lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Aug 2017 08:00:29 +0000
From:   Dexuan Cui <decui@...rosoft.com>
To:     "'Jorgen S. Hansen'" <jhansen@...are.com>,
        "'davem@...emloft.net'" <davem@...emloft.net>,
        "'netdev@...r.kernel.org'" <netdev@...r.kernel.org>
CC:     "'gregkh@...uxfoundation.org'" <gregkh@...uxfoundation.org>,
        "'devel@...uxdriverproject.org'" <devel@...uxdriverproject.org>,
        "KY Srinivasan" <kys@...rosoft.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>,
        Stephen Hemminger <sthemmin@...rosoft.com>,
        'George Zhang' <georgezhang@...are.com>,
        'Michal Kubecek' <mkubecek@...e.cz>,
        'Asias He' <asias@...hat.com>,
        'Stefan Hajnoczi' <stefanha@...hat.com>,
        "'Vitaly Kuznetsov'" <vkuznets@...hat.com>,
        'Cathy Avery' <cavery@...hat.com>,
        "'jasowang@...hat.com'" <jasowang@...hat.com>,
        'Rolf Neugebauer' <rolf.neugebauer@...ker.com>,
        'Dave Scott' <dave.scott@...ker.com>,
        "'Marcelo Cerri'" <marcelo.cerri@...onical.com>,
        "'apw@...onical.com'" <apw@...onical.com>,
        "'olaf@...fle.de'" <olaf@...fle.de>,
        "'joe@...ches.com'" <joe@...ches.com>,
        "'linux-kernel@...r.kernel.org'" <linux-kernel@...r.kernel.org>,
        'Dan Carpenter' <dan.carpenter@...cle.com>,
        Stefan Hajnoczi <stefanha@...hat.com>
Subject: [PATCH] vsock: only load vmci transport on VMware hypervisor by
 default


Without the patch, vmw_vsock_vmci_transport.ko can automatically load
when an application creates an AF_VSOCK socket.

This is the expected good behavior on VMware hypervisor, but as we
are going to add hv_sock.ko (i.e. Hyper-V transport for AF_VSOCK), we
should make sure vmw_vsock_vmci_transport.ko can't load on Hyper-V,
otherwise there is a -EBUSY conflict when both vmw_vsock_vmci_transport.ko
and hv_sock.ko try to call vsock_core_init() on Hyper-V.

On the other hand, hv_sock.ko can only load on Hyper-V, because it
depends on hv_vmbus.ko, which detects Hyper-V in hv_acpi_init().

KVM's vsock_virtio_transport doesn't have the issue because it doesn't
define MODULE_ALIAS_NETPROTO(PF_VSOCK).

The patch also adds a module parameter "skip_hypervisor_check" for
vmw_vsock_vmci_transport.ko.

Signed-off-by: Dexuan Cui <decui@...rosoft.com>
Cc: Alok Kataria <akataria@...are.com>
Cc: Andy King <acking@...are.com>
Cc: Adit Ranadive <aditr@...are.com>
Cc: George Zhang <georgezhang@...are.com>
Cc: Jorgen Hansen <jhansen@...are.com>
Cc: K. Y. Srinivasan <kys@...rosoft.com>
Cc: Haiyang Zhang <haiyangz@...rosoft.com>
Cc: Stephen Hemminger <sthemmin@...rosoft.com>
---
 net/vmw_vsock/Kconfig          |  2 +-
 net/vmw_vsock/vmci_transport.c | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/net/vmw_vsock/Kconfig b/net/vmw_vsock/Kconfig
index a24369d..3f52929 100644
--- a/net/vmw_vsock/Kconfig
+++ b/net/vmw_vsock/Kconfig
@@ -17,7 +17,7 @@ config VSOCKETS
 
 config VMWARE_VMCI_VSOCKETS
 	tristate "VMware VMCI transport for Virtual Sockets"
-	depends on VSOCKETS && VMWARE_VMCI
+	depends on VSOCKETS && VMWARE_VMCI && HYPERVISOR_GUEST
 	help
 	  This module implements a VMCI transport for Virtual Sockets.
 
diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c
index 10ae782..c068873 100644
--- a/net/vmw_vsock/vmci_transport.c
+++ b/net/vmw_vsock/vmci_transport.c
@@ -16,6 +16,7 @@
 #include <linux/types.h>
 #include <linux/bitops.h>
 #include <linux/cred.h>
+#include <linux/hypervisor.h>
 #include <linux/init.h>
 #include <linux/io.h>
 #include <linux/kernel.h>
@@ -73,6 +74,10 @@ struct vmci_transport_recv_pkt_info {
 	struct vmci_transport_packet pkt;
 };
 
+static bool skip_hypervisor_check;
+module_param(skip_hypervisor_check, bool, 0444);
+MODULE_PARM_DESC(hot_add, "If set, attempt to load on non-VMware platforms");
+
 static LIST_HEAD(vmci_transport_cleanup_list);
 static DEFINE_SPINLOCK(vmci_transport_cleanup_lock);
 static DECLARE_WORK(vmci_transport_cleanup_work, vmci_transport_cleanup);
@@ -2085,6 +2090,12 @@ static int __init vmci_transport_init(void)
 {
 	int err;
 
+	/* Check if we are running on VMware's hypervisor and bail out
+	 * if we are not.
+	 */
+	if (!skip_hypervisor_check && x86_hyper != &x86_hyper_vmware)
+		return -ENODEV;
+
 	/* Create the datagram handle that we will use to send and receive all
 	 * VSocket control messages for this context.
 	 */
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ