Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'hyperv-fixes-signed-20230402' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux

Pull hyperv fixes from Wei Liu:

- Fix a bug in channel allocation for VMbus (Mohammed Gamal)

- Do not allow root partition functionality in CVM (Michael Kelley)

* tag 'hyperv-fixes-signed-20230402' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux:
x86/hyperv: Block root partition functionality in a Confidential VM
Drivers: vmbus: Check for channel allocation before looking up relids

+12 -4
+8 -4
arch/x86/kernel/cpu/mshyperv.c
··· 358 358 * To mirror what Windows does we should extract CPU management 359 359 * features and use the ReservedIdentityBit to detect if Linux is the 360 360 * root partition. But that requires negotiating CPU management 361 - * interface (a process to be finalized). 361 + * interface (a process to be finalized). For now, use the privilege 362 + * flag as the indicator for running as root. 362 363 * 363 - * For now, use the privilege flag as the indicator for running as 364 - * root. 364 + * Hyper-V should never specify running as root and as a Confidential 365 + * VM. But to protect against a compromised/malicious Hyper-V trying 366 + * to exploit root behavior to expose Confidential VM memory, ignore 367 + * the root partition setting if also a Confidential VM. 365 368 */ 366 - if (cpuid_ebx(HYPERV_CPUID_FEATURES) & HV_CPU_MANAGEMENT) { 369 + if ((ms_hyperv.priv_high & HV_CPU_MANAGEMENT) && 370 + !(ms_hyperv.priv_high & HV_ISOLATION)) { 367 371 hv_root_partition = true; 368 372 pr_info("Hyper-V: running as root partition\n"); 369 373 }
+4
drivers/hv/connection.c
··· 409 409 */ 410 410 struct vmbus_channel *relid2channel(u32 relid) 411 411 { 412 + if (vmbus_connection.channels == NULL) { 413 + pr_warn_once("relid2channel: relid=%d: No channels mapped!\n", relid); 414 + return NULL; 415 + } 412 416 if (WARN_ON(relid >= MAX_CHANNEL_RELIDS)) 413 417 return NULL; 414 418 return READ_ONCE(vmbus_connection.channels[relid]);