| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251114-pkvm_init_noffa-v1-1-87a82e87c345@google.com> Date: Fri, 14 Nov 2025 11:11:53 +0000 From: "Kornel Dulęba" <korneld@...gle.com> To: Marc Zyngier <maz@...nel.org>, Oliver Upton <oupton@...nel.org>, Joey Gouly <joey.gouly@....com>, Suzuki K Poulose <suzuki.poulose@....com>, Zenghui Yu <yuzenghui@...wei.com>, Catalin Marinas <catalin.marinas@....com>, Will Deacon <will@...nel.org> Cc: Bartlomiej Grzesik <bgrzesik@...gle.com>, Tomasz Nowicki <tnowicki@...gle.com>, Sebastian Ene <sebastianene@...gle.com>, linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.linux.dev, linux-kernel@...r.kernel.org, "Kornel Dulęba" <korneld@...gle.com> Subject: [PATCH] KVM: arm64: Fix error checking for FFA_VERSION According to section 13.2 of the DEN0077 FF-A specification, when firmware does not support the requested version, it should reply with FFA_RET_NOT_SUPPORTED(-1). Table 13.6 specifies the type of the error code as int32. Currently, the error checking logic compares the unsigned long return value it got from the SMC layer, against a "-1" literal. This fails due to a type mismatch: the literal is extended to 64 bits, whereas the register contains only 32 bits of ones(0x00000000ffffffff). Consequently, hyp_ffa_init misinterprets the "-1" return value as an invalid FF-A version. This prevents pKVM initialization on devices where FF-A is not supported in firmware. Fix this by explicitly casting res.a0 to s32. Signed-off-by: Kornel Dulęba <korneld@...gle.com> --- arch/arm64/kvm/hyp/nvhe/ffa.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c index 58b7d0c477d7fce235fc70d089d175c7879861b5..ab1e53bd4ceeea431fc30a875482ed1523b01ab5 100644 --- a/arch/arm64/kvm/hyp/nvhe/ffa.c +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c @@ -792,7 +792,7 @@ static void do_ffa_version(struct arm_smccc_1_2_regs *res, .a0 = FFA_VERSION, .a1 = ffa_req_version, }, res); - if (res->a0 == FFA_RET_NOT_SUPPORTED) + if ((s32)res->a0 == FFA_RET_NOT_SUPPORTED) goto unlock; hyp_ffa_version = ffa_req_version; @@ -943,7 +943,7 @@ int hyp_ffa_init(void *pages) .a0 = FFA_VERSION, .a1 = FFA_VERSION_1_2, }, &res); - if (res.a0 == FFA_RET_NOT_SUPPORTED) + if ((s32)res.a0 == FFA_RET_NOT_SUPPORTED) return 0; /* --- base-commit: 6fa9041b7177f6771817b95e83f6df17b147c8c6 change-id: 20251114-pkvm_init_noffa-ac880547e727 Best regards, -- Kornel Dulęba <korneld@...gle.com>
Powered by blists - more mailing lists