From: Greg Kroah-Hartman gregkh@linuxfoundation.org Sent: Tuesday, December 16, 2025 3:11 AM
6.17-stable review patch. If anyone has any objections, please let me know.
I don't think this patch should be backported to any stable versions.
I see that it is flagged as a dependency for backporting 510164539f16 ("Drivers: hv: Free msginfo when the buffer fails to decrypt"). 510164539f16 is indeed a bug fix, but it's a minor "should never happen" memory leak, and I would be concerned about the risk introduced by this patch being pulled out of the large-ish patch series that implements a new feature.
Wei Liu -- again, override me if you think otherwise.
Michael
From: Roman Kisel romank@linux.microsoft.com
[ Upstream commit 0a4534bdf29a5b7f5a355c267d28dad9c40ba252 ]
Confidential VMBus is built around using buffers not shared with the host.
Support allocating encrypted buffers when requested.
Signed-off-by: Roman Kisel romank@linux.microsoft.com Reviewed-by: Tianyu Lan tiala@microsoft.com Reviewed-by: Michael Kelley mhklinux@outlook.com Signed-off-by: Wei Liu wei.liu@kernel.org Stable-dep-of: 510164539f16 ("Drivers: hv: Free msginfo when the buffer fails to decrypt") Signed-off-by: Sasha Levin sashal@kernel.org
drivers/hv/channel.c | 49 +++++++++++++++++++++++---------------- drivers/hv/hyperv_vmbus.h | 3 ++- drivers/hv/ring_buffer.c | 5 ++-- 3 files changed, 34 insertions(+), 23 deletions(-)
diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c index 7c7c66e0dc3f2..1621b95263a5b 100644 --- a/drivers/hv/channel.c +++ b/drivers/hv/channel.c @@ -444,20 +444,23 @@ static int __vmbus_establish_gpadl(struct vmbus_channel *channel, return ret; }
- /*
* Set the "decrypted" flag to true for the set_memory_decrypted()* success case. In the failure case, the encryption state of the* memory is unknown. Leave "decrypted" as true to ensure the* memory will be leaked instead of going back on the free list.*/- gpadl->decrypted = true;
- ret = set_memory_decrypted((unsigned long)kbuffer,
PFN_UP(size));- if (ret) {
dev_warn(&channel->device_obj->device,"Failed to set host visibility for new GPADL %d.\n",ret);return ret;
- gpadl->decrypted = !((channel->co_external_memory && type ==
HV_GPADL_BUFFER) ||
(channel->co_ring_buffer && type == HV_GPADL_RING));- if (gpadl->decrypted) {
/** The "decrypted" flag being true assumes thatset_memory_decrypted() succeeds.
* But if it fails, the encryption state of the memory is unknown. In thatcase,
* leave "decrypted" as true to ensure the memory is leaked instead ofgoing back
* on the free list.*/ret = set_memory_decrypted((unsigned long)kbuffer,PFN_UP(size));if (ret) {dev_warn(&channel->device_obj->device,"Failed to set host visibility for new GPADL %d.\n",ret);return ret;}}
init_completion(&msginfo->waitevent);
@@ -545,8 +548,10 @@ static int __vmbus_establish_gpadl(struct vmbus_channel *channel, * left as true so the memory is leaked instead of being * put back on the free list. */
if (!set_memory_encrypted((unsigned long)kbuffer, PFN_UP(size)))gpadl->decrypted = false;
if (gpadl->decrypted) {if (!set_memory_encrypted((unsigned long)kbuffer,PFN_UP(size)))
gpadl->decrypted = false;}}
return ret;
@@ -677,12 +682,13 @@ static int __vmbus_open(struct vmbus_channel *newchannel, goto error_clean_ring;
err = hv_ringbuffer_init(&newchannel->outbound,
page, send_pages, 0);
page, send_pages, 0, newchannel->co_ring_buffer);if (err) goto error_free_gpadl;
err = hv_ringbuffer_init(&newchannel->inbound, &page[send_pages],
recv_pages, newchannel->max_pkt_size);
recv_pages, newchannel->max_pkt_size,newchannel->co_ring_buffer);@@ -863,8 +869,11 @@ int vmbus_teardown_gpadl(struct vmbus_channel *channel, struct vmbus_gpadl *gpad
kfree(info);
- ret = set_memory_encrypted((unsigned long)gpadl->buffer,
PFN_UP(gpadl->size));
- if (gpadl->decrypted)
ret = set_memory_encrypted((unsigned long)gpadl->buffer,PFN_UP(gpadl->size));- else
ret = 0;diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h index 4a01797d48513..0d969f77388ef 100644 --- a/drivers/hv/hyperv_vmbus.h +++ b/drivers/hv/hyperv_vmbus.h @@ -182,7 +182,8 @@ extern int hv_synic_cleanup(unsigned int cpu); void hv_ringbuffer_pre_init(struct vmbus_channel *channel);
int hv_ringbuffer_init(struct hv_ring_buffer_info *ring_info,
struct page *pages, u32 pagecnt, u32 max_pkt_size);
struct page *pages, u32 pagecnt, u32 max_pkt_size,bool confidential);void hv_ringbuffer_cleanup(struct hv_ring_buffer_info *ring_info);
diff --git a/drivers/hv/ring_buffer.c b/drivers/hv/ring_buffer.c index 23ce1fb70de14..3c421a7f78c00 100644 --- a/drivers/hv/ring_buffer.c +++ b/drivers/hv/ring_buffer.c @@ -184,7 +184,8 @@ void hv_ringbuffer_pre_init(struct vmbus_channel *channel)
/* Initialize the ring buffer. */ int hv_ringbuffer_init(struct hv_ring_buffer_info *ring_info,
struct page *pages, u32 page_cnt, u32 max_pkt_size)
struct page *pages, u32 page_cnt, u32 max_pkt_size,bool confidential){ struct page **pages_wraparound; int i; @@ -208,7 +209,7 @@ int hv_ringbuffer_init(struct hv_ring_buffer_info *ring_info,
ring_info->ring_buffer = (struct hv_ring_buffer *) vmap(pages_wraparound, page_cnt * 2 - 1, VM_MAP,
pgprot_decrypted(PAGE_KERNEL));
confidential ? PAGE_KERNEL :pgprot_decrypted(PAGE_KERNEL));
kfree(pages_wraparound); if (!ring_info->ring_buffer) -- 2.51.0