hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening

Currently, pointers to guest memory are passed to Hyper-V as transaction IDs in netvsc. In the face of errors or malicious behavior in Hyper-V, netvsc should not expose or trust the transaction IDs returned by Hyper-V to be valid guest memory addresses. Instead, use small integers generated by vmbus_requestor as requests (transaction) IDs. Signed-off-by: Andres Beltran <[email protected]> Co-developed-by: Andrea Parri (Microsoft) <[email protected]> Signed-off-by: Andrea Parri (Microsoft) <[email protected]> Reviewed-by: Michael Kelley <[email protected]> Acked-by: Jakub Kicinski <[email protected]> Reviewed-by: Wei Liu <[email protected]> Cc: "David S. Miller" <[email protected]> Cc: Jakub Kicinski <[email protected]> Cc: [email protected] Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Wei Liu <[email protected]>
author: Andres Beltran <[email protected]> 2020-11-09 11:04:02 +0100
committer: Wei Liu <[email protected]> 2020-11-17 10:54:18 +0000
commit: 4d18fcc95f50950a99bd940d4e61a983f91d267a (patch)
tree: 1833ae5107119605a1fba4f6580e35653a1e6a82 /include/linux
parent: 453de21c2b8281228173a7b689120b92929743d6 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h
index 5b6d5c4e3711..5ddb479c4d4c 100644
--- a/include/linux/hyperv.h
+++ b/include/linux/hyperv.h
@@ -779,6 +779,7 @@ struct vmbus_requestor {
 
 #define VMBUS_NO_RQSTOR U64_MAX
 #define VMBUS_RQST_ERROR (U64_MAX - 1)
+#define VMBUS_RQST_ID_NO_RESPONSE (U64_MAX - 2)
 
 struct vmbus_device {
 	u16  dev_type;
author	Andres Beltran <[email protected]>	2020-11-09 11:04:02 +0100
committer	Wei Liu <[email protected]>	2020-11-17 10:54:18 +0000
commit	4d18fcc95f50950a99bd940d4e61a983f91d267a (patch)
tree	1833ae5107119605a1fba4f6580e35653a1e6a82 /include/linux
parent	453de21c2b8281228173a7b689120b92929743d6 (diff)