Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp2619631lqt; Mon, 22 Apr 2024 17:02:30 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCURW0NtYQ7PEhxSz2xUJWqrNsq6dGg54Z5c6We5HGmMPdTxuFrmxFpMN8anU0HTkPuOH4qQunkv6ijo+bdiQjnaQ+0hCFFM+ScVdN/JTw== X-Google-Smtp-Source: AGHT+IGSQhUFwRY2roWIuKcW0ut978KsFTdDK0l9FCa6LbD8TkYUO+QflzBl3NTTMfHF3mk1mpkp X-Received: by 2002:ac8:5a53:0:b0:439:8af6:423e with SMTP id o19-20020ac85a53000000b004398af6423emr8046713qta.33.1713830550188; Mon, 22 Apr 2024 17:02:30 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713830550; cv=pass; d=google.com; s=arc-20160816; b=xgxjfSR264KGo1jBdgGMlLlo77d1qLzGju60lxIEtlS3vMJylJncN8i82hw6nZZgM+ 8iUP7QYeWhQChheLJkERHAgSbzPIuBzFbMpGn4APFd4nZuPwnx8m4uG+LauzQBD4VOQr iwmNLEZ9JDLfwdNAuTjlQ5AglBts0HhSHizUmdkjwAxuGJtNyEgEIqmSeXEsLU/eCvPm V68GHMDPuHEoFV7pu+sCDzAhsoig9m3iMnaEu1BLMfQcIdXeLhR3BqPpdhcxvTFkBj9I Aijny/qBp059IfjXJUYMOMXB6Kh6dJIqvUoGT8LIkRyh8c6tN7MpavLjOMAXwieegV0d 7j0g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=2GVAmaKb3UwhFPTPAtRvmgFNEo+wVo4BbAiF+rAmhtg=; fh=R3Lxv2LQjclPt6gu6zVMXqPIKTPPMFNFGatf2iqf6FI=; b=xQxQk21VevspxqGZXWqrlhI0QpBl3eis6R+XZ8NF0GT2YlEmXa4VguZV9ZTiovVkVT dYJCQvHW7dNRJmER67FQ4ekLX0Cc5OG1OiOCMitWMa/szD5ESMWyP66iqC8bUs0IusuL xAUDyLJQykww9oZQ8Kd66n+SGX2Zysmzob1nKWvFuV3OerLilF+gfogsOPtOLepX9o5Y I+PZgUACYlWw0EeuB7kvV2BbewnxncskE8SUEIAqP5/JeBw2Nty9cdRqwiX7FLiW/GQY P2+ObD4TBlP11Dfdrrafc22kONjBmcoRYz5GFXMIriTWp33DkUokSoOzK0PR3NxNDinK kYDw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bmMNefCi; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-154255-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-154255-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id c10-20020ac87d8a000000b00438f1c08837si8105590qtd.158.2024.04.22.17.02.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Apr 2024 17:02:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-154255-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=bmMNefCi; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-154255-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-154255-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id E47931C20298 for ; Tue, 23 Apr 2024 00:02:29 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A12DC15B54B; Mon, 22 Apr 2024 23:55:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="bmMNefCi" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC8C015B575; Mon, 22 Apr 2024 23:55:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713830134; cv=none; b=HICNhFgnbxvS9/Ahlf32FkfP/wJWkodjNE92iIj8Aa9Kv+hM/UxNBhOth1rtyPtVK1s7bhwrExWjYppsGQAbJe9Em75xw+drEH0bL6k8Z1KD2hnbgQ9MgK4ah+iWjuVCQAgbuuRQ4yFiZXTVoUD8Tmq2GrBBvtbtq+CLYFrjFi4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713830134; c=relaxed/simple; bh=WrcENzlMWj81bXD8h4Oy1nbVfXMzWJChZl026RY/cDU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=DgTsGxw+ngdh2rvQxtr7D8qvAA0Vaj7AogoOnJUt59y6z9n2mxt2onWrHgtdwVEgB53XB4OJpJMDU7smhI8d8mVWXDoi1uIgMom7hTnIduMkioxPG7xaC+TyOMpGm/ECjUnaA/F57qWo58fOEcDdgbfSFaw5KHTHC6MnWHfOU64= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=bmMNefCi; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id DEAD0C32782; Mon, 22 Apr 2024 23:55:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1713830134; bh=WrcENzlMWj81bXD8h4Oy1nbVfXMzWJChZl026RY/cDU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bmMNefCiwZcq2KKFkyh1Jsom5W859BQuFjLtZ8i+NZpd7z0Yspm7CZi8+FANlk/HC 3PF7p/3Np4e+qVTs1tvx30AmZ8c4lNue0hB+lmvIsejx4Beo36V7Q/8lNLFqBg4ytz PkRVbTZvMUVMtrByRsWZzH9D/YO2soQ71oRH/bqZfAyplkE+Uk7XKYg1nvRCSanOeB KuN5gNfAzlcjnWqtotXh+3WjPehYEmjZcqKCnBMlcVdVOzmCafqNBVSwxL0dz6fjWs wQNHjHxmez92HABhle8cZ4R9vmU4e2atFS/q27ENsCTHkHkPYS07VOmLs4ZKyhyLmr kaD/G1N3+9YOQ== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Rick Edgecombe , Michael Kelley , Kuppuswamy Sathyanarayanan , "Kirill A . Shutemov" , Wei Liu , Sasha Levin , kys@microsoft.com, haiyangz@microsoft.com, decui@microsoft.com, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, linux-hyperv@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH AUTOSEL 6.8 37/43] hv_netvsc: Don't free decrypted memory Date: Mon, 22 Apr 2024 19:14:23 -0400 Message-ID: <20240422231521.1592991-37-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240422231521.1592991-1-sashal@kernel.org> References: <20240422231521.1592991-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore X-stable-base: Linux 6.8.7 Content-Transfer-Encoding: 8bit From: Rick Edgecombe [ Upstream commit bbf9ac34677b57506a13682b31a2a718934c0e31 ] In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting memory is shared. Callers need to take care to handle these errors to avoid returning decrypted (shared) memory to the page allocator, which could lead to functional or security issues. The netvsc driver could free decrypted/shared pages if set_memory_decrypted() fails. Check the decrypted field in the gpadl to decide whether to free the memory. Signed-off-by: Rick Edgecombe Signed-off-by: Michael Kelley Reviewed-by: Kuppuswamy Sathyanarayanan Acked-by: Kirill A. Shutemov Link: https://lore.kernel.org/r/20240311161558.1310-4-mhklinux@outlook.com Signed-off-by: Wei Liu Message-ID: <20240311161558.1310-4-mhklinux@outlook.com> Signed-off-by: Sasha Levin --- drivers/net/hyperv/netvsc.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c index a6fcbda64ecc6..2b6ec979a62f2 100644 --- a/drivers/net/hyperv/netvsc.c +++ b/drivers/net/hyperv/netvsc.c @@ -154,8 +154,11 @@ static void free_netvsc_device(struct rcu_head *head) int i; kfree(nvdev->extension); - vfree(nvdev->recv_buf); - vfree(nvdev->send_buf); + + if (!nvdev->recv_buf_gpadl_handle.decrypted) + vfree(nvdev->recv_buf); + if (!nvdev->send_buf_gpadl_handle.decrypted) + vfree(nvdev->send_buf); bitmap_free(nvdev->send_section_map); for (i = 0; i < VRSS_CHANNEL_MAX; i++) { -- 2.43.0