[PATCH 1/1] Ddrivers: hv: Turn off write permission on the hypercall page
KY Srinivasan
kys at microsoft.com
Thu Feb 9 15:48:29 UTC 2017
> -----Original Message-----
> From: Greg KH [mailto:gregkh at linuxfoundation.org]
> Sent: Wednesday, February 8, 2017 10:55 PM
> To: KY Srinivasan <kys at microsoft.com>
> Cc: linux-kernel at vger.kernel.org; devel at linuxdriverproject.org;
> olaf at aepfle.de; apw at canonical.com; vkuznets at redhat.com;
> jasowang at redhat.com; leann.ogasawara at canonical.com;
> keescook at google.com; stephen at networkplumber.org; sds at tycho.nsa.gov;
> stable at vger.kernel.org
> Subject: Re: [PATCH 1/1] Ddrivers: hv: Turn off write permission on the
> hypercall page
>
> On Wed, Feb 08, 2017 at 06:30:56PM -0700, kys at exchange.microsoft.com
> wrote:
> > From: K. Y. Srinivasan <kys at microsoft.com>
> >
> > The hypercall page only needs to be executable but currently it is setup to
> > be writable as well. Fix the issue.
> >
> > Signed-off-by: K. Y. Srinivasan <kys at microsoft.com>
> > Cc: <stable at vger.kernel.org>
>
> What type of bug is this fixing that it is needed to be backported?
> Does this affect any current users? How far back should it go?
This issue has been there from day 1 and the mapping was setup after the
scan was done (for questionable mappings) and so we did not see it. Now, we
are setting up the hypercall page much earlier in the boot sequence and so
this issue was noticed. Once this is committed, I will send the patch for stable.
The main issue is that the page can be written and is executable and could be
a vulnerability.
Thanks,
K. Y
>
> thanks,
>
> greg k-h
More information about the devel
mailing list