Commit 7ef4b2f0 authored by Andrea Parri (Microsoft)'s avatar Andrea Parri (Microsoft) Committed by Wei Liu
Browse files

Drivers: hv: vmbus: Enforce 'VMBus version >= 5.2' on isolated guests 



Restrict the protocol version(s) that will be negotiated with the host
to be 5.2 or greater if the guest is running isolated.  This reduces the
footprint of the code that will be exercised by Confidential VMs and
hence the exposure to bugs and vulnerabilities.

Signed-off-by: default avatarAndrea Parri (Microsoft) <parri.andrea@gmail.com>
Reviewed-by: default avatarMichael Kelley <mikelley@microsoft.com>
Link: https://lore.kernel.org/r/20210201144814.2701-4-parri.andrea@gmail.com


Signed-off-by: default avatarWei Liu <wei.liu@kernel.org>
parent 21a4e356

drivers/hv/connection.c

+7 −0
Original line number Diff line number Diff line
@@ -244,6 +244,13 @@ int vmbus_connect(void) 
			break;

	}



	if (hv_is_isolation_supported() && version < VERSION_WIN10_V5_2) {

		pr_err("Invalid VMBus version %d.%d (expected >= %d.%d) from the host supporting isolation\n",

		       version >> 16, version & 0xFFFF, VERSION_WIN10_V5_2 >> 16, VERSION_WIN10_V5_2 & 0xFFFF);

		ret = -EINVAL;

		goto cleanup;

	}



	vmbus_proto_version = version;

	pr_info("Vmbus version:%d.%d\n",

		version >> 16, version & 0xFFFF);