RE: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the hypercall page

From: KY Srinivasan
Date: Thu Feb 09 2017 - 10:49:16 EST




> -----Original Message-----
> From: Greg KH [mailto:gregkh@xxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, February 8, 2017 10:55 PM
> To: KY Srinivasan <kys@xxxxxxxxxxxxx>
> Cc: linux-kernel@xxxxxxxxxxxxxxx; devel@xxxxxxxxxxxxxxxxxxxxxx;
> olaf@xxxxxxxxx; apw@xxxxxxxxxxxxx; vkuznets@xxxxxxxxxx;
> jasowang@xxxxxxxxxx; leann.ogasawara@xxxxxxxxxxxxx;
> keescook@xxxxxxxxxx; stephen@xxxxxxxxxxxxxxxxxx; sds@xxxxxxxxxxxxx;
> stable@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the
> hypercall page
>
> On Wed, Feb 08, 2017 at 06:30:56PM -0700, kys@xxxxxxxxxxxxxxxxxxxxxx
> wrote:
> > From: K. Y. Srinivasan <kys@xxxxxxxxxxxxx>
> >
> > The hypercall page only needs to be executable but currently it is setup to
> > be writable as well. Fix the issue.
> >
> > Signed-off-by: K. Y. Srinivasan <kys@xxxxxxxxxxxxx>
> > Cc: <stable@xxxxxxxxxxxxxxx>
>
> What type of bug is this fixing that it is needed to be backported?
> Does this affect any current users? How far back should it go?

This issue has been there from day 1 and the mapping was setup after the
scan was done (for questionable mappings) and so we did not see it. Now, we
are setting up the hypercall page much earlier in the boot sequence and so
this issue was noticed. Once this is committed, I will send the patch for stable.
The main issue is that the page can be written and is executable and could be
a vulnerability.

Thanks,

K. Y
>
> thanks,
>
> greg k-h