From: Greg KH <gregkh@linuxfoundation.org>
To: libo.chen.cn@windriver.com
Cc: stable@vger.kernel.org
Subject: Re: [PATCH] Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails
Date: Wed, 9 Oct 2024 15:34:03 +0200 [thread overview]
Message-ID: <2024100950-pointing-booted-5e77@gregkh> (raw)
In-Reply-To: <20241009061950.2802693-1-libo.chen.cn@windriver.com>
On Wed, Oct 09, 2024 at 02:19:50PM +0800, libo.chen.cn@windriver.com wrote:
> From: Rick Edgecombe <rick.p.edgecombe@intel.com>
>
> commit 03f5a999adba ("Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails")
>
> In CoCo VMs it is possible for the untrusted host to cause
> set_memory_encrypted() or set_memory_decrypted() to fail such that an
> error is returned and the resulting memory is shared. Callers need to
> take care to handle these errors to avoid returning decrypted (shared)
> memory to the page allocator, which could lead to functional or security
> issues.
>
> VMBus code could free decrypted pages if set_memory_encrypted()/decrypted()
> fails. Leak the pages if this happens.
>
> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> Signed-off-by: Michael Kelley <mhklinux@outlook.com>
> Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> Link: https://lore.kernel.org/r/20240311161558.1310-2-mhklinux@outlook.com
> Signed-off-by: Wei Liu <wei.liu@kernel.org>
> Message-ID: <20240311161558.1310-2-mhklinux@outlook.com>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
>
> CVE-2024-36913
> Signed-off-by: Libo Chen <libo.chen.cn@windriver.com>
> ---
> This commit is backporting 03f5a999adba to the branch linux-5.15.y to
> solve the CVE-2024-36913. Please merge this commit to linux-5.15.y.
As I didn't take the 6.1 patch, I can't take this one yet either :(
next prev parent reply other threads:[~2024-10-09 13:34 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-09 6:19 [PATCH] Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails libo.chen.cn
2024-10-09 13:34 ` Greg KH [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-09-04 2:45 libo.chen.cn
2024-09-04 2:07 libo.chen.cn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024100950-pointing-booted-5e77@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=libo.chen.cn@windriver.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.