Re: [PATCH v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values
Hello: This patch was applied to netdev/net-next.git (refs/heads/master): On Thu, 14 Jan 2021 21:26:28 +0100 you wrote: > For additional robustness in the face of Hyper-V errors or malicious > behavior, validate all values that originate from packets that Hyper-V > has sent to the guest. Ensure that invalid values cannot cause indexing > off the end of an array, or subvert an existing validation via integer > overflow. Ensure that outgoing packets do not have any leftover guest > memory that has not been zeroed out. > > [...] Here is the summary with links: - [v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values https://git.kernel.org/netdev/net-next/c/505e3f00c3f3 You are awesome, thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/patchwork/pwbot.html
Re: [PATCH v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values
On Sun, Jan 17, 2021 at 03:10:32PM +, Wei Liu wrote: > On Sat, Jan 16, 2021 at 02:02:01PM +0100, Andrea Parri wrote: > > On Fri, Jan 15, 2021 at 08:30:22PM -0800, Jakub Kicinski wrote: > > > On Thu, 14 Jan 2021 21:26:28 +0100 Andrea Parri (Microsoft) wrote: > > > > For additional robustness in the face of Hyper-V errors or malicious > > > > behavior, validate all values that originate from packets that Hyper-V > > > > has sent to the guest. Ensure that invalid values cannot cause indexing > > > > off the end of an array, or subvert an existing validation via integer > > > > overflow. Ensure that outgoing packets do not have any leftover guest > > > > memory that has not been zeroed out. > > > > > > > > Reported-by: Juan Vazquez > > > > Signed-off-by: Andrea Parri (Microsoft) > > > > Cc: "David S. Miller" > > > > Cc: Jakub Kicinski > > > > Cc: Alexei Starovoitov > > > > Cc: Daniel Borkmann > > > > Cc: Andrii Nakryiko > > > > Cc: Martin KaFai Lau > > > > Cc: Song Liu > > > > Cc: Yonghong Song > > > > Cc: John Fastabend > > > > Cc: KP Singh > > > > Cc: net...@vger.kernel.org > > > > Cc: b...@vger.kernel.org > > > > --- > > > > Applies to 5.11-rc3 (and hyperv-next). > > > > > > So this is for hyperv-next or should we take it via netdev trees? > > > > No preference, either way is good for me. > > To be clear: There is no dependency on any patch in hyperv-next, right? > > That's my understanding, but I would like to confirm it. Well, I wrote that this *applies* to hyperv-next... but that's indeed the only 'dependency' I can think of. Hope this helps. Thanks, Andrea
Re: [PATCH v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values
On Sat, Jan 16, 2021 at 02:02:01PM +0100, Andrea Parri wrote: > On Fri, Jan 15, 2021 at 08:30:22PM -0800, Jakub Kicinski wrote: > > On Thu, 14 Jan 2021 21:26:28 +0100 Andrea Parri (Microsoft) wrote: > > > For additional robustness in the face of Hyper-V errors or malicious > > > behavior, validate all values that originate from packets that Hyper-V > > > has sent to the guest. Ensure that invalid values cannot cause indexing > > > off the end of an array, or subvert an existing validation via integer > > > overflow. Ensure that outgoing packets do not have any leftover guest > > > memory that has not been zeroed out. > > > > > > Reported-by: Juan Vazquez > > > Signed-off-by: Andrea Parri (Microsoft) > > > Cc: "David S. Miller" > > > Cc: Jakub Kicinski > > > Cc: Alexei Starovoitov > > > Cc: Daniel Borkmann > > > Cc: Andrii Nakryiko > > > Cc: Martin KaFai Lau > > > Cc: Song Liu > > > Cc: Yonghong Song > > > Cc: John Fastabend > > > Cc: KP Singh > > > Cc: net...@vger.kernel.org > > > Cc: b...@vger.kernel.org > > > --- > > > Applies to 5.11-rc3 (and hyperv-next). > > > > So this is for hyperv-next or should we take it via netdev trees? > > No preference, either way is good for me. To be clear: There is no dependency on any patch in hyperv-next, right? That's my understanding, but I would like to confirm it. Wei. > > Thanks, > Andrea
Re: [PATCH v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values
On Fri, Jan 15, 2021 at 08:30:22PM -0800, Jakub Kicinski wrote: > On Thu, 14 Jan 2021 21:26:28 +0100 Andrea Parri (Microsoft) wrote: > > For additional robustness in the face of Hyper-V errors or malicious > > behavior, validate all values that originate from packets that Hyper-V > > has sent to the guest. Ensure that invalid values cannot cause indexing > > off the end of an array, or subvert an existing validation via integer > > overflow. Ensure that outgoing packets do not have any leftover guest > > memory that has not been zeroed out. > > > > Reported-by: Juan Vazquez > > Signed-off-by: Andrea Parri (Microsoft) > > Cc: "David S. Miller" > > Cc: Jakub Kicinski > > Cc: Alexei Starovoitov > > Cc: Daniel Borkmann > > Cc: Andrii Nakryiko > > Cc: Martin KaFai Lau > > Cc: Song Liu > > Cc: Yonghong Song > > Cc: John Fastabend > > Cc: KP Singh > > Cc: net...@vger.kernel.org > > Cc: b...@vger.kernel.org > > --- > > Applies to 5.11-rc3 (and hyperv-next). > > So this is for hyperv-next or should we take it via netdev trees? No preference, either way is good for me. Thanks, Andrea
Re: [PATCH v2] hv_netvsc: Add (more) validation for untrusted Hyper-V values
On Thu, 14 Jan 2021 21:26:28 +0100 Andrea Parri (Microsoft) wrote: > For additional robustness in the face of Hyper-V errors or malicious > behavior, validate all values that originate from packets that Hyper-V > has sent to the guest. Ensure that invalid values cannot cause indexing > off the end of an array, or subvert an existing validation via integer > overflow. Ensure that outgoing packets do not have any leftover guest > memory that has not been zeroed out. > > Reported-by: Juan Vazquez > Signed-off-by: Andrea Parri (Microsoft) > Cc: "David S. Miller" > Cc: Jakub Kicinski > Cc: Alexei Starovoitov > Cc: Daniel Borkmann > Cc: Andrii Nakryiko > Cc: Martin KaFai Lau > Cc: Song Liu > Cc: Yonghong Song > Cc: John Fastabend > Cc: KP Singh > Cc: net...@vger.kernel.org > Cc: b...@vger.kernel.org > --- > Applies to 5.11-rc3 (and hyperv-next). So this is for hyperv-next or should we take it via netdev trees? > Changes since v1 (Juan Vazquez): > - Improve validation in rndis_set_link_state() and rndis_get_ppi() > - Remove memory/skb leak in netvsc_alloc_recv_skb()