[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250529120523.GA29242@willie-the-truck>
Date: Thu, 29 May 2025 13:05:24 +0100
From: Will Deacon <will@...nel.org>
To: perlarsen@...gle.com
Cc: Marc Zyngier <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>,
Joey Gouly <joey.gouly@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Zenghui Yu <yuzenghui@...wei.com>,
Catalin Marinas <catalin.marinas@....com>,
Sudeep Holla <sudeep.holla@....com>,
linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.linux.dev,
linux-kernel@...r.kernel.org, sebastianene@...gle.com,
qperret@...gle.com, qwandor@...gle.com, arve@...roid.com,
perl@...unant.com, lpieralisi@...nel.org, kernel-team@...roid.com,
tabba@...gle.com, james.morse@....com, armellel@...gle.com,
jean-philippe@...aro.org, ahomescu@...gle.com
Subject: Re: [PATCH v4 3/5] KVM: arm64: Mark FFA_NOTIFICATION_* calls as
unsupported
On Fri, May 16, 2025 at 12:14:02PM +0000, Per Larsen via B4 Relay wrote:
> From: Per Larsen <perlarsen@...gle.com>
>
> Prevent FFA_NOTIFICATION_* interfaces from being passed through to TZ.
>
> Signed-off-by: Per Larsen <perlarsen@...gle.com>
> ---
> arch/arm64/kvm/hyp/nvhe/ffa.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
> index b3d016bee404ce3f8c72cc57befb4ef4e6c1657f..a545d25002c85b79a8d281739479dab7838a7cd3 100644
> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
> @@ -632,6 +632,14 @@ static bool ffa_call_supported(u64 func_id)
> case FFA_RXTX_MAP:
> case FFA_MEM_DONATE:
> case FFA_MEM_RETRIEVE_REQ:
> + /* Optional notification interfaces added in FF-A 1.1 */
> + case FFA_NOTIFICATION_BITMAP_CREATE:
> + case FFA_NOTIFICATION_BITMAP_DESTROY:
> + case FFA_NOTIFICATION_BIND:
> + case FFA_NOTIFICATION_UNBIND:
> + case FFA_NOTIFICATION_SET:
> + case FFA_NOTIFICATION_GET:
> + case FFA_NOTIFICATION_INFO_GET:
> return false;
Acked-by: Will Deacon <will@...nel.org>
That said, I wonder if we should revisit this denylist along the lines
of the discussion with Oliver on the initial FF-A proxy series:
https://lore.kernel.org/kvmarm/ZGx0QBZzFCmm636r@linux.dev/
We check for is_ffa_call() already, so we could invert the above to be
an allow-list for calls within the FF-A range rather than a deny-list.
What do you think?
Will
Powered by blists - more mailing lists