Hi Michael, That makes sense. Please drop this patch.
I sent a v2 for the output-page issue with the mshv_vtl prefix and your suggested changes. Thanks, Yousef On Thu, 25 Jun 2026 16:41:51 +0000, Michael Kelley <[email protected]> wrote: > From: Yousef Alhouseen <[email protected]> Sent: Wednesday, June 24, > 2026 10:57 AM > > Subject: [PATCH] hyperv: mshv: zero VTL hypercall input page > > > > Same comment here about the patch "Subject:" prefix. > > > mshv_vtl_hvcall_call() copies only the user-provided input size. > > > > It then passes the page to hv_do_hypercall(). > > > > For short inputs, stale bytes can remain in the bounce page. > > > > Those bytes can be consumed by the hypervisor. > > It's unclear to me that there's really a problem here. In a > CoCo VM, the host hypervisor isn't trusted, so hypercall sites > must be careful to only expose intended data in the hypercall > input and output pages. But this code already doesn't support > CoCo VMs, as noted in the comment. So in the supported > scenario, the hypervisor has access to all of guest memory. Passing > stale bytes to the hypervisor vs. passing zeros really wouldn't matter. > And user space can already pass stale/garbage bytes to the hypervisor > if it wants to. This code doesn't try to validate the input data for > whatever hypercall user space is requesting to be made. > > When support for CoCo VMs is added, this code will indeed > need to make sure not to allow garbage kernel data in the > hypercall input or output pages. But decrypting the pages > so the hypervisor can access them should take care of that > issue. > > Michael > > > > > Allocate the input page zeroed, matching the output page. > > > > Signed-off-by: Yousef Alhouseen <[email protected]> > > --- > > drivers/hv/mshv_vtl_main.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/hv/mshv_vtl_main.c b/drivers/hv/mshv_vtl_main.c > > index 0365d207c..f2633148c 100644 > > --- a/drivers/hv/mshv_vtl_main.c > > +++ b/drivers/hv/mshv_vtl_main.c > > @@ -1146,7 +1146,7 @@ static int mshv_vtl_hvcall_call(struct > > mshv_vtl_hvcall_fd *fd, > > * > > * TODO: Take care of this when CVM support is added. > > */ > > - in = (void *)__get_free_page(GFP_KERNEL); > > + in = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); > > out = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); > > if (!in || !out) { > > ret = -ENOMEM; > > -- > > 2.54.0 > >
