hyperv-fixes for 6.3-rc6
-----BEGIN PGP SIGNATURE----- iQFHBAABCgAxFiEEIbPD0id6easf0xsudhRwX5BBoF4FAmQqIpUTHHdlaS5saXVA a2VybmVsLm9yZwAKCRB2FHBfkEGgXjtwCACaG8LkrLOa4EWwdVLOutxc/VSHhPzS FaCyzxaSNtFciSl/kOPsl2pmwy+c9QAri3wO9uyJ41R1oUfjy/+pX8TxYc1imOrh 6vIMUntYW7t9ISoUbi7hDU1Nj3CX4KOXruOliLP3WM9mtGvaNL5INEDh9PV6bxIz xlP8JEoKTk0ecChOWZDWyDIE95MwgqRin8uEI0JUyE2mdegIrDC7SFvqT7XjV23O 0gntPdoZCgBzWohaiRMKJHHNUbAC+1O2+1tzY0bONwHdpmRj5/V28e02iARF3bAE 4TvTt3qrZU02epzMhkZPnTztyvp1vPzmpHaBHQD4pdNZP/D1b8ejm4mz =o+VM -----END PGP SIGNATURE----- Merge tag 'hyperv-fixes-signed-20230402' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux Pull hyperv fixes from Wei Liu: - Fix a bug in channel allocation for VMbus (Mohammed Gamal) - Do not allow root partition functionality in CVM (Michael Kelley) * tag 'hyperv-fixes-signed-20230402' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux: x86/hyperv: Block root partition functionality in a Confidential VM Drivers: vmbus: Check for channel allocation before looking up relids
This commit is contained in:
Linus Torvalds
Коммит
2d72ab2449
|
|
@ -358,12 +358,16 @@ static void __init ms_hyperv_init_platform(void)
|
||||||
* To mirror what Windows does we should extract CPU management
|
* To mirror what Windows does we should extract CPU management
|
||||||
* features and use the ReservedIdentityBit to detect if Linux is the
|
* features and use the ReservedIdentityBit to detect if Linux is the
|
||||||
* root partition. But that requires negotiating CPU management
|
* root partition. But that requires negotiating CPU management
|
||||||
* interface (a process to be finalized).
|
* interface (a process to be finalized). For now, use the privilege
|
||||||
|
* flag as the indicator for running as root.
|
||||||
*
|
*
|
||||||
* For now, use the privilege flag as the indicator for running as
|
* Hyper-V should never specify running as root and as a Confidential
|
||||||
* root.
|
* VM. But to protect against a compromised/malicious Hyper-V trying
|
||||||
|
* to exploit root behavior to expose Confidential VM memory, ignore
|
||||||
|
* the root partition setting if also a Confidential VM.
|
||||||
*/
|
*/
|
||||||
if (cpuid_ebx(HYPERV_CPUID_FEATURES) & HV_CPU_MANAGEMENT) {
|
if ((ms_hyperv.priv_high & HV_CPU_MANAGEMENT) &&
|
||||||
|
!(ms_hyperv.priv_high & HV_ISOLATION)) {
|
||||||
hv_root_partition = true;
|
hv_root_partition = true;
|
||||||
pr_info("Hyper-V: running as root partition\n");
|
pr_info("Hyper-V: running as root partition\n");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -409,6 +409,10 @@ void vmbus_disconnect(void)
|
||||||
*/
|
*/
|
||||||
struct vmbus_channel *relid2channel(u32 relid)
|
struct vmbus_channel *relid2channel(u32 relid)
|
||||||
{
|
{
|
||||||
|
if (vmbus_connection.channels == NULL) {
|
||||||
|
pr_warn_once("relid2channel: relid=%d: No channels mapped!\n", relid);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
if (WARN_ON(relid >= MAX_CHANNEL_RELIDS))
|
if (WARN_ON(relid >= MAX_CHANNEL_RELIDS))
|
||||||
return NULL;
|
return NULL;
|
||||||
return READ_ONCE(vmbus_connection.channels[relid]);
|
return READ_ONCE(vmbus_connection.channels[relid]);
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче