76bb08dc7f7ff2b1c381002eb6c7211746182 [diff] [blame]