lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Zmmph6YlIsBhJQqd@bogus>
Date: Wed, 12 Jun 2024 14:58:31 +0100
From: Sudeep Holla <sudeep.holla@....com>
To: Sebastian Ene <sebastianene@...gle.com>
Cc: catalin.marinas@....com, james.morse@....com, jean-philippe@...aro.org,
	Sudeep Holla <sudeep.holla@....com>, maz@...nel.org,
	oliver.upton@...ux.dev, qperret@...gle.com, qwandor@...gle.com,
	suzuki.poulose@....com, tabba@...gle.com, will@...nel.org,
	yuzenghui@...wei.com, lpieralisi@...nel.org, kvmarm@...ts.linux.dev,
	linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
	kernel-team@...roid.com
Subject: Re: [PATCH v2 1/4] KVM: arm64: Trap FFA_VERSION host call in pKVM

On Wed, May 15, 2024 at 05:22:55PM +0000, Sebastian Ene wrote:
> The pKVM hypervisor initializes with FF-A version 1.0. The spec requires
> that no other FF-A calls to be issued before the version negotiation
> phase is complete. Split the hypervisor proxy initialization code in two
> parts so that we can move the later one after the host negotiates its
> version.

Blank line here would be nice.

> Without trapping the call, the host drivers can negotiate a higher
> version number with TEE which can result in a different memory layout
> described during the memory sharing calls.
>

LGTM(apart from minor nits),

Reviewed-by: Sudeep Holla <sudeep.holla@....com>

> Signed-off-by: Sebastian Ene <sebastianene@...gle.com>
> ---
>  arch/arm64/kvm/hyp/nvhe/ffa.c | 123 +++++++++++++++++++++++++---------
>  1 file changed, 92 insertions(+), 31 deletions(-)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
> index 320f2eaa14a9..72f1206c85fb 100644
> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
> @@ -1,4 +1,5 @@
>  // SPDX-License-Identifier: GPL-2.0-only
> +//

It should be OK but still spurious for $subject 😉

[...]

> @@ -700,7 +789,6 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
>  int hyp_ffa_init(void *pages)
>  {
>  	struct arm_smccc_res res;
> -	size_t min_rxtx_sz;
>  	void *tx, *rx;
>
>  	if (kvm_host_psci_config.smccc_version < ARM_SMCCC_VERSION_1_2)
> @@ -726,35 +814,7 @@ int hyp_ffa_init(void *pages)
>  	if (FFA_MAJOR_VERSION(res.a0) != 1)
>  		return -EOPNOTSUPP;
>
> -	arm_smccc_1_1_smc(FFA_ID_GET, 0, 0, 0, 0, 0, 0, 0, &res);
> -	if (res.a0 != FFA_SUCCESS)
> -		return -EOPNOTSUPP;
> -
> -	if (res.a2 != HOST_FFA_ID)
> -		return -EINVAL;
> -
> -	arm_smccc_1_1_smc(FFA_FEATURES, FFA_FN64_RXTX_MAP,
> -			  0, 0, 0, 0, 0, 0, &res);
> -	if (res.a0 != FFA_SUCCESS)
> -		return -EOPNOTSUPP;
> -
> -	switch (res.a2) {
> -	case FFA_FEAT_RXTX_MIN_SZ_4K:
> -		min_rxtx_sz = SZ_4K;
> -		break;
> -	case FFA_FEAT_RXTX_MIN_SZ_16K:
> -		min_rxtx_sz = SZ_16K;
> -		break;
> -	case FFA_FEAT_RXTX_MIN_SZ_64K:
> -		min_rxtx_sz = SZ_64K;
> -		break;
> -	default:
> -		return -EINVAL;
> -	}
> -
> -	if (min_rxtx_sz > PAGE_SIZE)
> -		return -EOPNOTSUPP;
> -
> +	hyp_ffa_version = FFA_VERSION_1_0;
>  	tx = pages;
>  	pages += KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE;
>  	rx = pages;
> @@ -773,8 +833,9 @@ int hyp_ffa_init(void *pages)
>  	};
>
>  	host_buffers = (struct kvm_ffa_buffers) {
> -		.lock	= __HYP_SPIN_LOCK_UNLOCKED,
> +		.lock   = __HYP_SPIN_LOCK_UNLOCKED,

Spurious or intentional whitespace change ? I can't make out from the mail.

--
Regards,
Sudeep

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ