linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andrea Parri <parri.andrea@gmail.com>
To: Wei Liu <wei.liu@kernel.org>
Cc: linux-kernel@vger.kernel.org,
	"K . Y . Srinivasan" <kys@microsoft.com>,
	Haiyang Zhang <haiyangz@microsoft.com>,
	Stephen Hemminger <sthemmin@microsoft.com>,
	linux-hyperv@vger.kernel.org,
	Andres Beltran <lkmlabelt@gmail.com>,
	Michael Kelley <mikelley@microsoft.com>,
	Saruhan Karademir <skarade@microsoft.com>,
	Juan Vazquez <juvazq@microsoft.com>,
	"James E.J. Bottomley" <jejb@linux.ibm.com>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	linux-scsi@vger.kernel.org
Subject: Re: [PATCH v9 2/3] scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening
Date: Fri, 13 Nov 2020 22:39:33 +0100	[thread overview]
Message-ID: <20201113213933.GA4937@andrea> (raw)
In-Reply-To: <20201113185424.ujdfx6ot7siqr5qh@liuwe-devbox-debian-v2>

On Fri, Nov 13, 2020 at 06:54:24PM +0000, Wei Liu wrote:
> On Fri, Nov 13, 2020 at 11:33:27AM +0000, Wei Liu wrote:
> > On Mon, Nov 09, 2020 at 11:04:01AM +0100, Andrea Parri (Microsoft) wrote:
> > > From: Andres Beltran <lkmlabelt@gmail.com>
> > > 
> > > Currently, pointers to guest memory are passed to Hyper-V as
> > > transaction IDs in storvsc. In the face of errors or malicious
> > > behavior in Hyper-V, storvsc should not expose or trust the transaction
> > > IDs returned by Hyper-V to be valid guest memory addresses. Instead,
> > > use small integers generated by vmbus_requestor as requests
> > > (transaction) IDs.
> > > 
> > > Signed-off-by: Andres Beltran <lkmlabelt@gmail.com>
> > > Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com>
> > > Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com>
> > > Reviewed-by: Michael Kelley <mikelley@microsoft.com>
> > > Cc: "James E.J. Bottomley" <jejb@linux.ibm.com>
> > > Cc: "Martin K. Petersen" <martin.petersen@oracle.com>
> > > Cc: linux-scsi@vger.kernel.org
> > 
> > Reviewed-by: Wei Liu <wl@xen.org>
> 
> Martin already gave his ack back in July. I guess nothing substantial
> changed so it should have been carried over?

The only change here happened in v7 and consisted in moving the
allocation of the request IDs from the VSC code down into the core
vmbus_sendpacket()&co functions.  As mentioned in v7 cover letter,
this change was applied to ensure that the allocation in question
is performed after the packet is copied into the ring buffer.  On
a positive note, this change greatly reduced the diff of this and
the following (NetVSC) patches.

  Andrea

  reply	other threads:[~2020-11-13 21:39 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-09 10:03 [PATCH v9 0/3] Drivers: hv: vmbus: vmbus_requestor data structure for VMBus hardening Andrea Parri (Microsoft)
2020-11-09 10:04 ` [PATCH v9 1/3] Drivers: hv: vmbus: Add " Andrea Parri (Microsoft)
2020-11-13 11:32   ` Wei Liu
2020-11-09 10:04 ` [PATCH v9 2/3] scsi: storvsc: Use vmbus_requestor to generate transaction IDs " Andrea Parri (Microsoft)
2020-11-13 11:33   ` Wei Liu
2020-11-13 18:54     ` Wei Liu
2020-11-13 21:39       ` Andrea Parri [this message]
2020-11-16 11:03         ` Wei Liu
2020-11-17  3:44           ` Martin K. Petersen
2020-11-09 10:04 ` [PATCH v9 3/3] hv_netvsc: " Andrea Parri (Microsoft)
2020-11-13 11:33   ` Wei Liu
2020-11-17 10:54 ` [PATCH v9 0/3] Drivers: hv: vmbus: vmbus_requestor data structure " Wei Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201113213933.GA4937@andrea \
    --to=parri.andrea@gmail.com \
    --cc=haiyangz@microsoft.com \
    --cc=jejb@linux.ibm.com \
    --cc=juvazq@microsoft.com \
    --cc=kys@microsoft.com \
    --cc=linux-hyperv@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-scsi@vger.kernel.org \
    --cc=lkmlabelt@gmail.com \
    --cc=martin.petersen@oracle.com \
    --cc=mikelley@microsoft.com \
    --cc=skarade@microsoft.com \
    --cc=sthemmin@microsoft.com \
    --cc=wei.liu@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).