From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753180AbdBIPtG (ORCPT ); Thu, 9 Feb 2017 10:49:06 -0500 Received: from mail-bn3nam01on0093.outbound.protection.outlook.com ([104.47.33.93]:16288 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752174AbdBIPsr (ORCPT ); Thu, 9 Feb 2017 10:48:47 -0500 From: KY Srinivasan To: Greg KH CC: "linux-kernel@vger.kernel.org" , "devel@linuxdriverproject.org" , "olaf@aepfle.de" , "apw@canonical.com" , "vkuznets@redhat.com" , "jasowang@redhat.com" , "leann.ogasawara@canonical.com" , "keescook@google.com" , "stephen@networkplumber.org" , "sds@tycho.nsa.gov" , "stable@vger.kernel.org" Subject: RE: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the hypercall page Thread-Topic: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the hypercall page Thread-Index: AQHSgnRR8qyOwTMVhUCvnLtRiysNK6FgPdGAgACTCeA= Date: Thu, 9 Feb 2017 15:48:29 +0000 Message-ID: References: <1486603856-27642-1-git-send-email-kys@exchange.microsoft.com> <20170209065431.GA5240@kroah.com> In-Reply-To: <20170209065431.GA5240@kroah.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=kys@microsoft.com; x-originating-ip: [2601:600:8c00:1040:ed06:d20:d7fe:c06f] x-ms-office365-filtering-correlation-id: 9ec122aa-02ac-427e-0072-08d45103182a x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081);SRVR:DM5PR03MB2491; x-microsoft-exchange-diagnostics: 1;DM5PR03MB2491;7:IWRo49wZPeiQ9qi/+dejY98f9xyvaJjH6nRJXnyQkLjeY4eX9z3LjXYJJJXgB+PuDyfPUVNrtT/ehU8euFCWpsWmQ/jj2wrDGkAnO59ppYo5xBsTg7bk69UMHDHuVxVI4yshWeYrME5uzYNvSSKE7Z6Z8G/R7ergI9cyAi1lxsAixWgSye0KI1SspTxsnUw07w0hR7F24eux1DwBSR4ltQpM9iVS/2LVhNk53/4XFFvLfh9utloUSVFjShzVPxCwSC/RA3rSlCY0IJWVJnHLeiLf34IP9TyOnUVXJoj2MxoG0m/ZQ/DXCbSKDyznVt9EvDtSbOeS3LNliv6qSsDTq2z3sIGl537McRB07q2fGKEO41Q7rOQAsWATSFBiOf6eI7dDE2CzM0K6Gwa/0BgEUYz9zmYrNx/4gzodZIprlzURw2qw7fsNNGXQxRN8Ixx6WnqDlG/63pl6pEX4sgsldc4320pJ25b6XMkB0rNjthhysU6ZbHN45EpdbabCsUyp8AvVOZatKiCbpUnMVNjgIuhC/r8j6SIBmdUPb80/9kY= x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(9452136761055)(140211028294663)(211936372134217)(198206253151910); x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(61425038)(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(61426038)(61427038)(6041248)(20161123555025)(20161123558025)(20161123560025)(20161123562025)(20161123564025)(6072148);SRVR:DM5PR03MB2491;BCL:0;PCL:0;RULEID:;SRVR:DM5PR03MB2491; x-forefront-prvs: 02135EB356 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(6009001)(7916002)(39860400002)(39410400002)(39850400002)(39840400002)(39450400003)(377454003)(189002)(24454002)(13464003)(199003)(53936002)(81156014)(92566002)(33656002)(81166006)(3660700001)(2900100001)(74316002)(10090500001)(50986999)(2950100002)(76176999)(54356999)(6246003)(6916009)(110136004)(4326007)(2906002)(7736002)(38730400002)(305945005)(102836003)(5660300001)(8990500004)(7416002)(7696004)(8936002)(5005710100001)(6116002)(10290500002)(101416001)(3280700002)(99286003)(54906002)(122556002)(68736007)(55016002)(106356001)(9686003)(97736004)(6436002)(25786008)(229853002)(8676002)(77096006)(6506006)(86362001)(86612001)(189998001)(106116001)(105586002);DIR:OUT;SFP:1102;SCL:1;SRVR:DM5PR03MB2491;H:DM5PR03MB2490.namprd03.prod.outlook.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Feb 2017 15:48:29.7259 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB2491 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.home.local id v19FnBsX002634 > -----Original Message----- > From: Greg KH [mailto:gregkh@linuxfoundation.org] > Sent: Wednesday, February 8, 2017 10:55 PM > To: KY Srinivasan > Cc: linux-kernel@vger.kernel.org; devel@linuxdriverproject.org; > olaf@aepfle.de; apw@canonical.com; vkuznets@redhat.com; > jasowang@redhat.com; leann.ogasawara@canonical.com; > keescook@google.com; stephen@networkplumber.org; sds@tycho.nsa.gov; > stable@vger.kernel.org > Subject: Re: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the > hypercall page > > On Wed, Feb 08, 2017 at 06:30:56PM -0700, kys@exchange.microsoft.com > wrote: > > From: K. Y. Srinivasan > > > > The hypercall page only needs to be executable but currently it is setup to > > be writable as well. Fix the issue. > > > > Signed-off-by: K. Y. Srinivasan > > Cc: > > What type of bug is this fixing that it is needed to be backported? > Does this affect any current users? How far back should it go? This issue has been there from day 1 and the mapping was setup after the scan was done (for questionable mappings) and so we did not see it. Now, we are setting up the hypercall page much earlier in the boot sequence and so this issue was noticed. Once this is committed, I will send the patch for stable. The main issue is that the page can be written and is executable and could be a vulnerability. Thanks, K. Y > > thanks, > > greg k-h