[PATCH kvmtool] virtio/pci: explicit zero unknown devices features

[PATCH kvmtool] virtio/pci: explicit zero unknown devices features

[Paolo Abeni]

The linux kernel implementation for the virtio_net driver recently
gained support for virtio features above the 64th bit.

It relies on the hypervisor to clear the features data for unknown /
unsupported features range.

The current pci-modern implementation, in such scenario, leaves the
data memory untouched, which causes the guest kernel assuming "random"
features are supported (and possibly leaks host memory contents).

Explicitly clear the features data for unsupported range.

Reported-by: Cristian Marussi <cristian.marussi@arm.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
 virtio/pci-modern.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/virtio/pci-modern.c b/virtio/pci-modern.c
index c5b4bc5..ef2f3e2 100644
--- a/virtio/pci-modern.c
+++ b/virtio/pci-modern.c
@@ -156,8 +156,10 @@ static bool virtio_pci__common_read(struct virtio_device *vdev,
 		ioport__write32(data, val);
 		break;
 	case VIRTIO_PCI_COMMON_DF:
-		if (vpci->device_features_sel > 1)
+		if (vpci->device_features_sel > 1) {
+			ioport__write32(data, 0);
 			break;
+		}
 		features |= vdev->ops->get_host_features(vpci->kvm, vpci->dev);
 		val = features >> (32 * vpci->device_features_sel);
 		ioport__write32(data, val);
-- 
2.50.1

Re: [PATCH kvmtool] virtio/pci: explicit zero unknown devices features

[Cristian Marussi]

On Thu, Aug 14, 2025 at 05:37:02PM +0200, Paolo Abeni wrote:
> The linux kernel implementation for the virtio_net driver recently
> gained support for virtio features above the 64th bit.
> 

Hi,

> It relies on the hypervisor to clear the features data for unknown /
> unsupported features range.
> 
> The current pci-modern implementation, in such scenario, leaves the
> data memory untouched, which causes the guest kernel assuming "random"
> features are supported (and possibly leaks host memory contents).
> 
> Explicitly clear the features data for unsupported range.
> 

This patch definitely solves for me the virtio networking issue reported at:

https://lore.kernel.org/virtualization/c25f924f-a66b-47cc-819d-5ed241a4bac6@redhat.com/T/#t

Tested on an arm64 Host (v6.14.8) with a v6.17-rc1 Guest.

Thanks !

Tested-by: Cristian Marussi <cristian.marussi@arm.com>

Thanks,
Cristian

Re: [PATCH kvmtool] virtio/pci: explicit zero unknown devices features

[Will Deacon]

On Thu, 14 Aug 2025 17:37:02 +0200, Paolo Abeni wrote:
> The linux kernel implementation for the virtio_net driver recently
> gained support for virtio features above the 64th bit.
> 
> It relies on the hypervisor to clear the features data for unknown /
> unsupported features range.
> 
> The current pci-modern implementation, in such scenario, leaves the
> data memory untouched, which causes the guest kernel assuming "random"
> features are supported (and possibly leaks host memory contents).
> 
> [...]

Applied to kvmtool (master), thanks!

[1/1] virtio/pci: explicit zero unknown devices features
      https://git.kernel.org/will/kvmtool/c/c4e9b3a8de7f

Cheers,
-- 
Will

https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev