[PATCH v7 7/7] KVM: arm64: Zero out the stack initialized data in the FFA handler
Vincent Donnefort
vdonnefort at google.com
Thu Jun 18 10:14:32 PDT 2026
On Wed, Jun 17, 2026 at 02:51:30PM +0000, Sebastian Ene wrote:
> Don't leak hypervisor stack data when using the FFA_VERSION call.
> When the compiler doesn't support -ftrivial-auto-var-init=zero option
Even when it does, I believe this is an optional kernel option.
> we need to zero out the stack initialized variable before returning data
> to the host caller.
>
> Reported-by: Sashiko AI <sashiko-bot at kernel.org>
It seems most people are using "Reported-by: Sashiko <sashiko-bot at kernel.org>"
> Closes:
> https://lore.kernel.org/all/20260616160016.C62C81F000E9@smtp.kernel.org/
> Fixes: c9c012625e12 ("KVM: arm64: Trap FFA_VERSION host call in pKVM")
> Signed-off-by: Sebastian Ene <sebastianene at google.com>
Reviewed-by: Vincent Donnefort <vdonnefort at google.com>
> ---
> arch/arm64/kvm/hyp/nvhe/ffa.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
> index d7c5701d0584..b321682ead04 100644
> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
> @@ -883,7 +883,7 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res,
>
> bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
> {
> - struct arm_smccc_1_2_regs res;
> + struct arm_smccc_1_2_regs res = {0};
>
> /*
> * There's no way we can tell what a non-standard SMC call might
> --
> 2.54.0.1136.gdb2ca164c4-goog
>
More information about the linux-arm-kernel
mailing list