RE: [PATCH 0/2] HID: hyperv: bound initial device info descriptor

From: Michael Kelley

Date: Sat Jul 11 2026 - 14:07:07 EST


From: Michael Bommarito <michael.bommarito@xxxxxxxxx> Sent: Thursday, July 9, 2026 7:29 PM
>
> A malicious Hyper-V host or backend can crash a guest with a short
> SYNTH_HID_INITIAL_DEVICE_INFO message. mousevsc_on_receive_device_info()
> trusts the HID descriptor bLength and wDescriptorLength without checking
> that the received VMBus packet actually contains both byte ranges, so a
> truncated packet with an oversized report-descriptor length makes the
> guest read past the received packet while copying the descriptor. This
> matters most for a confidential guest, where the host is outside the trust
> boundary.

For some additional background on the assumed threat model that
underlies this kind of validation (and lack thereof), see [1]. This Hyper-V
mouse driver has .allowed_in_isolated set to "false", so it is never loaded
in a CoCo VM. In normal VMs, the threat model says that we trust the
Hyper-V host not to provide bad values.

But as I said in [1], I'm good with taking additional validations. But Wei
Liu as the maintainer for the Hyper-V drivers is the person who should
decide whether we want to take additional validations.

If we take these additional validations, there's a separate question of
whether to backport them to stable kernels. I'm inclined to *not*
backport to avoid introducing churn (and the risk of breaking something)
when it isn't fixing an observed or likely-to-happen problem. But Wei Liu
should probably weigh in on that as well.

[1] https://lore.kernel.org/linux-hyperv/SN6PR02MB4157D595B990A321BFA85B40D4002@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/

Michael

>
> Patch 1 passes the received initial-device-info size into the parser and
> rejects descriptor lengths that exceed the packet. Patch 2 adds
> same-translation-unit KUnit coverage: a well-formed message that must
> still parse and the truncated/oversized message that must now be rejected.
>
> Reproduced with the KUnit/KASAN test: stock reads past the packet on the
> short message after the benign control passes; patched rejects it and both
> cases pass.
>
> Cc: stable@xxxxxxxxxxxxxxx
>
> Michael Bommarito (2):
> HID: hyperv: validate initial device info bounds
> HID: hyperv: add KUnit coverage for device info bounds
>
> drivers/hid/Kconfig | 10 +++
> drivers/hid/hid-hyperv.c | 144 ++++++++++++++++++++++++++++++++++++---
> 2 files changed, 144 insertions(+), 10 deletions(-)
>
> --
> 2.53.0