linux-stable.git/tools/hv, branch linux-3.4.y Linux kernel stable tree tools: hv: Netlink source address validation allows DoS 2013-03-28T19:12:28+00:00 Tomas Hozza thozza@redhat.com 2012-11-08T09:53:29+00:00 5fb9149b0ee4c106fc73923a3751047bdb860993 commit 95a69adab9acfc3981c504737a2b6578e4d846ef upstream. The source code without this patch caused hypervkvpd to exit when it processed a spoofed Netlink packet which has been sent from an untrusted local user. Now Netlink messages with a non-zero nl_pid source address are ignored and a warning is printed into the syslog. Signed-off-by: Tomas Hozza <thozza@redhat.com> Acked-by: K. Y. Srinivasan <kys@microsoft.com> Cc: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 95a69adab9acfc3981c504737a2b6578e4d846ef upstream.

The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
Acked-by:  K. Y. Srinivasan <kys@microsoft.com>
Cc: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tools/hv: Check for read/write errors 2012-10-07T15:32:25+00:00 Ben Hutchings ben@decadent.org.uk 2012-09-05T21:37:37+00:00 1eafb0280d1275629da54c350c7d9842f7785577 commit 436473bc2173499ae274d0f50111d1e355006caf upstream. hv_kvp_daemon currently does not check whether fread() or fwrite() succeed. Add the necessary checks. Also, remove the incorrect use of feof() before fread(). Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 436473bc2173499ae274d0f50111d1e355006caf upstream.

hv_kvp_daemon currently does not check whether fread() or fwrite()
succeed.  Add the necessary checks.  Also, remove the incorrect use of
feof() before fread().

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tools/hv: Fix exit() error code 2012-10-07T15:32:25+00:00 Ben Hutchings ben@decadent.org.uk 2012-09-05T21:37:36+00:00 de5d66e635460e27d678df99f9cb97e263d3bbe7 commit 6bb22fea25624ab593eee376fa5fb82d1b13f45a upstream. Linux native exit codes are 8-bit unsigned values. exit(-1) results in an exit code of 255, which is usually reserved for shells reporting 'command not found'. Use the portable value EXIT_FAILURE. (Not that this matters much for a daemon.) Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 6bb22fea25624ab593eee376fa5fb82d1b13f45a upstream.

Linux native exit codes are 8-bit unsigned values.  exit(-1) results
in an exit code of 255, which is usually reserved for shells reporting
'command not found'.  Use the portable value EXIT_FAILURE.  (Not that
this matters much for a daemon.)

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tools/hv: Fix file handle leak 2012-10-07T15:32:25+00:00 Ben Hutchings ben@decadent.org.uk 2012-09-05T21:37:35+00:00 37b6d804b3b5e2a255d2182ce00e1f25c568d7e9 commit d5ab482799e7c4c4b7c0aa67e8710dce28115d03 upstream. Match up each fopen() with an fclose(). Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit d5ab482799e7c4c4b7c0aa67e8710dce28115d03 upstream.

Match up each fopen() with an fclose().

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tools: hv: verify origin of netlink connector message 2012-07-16T16:03:19+00:00 Olaf Hering olaf@aepfle.de 2012-05-31T14:40:06+00:00 c84299b8ddb3de60ac857aee396d709346eed27f commit bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c upstream. The SuSE security team suggested to use recvfrom instead of recv to be certain that the connector message is originated from kernel. CVE-2012-2669 Signed-off-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: Marcus Meissner <meissner@suse.de> Signed-off-by: Sebastian Krahmer <krahmer@suse.de> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c upstream.

The SuSE security team suggested to use recvfrom instead of recv to be
certain that the connector message is originated from kernel.

CVE-2012-2669

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Marcus Meissner <meissner@suse.de>
Signed-off-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tools: hv: Support enumeration from all the pools 2012-03-16T20:36:04+00:00 K. Y. Srinivasan kys@microsoft.com 2012-03-16T15:02:27+00:00 adc80ae60eae24a43a357bf5b30fb496f34aa605 We have only supported enumeration only from the AUTO pool. Now support enumeration from all the available pools. Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com> Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
We have only supported enumeration only from the AUTO pool. Now support
enumeration from all the available pools.

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tools: hv: Fully support the new KVP verbs in the user level daemon 2012-03-16T20:36:04+00:00 K. Y. Srinivasan kys@microsoft.com 2012-03-16T15:02:26+00:00 db425334e5bb7fa65bbbd7bea9d79842f65bcf45 Now fully support the new KVP messages in the user level daemon. Hyper-V defines multiple persistent pools to which the host can write/read/modify KVP tuples. In this patch we implement a file for each specified pool, where the KVP tuples will be stored in the guest. Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com> Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Now fully support the new KVP messages in the user level daemon. Hyper-V defines
multiple persistent pools to which the host can write/read/modify KVP tuples.
In this patch we implement a file for each specified pool, where the KVP tuples
will be stored in the guest.

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Drivers: hv: Support the newly introduced KVP messages in the driver 2012-03-16T20:36:04+00:00 K. Y. Srinivasan kys@microsoft.com 2012-03-16T15:02:25+00:00 fa3d5b85c681518b6e4ec515814dcb2d5b702b89 Support the newly defined KVP message types. It turns out that the host pushes a set of standard key value pairs as soon as the guest opens the KVP channel. Since we cannot handle these tuples until the user level daemon loads up, defer reading the KVP channel until the user level daemon is launched. Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com> Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Support the newly defined KVP message types. It turns out that the host
pushes a set of standard key value pairs as soon as the guest opens the KVP channel.
Since we cannot handle these tuples until the user level daemon loads up, defer
reading the KVP channel until the user level daemon is launched.

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Drivers: hv: Add new message types to enhance KVP 2012-03-13T21:35:25+00:00 K. Y. Srinivasan kys@microsoft.com 2012-03-10T23:32:08+00:00 e485ceac9ebd43901ef0ce13622385d509e072e7 Add additional KVP (Key Value Pair) protocol messages to enhance KVP functionality for Linux guests on Hyper-V. As part of this, patch define an explicit version negoitiation message. Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Add additional KVP (Key Value Pair) protocol  messages to
enhance KVP functionality for Linux guests on Hyper-V. As part of this,
patch define an explicit version negoitiation message.

Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
drivers: hv: kvp: Cleanup the kernel/user protocol 2012-02-09T16:32:44+00:00 K. Y. Srinivasan kys@microsoft.com 2012-02-03T00:56:50+00:00 2640335438ca4d7b139e114dae5f0d80e740e106 Now, cleanup the user/kernel KVP protocol by using the same structure definition that is used for host/guest KVP protocol. This simplifies the code. Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
Now, cleanup the user/kernel KVP protocol by using the same structure
definition that is used for host/guest KVP protocol. This simplifies the code.

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>