From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com [209.85.208.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4030429824 for ; Wed, 27 May 2026 15:02:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.73 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779894175; cv=none; b=Hs+gSg1LydSNPgT0RS64qlYUkVq7A6WshcaViIotYq9k7RlYbvkdmbWhiq8ZuOtv93ym6rcG3E8zc+3s75LRZ4SeeDwIvOC5NAfl9ju92J1ffGa9NcdGGNqDaS8x7QAUHdh/ozzQmUJL31U/Ipp4k9UXnQT6m2A424BzLvoeE/A= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779894175; c=relaxed/simple; bh=SP4Kec8y+oWOlOQeZ//P8sSlKwGT5+/gmSM055b4H6I=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=qby6UznYkJy8v8kcfKObZAD0B8JTEMTt0mR+vch9ZKRl3YDMW/9VvnYf6I9pjf67LfnQHTC4hPvasllQhTiO/RRkO/jQ6LthT807HH+1IQPY0PC/GAyRhg2zbrxbJZKrjINfQnP90kZRWME4kZKmjFvGAO+MCiiPJ5X0yUGE+4w= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--smostafa.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Di3jG8/N; arc=none smtp.client-ip=209.85.208.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--smostafa.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Di3jG8/N" Received: by mail-ed1-f73.google.com with SMTP id 4fb4d7f45d1cf-67bca868649so9465005a12.3 for ; Wed, 27 May 2026 08:02:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1779894168; x=1780498968; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Kwo4Qh0di/1vFA0Eu7i+PSEhw4tHDX1V0gCvzn+6kjI=; b=Di3jG8/NXK+ggJM/kkicEDu7cGHfE2Lsbc5uMDPmfAMJBgkD9cL2/TW2Est/1e6uVG aagXHe9b+vI5jJmVtLXkSc4FNTQU7hMdbDLIXb8ACKvaYLTy/oCme+JbAmwjGJI63p/0 fbl87wlG0G+/D7e/9T8/mDviFRO90qhRjAFkZHxb/YiCj0ItxfMDmk8xypZrzNvQ3L3v F1GLfITwnernUqMzoIMu1DNPZ2OPOmcZO3sBolX1MWU/y8oc7qa7hQhwtRC9tv9IrnG3 ptaB8JO59kR0kQnTNM6qrC8pIaQmkHcNjZCyO95ibpwwGkMz0H8PK/qIevWb9uoLB4jn 5jtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779894168; x=1780498968; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Kwo4Qh0di/1vFA0Eu7i+PSEhw4tHDX1V0gCvzn+6kjI=; b=P/Vc+nz57sN+ZlxUXEBctdLb5QBabErjenJvjnaL4SsqIywtgNWGV1sqxfm2oVeNHs cGTmlzc9JBRZUp3Bl1tyvOyMZ4brK7zGcmsWzOQ7fR5ws1Po6cWV1WQy9F0c+mod3Mwr HN1f/1D9tI6JGUcia2TD1Ti/BGR5b09YPCsp1jBCFS9+lyw5kUASH9Uo7RUv8Lu1qjBy o8QeJCLaYeKdpVhTRGi5rSGWgPeVhVK9nYHjE5HlreqfvvjSxGADIiNQFjBmef0b8pTV 8MlpV/RPeZNGlfPuL65ZLN0OUu17Hr+XNqDNEkHQgVFlqY2z+1QhMED85Ijlp42yFhsW 2E3g== X-Forwarded-Encrypted: i=1; AFNElJ8Ted96dt/jTDkRNbutdW/7XeCSjYsapTVthEsG1KYFZ4FOu1S2XM5EiKtn27laiv60KWljneFGb1a02fg=@vger.kernel.org X-Gm-Message-State: AOJu0YwJNegEeNl6cbsO6knoTpBwb05EN6BSuDZbBAl8qRl93PL6G0V1 selZCy9j6jOKTjlBM8/B31egmCv/ZfPyou5MR8bHJHgByrkXF+cBf7xelpMGR9g9cPdAaDCAnMn odh7T5o29CgBafQ== X-Received: from edyd3.prod.google.com ([2002:a05:6402:783:b0:688:c574:279d]) (user=smostafa job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6402:a51b:20b0:689:6c2e:6cce with SMTP id 4fb4d7f45d1cf-6896c2e6e11mr5575010a12.2.1779894167979; Wed, 27 May 2026 08:02:47 -0700 (PDT) Date: Wed, 27 May 2026 15:02:36 +0000 In-Reply-To: <20260527150236.1978655-1-smostafa@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260527150236.1978655-1-smostafa@google.com> X-Mailer: git-send-email 2.54.0.746.g67dd491aae-goog Message-ID: <20260527150236.1978655-7-smostafa@google.com> Subject: [PATCH v6 6/6] KVM: arm64: Ensure FFA ranges are page aligned From: Mostafa Saleh To: op-tee@lists.trustedfirmware.org, linux-kernel@vger.kernel.org, kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org Cc: maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, jens.wiklander@linaro.org, sumit.garg@kernel.org, sebastianene@google.com, vdonnefort@google.com, sudeep.holla@kernel.org, Mostafa Saleh Content-Type: text/plain; charset="UTF-8" At the moment we only check that the size of the range is page aligned, and truncate the address to the page boundary. This make an assumption that TZ will do the same. However, it might decide to use the extra offset of the neighbour page at the end, which is valid under FFA if NS is using larger page size. Harden this check by also checking that the base address is aligned and reject it otherwise. Fixes: 436090001776 ("KVM: arm64: Handle FFA_MEM_SHARE calls from the host") Signed-off-by: Mostafa Saleh --- arch/arm64/kvm/hyp/nvhe/ffa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c index a12e01883314..daf0e328c847 100644 --- a/arch/arm64/kvm/hyp/nvhe/ffa.c +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c @@ -352,7 +352,7 @@ static u32 __ffa_host_share_ranges(struct ffa_mem_region_addr_range *ranges, u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE; u64 pfn = hyp_phys_to_pfn(range->address); - if (!PAGE_ALIGNED(sz)) + if (!PAGE_ALIGNED(sz | range->address)) break; if (__pkvm_host_share_ffa(pfn, sz / PAGE_SIZE)) @@ -372,7 +372,7 @@ static u32 __ffa_host_unshare_ranges(struct ffa_mem_region_addr_range *ranges, u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE; u64 pfn = hyp_phys_to_pfn(range->address); - if (!PAGE_ALIGNED(sz)) + if (!PAGE_ALIGNED(sz | range->address)) break; if (__pkvm_host_unshare_ffa(pfn, sz / PAGE_SIZE)) -- 2.54.0.746.g67dd491aae-goog