Re: [PATCH v9 2/3] scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening

[Andrea Parri]

On Fri, Nov 13, 2020 at 06:54:24PM +0000, Wei Liu wrote:
> On Fri, Nov 13, 2020 at 11:33:27AM +0000, Wei Liu wrote:
> > On Mon, Nov 09, 2020 at 11:04:01AM +0100, Andrea Parri (Microsoft) wrote:
> > > From: Andres Beltran <lkmlabelt@xxxxxxxxx>
> > > 
> > > Currently, pointers to guest memory are passed to Hyper-V as
> > > transaction IDs in storvsc. In the face of errors or malicious
> > > behavior in Hyper-V, storvsc should not expose or trust the transaction
> > > IDs returned by Hyper-V to be valid guest memory addresses. Instead,
> > > use small integers generated by vmbus_requestor as requests
> > > (transaction) IDs.
> > > 
> > > Signed-off-by: Andres Beltran <lkmlabelt@xxxxxxxxx>
> > > Co-developed-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> > > Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@xxxxxxxxx>
> > > Reviewed-by: Michael Kelley <mikelley@xxxxxxxxxxxxx>
> > > Cc: "James E.J. Bottomley" <jejb@xxxxxxxxxxxxx>
> > > Cc: "Martin K. Petersen" <martin.petersen@xxxxxxxxxx>
> > > Cc: linux-scsi@xxxxxxxxxxxxxxx
> > 
> > Reviewed-by: Wei Liu <wl@xxxxxxx>
> 
> Martin already gave his ack back in July. I guess nothing substantial
> changed so it should have been carried over?

The only change here happened in v7 and consisted in moving the
allocation of the request IDs from the VSC code down into the core
vmbus_sendpacket()&co functions.  As mentioned in v7 cover letter,
this change was applied to ensure that the allocation in question
is performed after the packet is copied into the ring buffer.  On
a positive note, this change greatly reduced the diff of this and
the following (NetVSC) patches.

  Andrea