From: Vincent Donnefort <vdonnefort@google.com>
To: Will Deacon <will@kernel.org>
Cc: Sebastian Ene <sebastianene@google.com>,
catalin.marinas@arm.com, maz@kernel.org, oupton@kernel.org,
joey.gouly@arm.com, korneld@google.com, kvmarm@lists.linux.dev,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, android-kvm@google.com,
mrigendra.chaubey@gmail.com, perlarsen@google.com,
suzuki.poulose@arm.com, yuzenghui@huawei.com
Subject: Re: [PATCH v2 0/7] KVM: arm64: Forward FFA_NOTIFICATION* calls to TrustZone
Date: Wed, 10 Jun 2026 13:15:44 +0100 [thread overview]
Message-ID: <ailVcN-bxY30-XBF@google.com> (raw)
In-Reply-To: <aik5MtvOlnQDmzjr@willie-the-truck>
On Wed, Jun 10, 2026 at 11:15:14AM +0100, Will Deacon wrote:
> On Wed, Jun 10, 2026 at 10:26:59AM +0100, Vincent Donnefort wrote:
> > On Mon, Jun 08, 2026 at 04:55:42PM +0000, Sebastian Ene wrote:
> > > Remove the FFA_NOTIFICATION* calls from the blocklist used by the pKVM
> > > FF-A proxy. This restriction was preventing the use of asynchronous
> > > signaling mechanisms defined by the Arm FF-A specification to
> > > communicate with the secure services.
> > > While these calls are markes as optional, there is no reason why the
> > > hypervisor proxy would block them because:
> > >
> > > 1. Host is the Sole Non-Secure Endpoint: The Host operates as the
> > > only Non-Secure VM ID (VM ID 0) recognized by the Secure World.
> > > Because all forwarded notifications are inherently attributed to
> > > the Host by the SPMC, there is no risk of VM ID spoofing
> > > originating from the Normal World.
> > >
> > > 2. No Memory Pointers or Addresses: The FFA_NOTIFICATION_* ABIs
> > > operate strictly via register-based parameters, passing only
> > > VM IDs, VCPU IDs, flags, and bitmaps. Because these calls do
> > > not contain memory addresses, offsets, or pointers, forwarding
> > > them doesn't pose a risk of memory-based confused deputy attack
> > > (e.g., tricking the SPMC into overwriting protected memory).
> > >
> > > While the pKVM proxy behaves as a relayer, it doesn't currently have its
> > > own FF-A ID(only the host has the ID 0). The behavior of the setup
> > > flow is covered by the spec in the: '10.9 Notification support without
> > > a Hypervisor'.
> >
> > As it is only a relayer. Is it really important to check SBZ arguments and
> > fields on behalf of Trustzone? It doesn't feel it brings any security. If the
> > host passes broken arguments, I don't believe this puts pKVM at risk. Does it?
>
> I think the problem would be if an update to FF-A allocated some of the
> currently SBZ bits to implement some functionality that we would want
> to filter at EL2.
I suppose that would bump the FF-A version and the proxy would reject it?
If we really want to check for those arguments to be 0:
* Shouldn't we extend this check to other FF-A invocations?
* Do we really want to also look into the !SBZ arguments to verify what we can?
(I'm thinking about the checks on flags)
>
> Will
next prev parent reply other threads:[~2026-06-10 12:15 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-08 16:55 [PATCH v2 0/7] KVM: arm64: Forward FFA_NOTIFICATION* calls to TrustZone Sebastian Ene
2026-06-08 16:55 ` [PATCH v2 1/7] KVM: arm64: Support FFA_NOTIFICATION_BITMAP_CREATE in host handler Sebastian Ene
2026-06-10 8:51 ` Vincent Donnefort
2026-06-10 11:59 ` Vincent Donnefort
2026-06-08 16:55 ` [PATCH v2 2/7] KVM: arm64: Support FFA_NOTIFICATION_BITMAP_DESTROY " Sebastian Ene
2026-06-10 8:53 ` Vincent Donnefort
2026-06-08 16:55 ` [PATCH v2 3/7] KVM: arm64: Support FFA_NOTIFICATION_BIND " Sebastian Ene
2026-06-10 9:03 ` Vincent Donnefort
2026-06-08 16:55 ` [PATCH v2 4/7] KVM: arm64: Support FFA_NOTIFICATION_UNBIND " Sebastian Ene
2026-06-08 16:55 ` [PATCH v2 5/7] KVM: arm64: Support FFA_NOTIFICATION_SET " Sebastian Ene
2026-06-08 16:55 ` [PATCH v2 6/7] KVM: arm64: Support FFA_NOTIFICATION_GET " Sebastian Ene
2026-06-08 16:55 ` [PATCH v2 7/7] KVM: arm64: Support FFA_NOTIFICATION_INFO_GET " Sebastian Ene
2026-06-10 9:26 ` [PATCH v2 0/7] KVM: arm64: Forward FFA_NOTIFICATION* calls to TrustZone Vincent Donnefort
2026-06-10 10:15 ` Will Deacon
2026-06-10 12:15 ` Vincent Donnefort [this message]
2026-06-10 12:23 ` Will Deacon
2026-06-10 13:56 ` Vincent Donnefort
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ailVcN-bxY30-XBF@google.com \
--to=vdonnefort@google.com \
--cc=android-kvm@google.com \
--cc=catalin.marinas@arm.com \
--cc=joey.gouly@arm.com \
--cc=korneld@google.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=mrigendra.chaubey@gmail.com \
--cc=oupton@kernel.org \
--cc=perlarsen@google.com \
--cc=sebastianene@google.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.