[PATCH 1/4] KVM: arm64: Trap FFA_VERSION host call in pKVM

From: Sebastian Ene
Date: Thu Apr 18 2024 - 12:32:01 EST

Next message: Sebastian Ene: "[PATCH 2/4] KVM: arm64: Add support for FFA_PARTITION_INFO_GET"
Previous message: Sebastian Ene: "[PATCH 0/4] KVM: arm64: pKVM host proxy FF-A fixes"
In reply to: Sebastian Ene: "[PATCH 0/4] KVM: arm64: pKVM host proxy FF-A fixes"
Next in thread: Sebastian Ene: "[PATCH 2/4] KVM: arm64: Add support for FFA_PARTITION_INFO_GET"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The pKVM hypervisor initializes with FF-A version 1.0. Keep the
supported version inside the host structure and prevent the host
drivers from overwriting the FF-A version with an increased version.
Without trapping the call, the host drivers can negotiate a higher
version number with TEE which can result in a different memory layout
described during the memory sharing calls.

Signed-off-by: Sebastian Ene <sebastianene@xxxxxxxxxx>
---
arch/arm64/kvm/hyp/nvhe/ffa.c | 43 ++++++++++++++++++++++++++++++++---
1 file changed, 40 insertions(+), 3 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
index 320f2eaa14a9..023712e8beeb 100644
--- a/arch/arm64/kvm/hyp/nvhe/ffa.c
+++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
@@ -58,6 +58,7 @@ struct kvm_ffa_buffers {
hyp_spinlock_t lock;
void *tx;
void *rx;
+ u32 ffa_version;
};

/*
@@ -640,6 +641,39 @@ static bool do_ffa_features(struct arm_smccc_res *res,
return true;
}

+static void do_ffa_version(struct arm_smccc_res *res,
+ struct kvm_cpu_context *ctxt)
+{
+ DECLARE_REG(u32, ffa_req_version, ctxt, 1);
+ u32 current_version;
+
+ hyp_spin_lock(&host_buffers.lock);
+ current_version = host_buffers.ffa_version;
+ if (FFA_MAJOR_VERSION(ffa_req_version) != FFA_MAJOR_VERSION(current_version)) {
+ res->a0 = FFA_RET_NOT_SUPPORTED;
+ goto unlock;
+ }
+
+ /*
+ * If the client driver tries to downgrade the version, we need to ask
+ * first if TEE supports it.
+ */
+ if (FFA_MINOR_VERSION(ffa_req_version) < FFA_MINOR_VERSION(current_version)) {
+ arm_smccc_1_1_smc(FFA_VERSION, ffa_req_version, 0,
+ 0, 0, 0, 0, 0,
+ res);
+ if (res->a0 == FFA_RET_NOT_SUPPORTED)
+ goto unlock;
+
+ host_buffers.ffa_version = ffa_req_version;
+ goto unlock;
+ }
+
+ res->a0 = current_version;
+unlock:
+ hyp_spin_unlock(&host_buffers.lock);
+}
+
bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
{
struct arm_smccc_res res;
@@ -686,6 +720,9 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
case FFA_MEM_FRAG_TX:
do_ffa_mem_frag_tx(&res, host_ctxt);
goto out_handled;
+ case FFA_VERSION:
+ do_ffa_version(&res, host_ctxt);
+ goto out_handled;
}

if (ffa_call_supported(func_id))
@@ -726,6 +763,8 @@ int hyp_ffa_init(void *pages)
if (FFA_MAJOR_VERSION(res.a0) != 1)
return -EOPNOTSUPP;

+ host_buffers.ffa_version = res.a0;
+
arm_smccc_1_1_smc(FFA_ID_GET, 0, 0, 0, 0, 0, 0, 0, &res);
if (res.a0 != FFA_SUCCESS)
return -EOPNOTSUPP;
@@ -772,9 +811,7 @@ int hyp_ffa_init(void *pages)
.rx = rx,
};

- host_buffers = (struct kvm_ffa_buffers) {
- .lock = __HYP_SPIN_LOCK_UNLOCKED,
- };
+ host_buffers.lock = __HYP_SPIN_LOCK_UNLOCKED;

return 0;
}
--
2.44.0.769.g3c40516874-goog

Next message: Sebastian Ene: "[PATCH 2/4] KVM: arm64: Add support for FFA_PARTITION_INFO_GET"
Previous message: Sebastian Ene: "[PATCH 0/4] KVM: arm64: pKVM host proxy FF-A fixes"
In reply to: Sebastian Ene: "[PATCH 0/4] KVM: arm64: pKVM host proxy FF-A fixes"
Next in thread: Sebastian Ene: "[PATCH 2/4] KVM: arm64: Add support for FFA_PARTITION_INFO_GET"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]