| commit | 4d18fcc95f50950a99bd940d4e61a983f91d267a | [log] [tgz] |
|---|---|---|
| author | Andres Beltran <[email protected]> | Mon Nov 09 11:04:02 2020 +0100 |
| committer | Wei Liu <[email protected]> | Tue Nov 17 10:54:18 2020 +0000 |
| tree | 1833ae5107119605a1fba4f6580e35653a1e6a82 | |
| parent | 453de21c2b8281228173a7b689120b92929743d6 [diff] [blame] |
hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening Currently, pointers to guest memory are passed to Hyper-V as transaction IDs in netvsc. In the face of errors or malicious behavior in Hyper-V, netvsc should not expose or trust the transaction IDs returned by Hyper-V to be valid guest memory addresses. Instead, use small integers generated by vmbus_requestor as requests (transaction) IDs. Signed-off-by: Andres Beltran <[email protected]> Co-developed-by: Andrea Parri (Microsoft) <[email protected]> Signed-off-by: Andrea Parri (Microsoft) <[email protected]> Reviewed-by: Michael Kelley <[email protected]> Acked-by: Jakub Kicinski <[email protected]> Reviewed-by: Wei Liu <[email protected]> Cc: "David S. Miller" <[email protected]> Cc: Jakub Kicinski <[email protected]> Cc: [email protected] Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Wei Liu <[email protected]>
diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index 5b6d5c4..5ddb479 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h
@@ -779,6 +779,7 @@ struct vmbus_requestor { #define VMBUS_NO_RQSTOR U64_MAX #define VMBUS_RQST_ERROR (U64_MAX - 1) +#define VMBUS_RQST_ID_NO_RESPONSE (U64_MAX - 2) struct vmbus_device { u16 dev_type;