All of lore.kernel.org
 help / color / mirror / Atom feed
From: sashiko-bot@kernel.org
To: "Sebastian Ene" <sebastianene@google.com>
Cc: kvmarm@lists.linux.dev, "Oliver Upton" <oupton@kernel.org>,
	"Marc Zyngier" <maz@kernel.org>
Subject: Re: [PATCH v5 7/7] KVM: arm64: Support FFA_NOTIFICATION_INFO_GET in host handler
Date: Tue, 23 Jun 2026 12:07:58 +0000	[thread overview]
Message-ID: <20260623120758.E1A811F000E9@smtp.kernel.org> (raw)
In-Reply-To: <20260623115354.632361-8-sebastianene@google.com>

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [Medium] Overly strict validation of the W1 parameter in `do_ffa_notif_info_get` incorrectly treats it as a Should-Be-Zero (SBZ) field, rejecting valid `FFA_NOTIFICATION_INFO_GET` requests.
--

commit 8b1c1179ab464455664a3ac244072d9355b5e039
Author: Sebastian Ene <sebastianene@google.com>

KVM: arm64: Support FFA_NOTIFICATION_INFO_GET in host handler

This commit allows the host to query the FF-A notification status by proxying
the info get message to Trustzone, whilst ensuring that the SBZ fields are
enforced.

> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
> index 053efd99bf110..5539fb0d246ee 100644
> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
[ ... ]
> @@ -1028,6 +1026,20 @@ static void do_ffa_notif_get(struct arm_smccc_1_2_regs *res,
>  	hyp_smccc_1_2_smc(args, res);
>  }
>  
> +static void do_ffa_notif_info_get(struct arm_smccc_1_2_regs *res,
> +				  struct kvm_cpu_context *ctxt)
> +{
> +	struct arm_smccc_1_2_regs *args;
> +
> +	if (ffa_check_unused_args_sbz(ctxt, 1)) {

[Severity: Medium]
Does this overly strict validation reject valid requests?

For FFA_NOTIFICATION_INFO_GET, W1 is used to specify the ID type (e.g., 1 for
Partition/vCPU IDs). By starting the unused arguments check at index 1, this
incorrectly treats the ID type parameter as a Should-Be-Zero field.

If the host attempts to query notification info for specific partitions or
vCPUs by setting W1 to a non-zero valid ID list type, this will return
FFA_RET_INVALID_PARAMETERS.

Should the SBZ check start from a later index instead?

> +		ffa_to_smccc_res(res, FFA_RET_INVALID_PARAMETERS);
> +		return;
> +	}
> +
> +	args = (void *)&ctxt->regs.regs[0];
> +	hyp_smccc_1_2_smc(args, res);
> +}

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260623115354.632361-1-sebastianene@google.com?part=7

      reply	other threads:[~2026-06-23 12:07 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-23 11:53 [PATCH v5 0/7] KVM: arm64: Forward FFA_NOTIFICATION* calls to TrustZone Sebastian Ene
2026-06-23 11:53 ` [PATCH v5 1/7] KVM: arm64: Enforce strict SBZ checks in the FF-A proxy Sebastian Ene
2026-06-23 12:06   ` sashiko-bot
2026-06-25 13:16   ` Will Deacon
2026-06-26  7:48     ` Sebastian Ene
2026-06-23 11:53 ` [PATCH v5 2/7] KVM: arm64: Forward FFA_NOTIFICATION_BITMAP calls to Trustzone Sebastian Ene
2026-06-23 11:53 ` [PATCH v5 3/7] KVM: arm64: Support FFA_NOTIFICATION_BIND in host handler Sebastian Ene
2026-06-23 12:07   ` sashiko-bot
2026-06-23 11:53 ` [PATCH v5 4/7] KVM: arm64: Support FFA_NOTIFICATION_UNBIND " Sebastian Ene
2026-06-23 12:05   ` sashiko-bot
2026-06-23 11:53 ` [PATCH v5 5/7] KVM: arm64: Support FFA_NOTIFICATION_SET " Sebastian Ene
2026-06-23 12:01   ` sashiko-bot
2026-06-23 11:53 ` [PATCH v5 6/7] KVM: arm64: Support FFA_NOTIFICATION_GET " Sebastian Ene
2026-06-23 11:53 ` [PATCH v5 7/7] KVM: arm64: Support FFA_NOTIFICATION_INFO_GET " Sebastian Ene
2026-06-23 12:07   ` sashiko-bot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260623120758.E1A811F000E9@smtp.kernel.org \
    --to=sashiko-bot@kernel.org \
    --cc=kvmarm@lists.linux.dev \
    --cc=maz@kernel.org \
    --cc=oupton@kernel.org \
    --cc=sashiko-reviews@lists.linux.dev \
    --cc=sebastianene@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.