[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <dc67979f1e77ee7499483ae03c37af3f0ef119eb.camel@intel.com>
Date: Fri, 1 Mar 2024 19:12:45 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "wei.liu@...nel.org" <wei.liu@...nel.org>
CC: "linux-coco@...ts.linux.dev" <linux-coco@...ts.linux.dev>,
"mhklinux@...look.com" <mhklinux@...look.com>, "dave.hansen@...ux.intel.com"
<dave.hansen@...ux.intel.com>, "davem@...emloft.net" <davem@...emloft.net>,
"haiyangz@...rosoft.com" <haiyangz@...rosoft.com>, "Reshetova, Elena"
<elena.reshetova@...el.com>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "edumazet@...gle.com" <edumazet@...gle.com>,
"pabeni@...hat.com" <pabeni@...hat.com>, "kirill.shutemov@...ux.intel.com"
<kirill.shutemov@...ux.intel.com>, "kys@...rosoft.com" <kys@...rosoft.com>,
"Cui, Dexuan" <decui@...rosoft.com>, "kuba@...nel.org" <kuba@...nel.org>,
"linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>
Subject: Re: [RFC RFT PATCH 1/4] hv: Leak pages if set_memory_encrypted()
fails
On Fri, 2024-03-01 at 09:26 +0000, Wei Liu wrote:
> > Hyperv could free decrypted/shared pages if set_memory_encrypted()
> > fails.
>
> "Hyper-V" throughout.
Ok.
>
> > Leak the pages if this happens.
> >
> > Only compile tested.
> >
> > Cc: "K. Y. Srinivasan" <kys@...rosoft.com>
> > Cc: Haiyang Zhang <haiyangz@...rosoft.com>
> > Cc: Wei Liu <wei.liu@...nel.org>
> > Cc: Dexuan Cui <decui@...rosoft.com>
> > Cc: linux-hyperv@...r.kernel.org
> > Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
> > ---
> > drivers/hv/connection.c | 11 +++++++----
> > 1 file changed, 7 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c
> > index 3cabeeabb1ca..e39493421bbb 100644
> > --- a/drivers/hv/connection.c
> > +++ b/drivers/hv/connection.c
> > @@ -315,6 +315,7 @@ int vmbus_connect(void)
> >
> > void vmbus_disconnect(void)
> > {
> > + int ret;
> > /*
> > * First send the unload request to the host.
> > */
> > @@ -337,11 +338,13 @@ void vmbus_disconnect(void)
> > vmbus_connection.int_page = NULL;
> > }
> >
> > - set_memory_encrypted((unsigned
> > long)vmbus_connection.monitor_pages[0], 1);
> > - set_memory_encrypted((unsigned
> > long)vmbus_connection.monitor_pages[1], 1);
> > + ret = set_memory_encrypted((unsigned
> > long)vmbus_connection.monitor_pages[0], 1);
> > + ret |= set_memory_encrypted((unsigned
> > long)vmbus_connection.monitor_pages[1], 1);
> >
> > - hv_free_hyperv_page(vmbus_connection.monitor_pages[0]);
> > - hv_free_hyperv_page(vmbus_connection.monitor_pages[1]);
> > + if (!ret) {
> > + hv_free_hyperv_page(vmbus_connection.monitor_pages[
> > 0]);
> > + hv_free_hyperv_page(vmbus_connection.monitor_pages[
> > 1]);
> > + }
>
> This silently leaks the pages if set_memory_encrypted() fails. I
> think
> there should print some warning or error messages here.
Another patch will warn in CPA for the particular case:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?h=x86/mm
Do we want a warning in the caller too? It is more robust to other
types of failures in the future I guess.
Powered by blists - more mailing lists