On Wed, Oct 09, 2024 at 04:16:26PM +0800, Xiangyu Chen wrote:
From: Rick Edgecombe rick.p.edgecombe@intel.com
In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues.
VMBus code could free decrypted pages if set_memory_encrypted()/decrypted() fails. Leak the pages if this happens.
Signed-off-by: Rick Edgecombe rick.p.edgecombe@intel.com Signed-off-by: Michael Kelley mhklinux@outlook.com Reviewed-by: Kuppuswamy Sathyanarayanan sathyanarayanan.kuppuswamy@linux.intel.com Acked-by: Kirill A. Shutemov kirill.shutemov@linux.intel.com Link: https://lore.kernel.org/r/20240311161558.1310-2-mhklinux@outlook.com Signed-off-by: Wei Liu wei.liu@kernel.org Message-ID: 20240311161558.1310-2-mhklinux@outlook.com [Xiangyu: Modified to apply on 6.1.y] Signed-off-by: Xiangyu Chen xiangyu.chen@windriver.com
drivers/hv/connection.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
Are you sure? This is _VERY_ different from what you suggested for 5.15.y and what is in mainline. Also, you didn't show the git id for the upstream commit.
Please work to figure this out and resend working versions for ALL affected branches as new patches.
thanks,
greg k-h