[PATCH v2 00/10] KVM: arm64: FF-A proxy for pKVM

Will Deacon will at kernel.org
Wed Apr 19 05:20:41 PDT 2023 

Hi folks,

This is the second version of the pKVM FF-A proxy patches that were
originally posted by Quentin a while back:

	https://lore.kernel.org/r/20221116170335.2341003-1-qperret@google.com

As described in the original cover letter, these patches provide a
mechanism for pKVM to intercept memory being shared between the host
and Trustzone in order to prevent "confused deputy" attacks where the
host can ask Trustzone to access protected guest pages.

Changes since v1 include:

  * Remove double negatives by inverting ffa_call_unsupported() into
    ffa_call_supported()

  * Re-order patch series so that FFA_FEATURES doesn't advertise
    unimplemented functions during bisection

  * Rework patches to introduce function switch case by case

  * Dropped the first two changes as they have been merged upstream

  * Dropped stray "ANDROID:" prefix from the final patch

Thanks to Oliver for his comments on the initial posting.

Patches based on -rc7 and also pushed here:

git://git.kernel.org/pub/scm/linux/kernel/git/will/linux.git kvm/ffa-proxy

Cheers,

Will

Cc: Quentin Perret <qperret at google.com>
Cc: Marc Zyngier <maz at kernel.org>
Cc: Oliver Upton <oliver.upton at linux.dev>
Cc: James Morse <james.morse at arm.com>
Cc: Alexandru Elisei <alexandru.elisei at arm.com>
Cc: Suzuki K Poulose <suzuki.poulose at arm.com>
Cc: Sudeep Holla <sudeep.holla at arm.com>
Cc: Sebastian Ene <sebastianene at google.com>
Cc: Fuad Tabba <tabba at google.com>
Cc: kvmarm at lists.linux.dev
Cc: kernel-team at android.com

--->8	  

Fuad Tabba (1):
  KVM: arm64: Handle FFA_FEATURES call from the host

Quentin Perret (1):
  KVM: arm64: pkvm: Add support for fragmented FF-A descriptors

Will Deacon (8):
  KVM: arm64: Block unsafe FF-A calls from the host
  KVM: arm64: Probe FF-A version and host/hyp partition ID during init
  KVM: arm64: Allocate pages for hypervisor FF-A mailboxes
  KVM: arm64: Handle FFA_RXTX_MAP and FFA_RXTX_UNMAP calls from the host
  KVM: arm64: Add FF-A helpers to share/unshare memory with secure world
  KVM: arm64: Handle FFA_MEM_SHARE calls from the host
  KVM: arm64: Handle FFA_MEM_RECLAIM calls from the host
  KVM: arm64: Handle FFA_MEM_LEND calls from the host

 arch/arm64/include/asm/kvm_host.h             |   1 +
 arch/arm64/include/asm/kvm_pkvm.h             |  21 +
 arch/arm64/kvm/arm.c                          |   1 +
 arch/arm64/kvm/hyp/include/nvhe/ffa.h         |  17 +
 arch/arm64/kvm/hyp/include/nvhe/mem_protect.h |   3 +
 arch/arm64/kvm/hyp/nvhe/Makefile              |   2 +-
 arch/arm64/kvm/hyp/nvhe/ffa.c                 | 745 ++++++++++++++++++
 arch/arm64/kvm/hyp/nvhe/hyp-main.c            |   3 +
 arch/arm64/kvm/hyp/nvhe/mem_protect.c         |  68 ++
 arch/arm64/kvm/hyp/nvhe/setup.c               |  11 +
 arch/arm64/kvm/pkvm.c                         |   1 +
 include/linux/arm_ffa.h                       |   8 +
 12 files changed, 880 insertions(+), 1 deletion(-)
 create mode 100644 arch/arm64/kvm/hyp/include/nvhe/ffa.h
 create mode 100644 arch/arm64/kvm/hyp/nvhe/ffa.c

-- 
2.40.0.634.g4ca3ef3211-goog

More information about the linux-arm-kernel mailing list