[PATCH v5 6/6] KVM: arm64: Ensure FFA ranges are page aligned

Next message: Jason Gunthorpe: "Re: [PATCH v5 10/20] dma-direct: make dma_direct_map_phys() honor DMA_ATTR_CC_SHARED"
Previous message: Boqun Feng: "[PATCH v2 08/12] sched: Remove the unused preempt_offset parameter of __cant_sleep()"
In reply to: Mostafa Saleh: "[PATCH v5 5/6] KVM: arm64: Validate the offset to the mem access descriptor"
Next in thread: Mostafa Saleh: "[PATCH v5 1/6] optee: ffa: Add NULL check in optee_ffa_lend_protmem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Mostafa Saleh

Date: Tue May 26 2026 - 11:50:51 EST

At the moment we only check that the size of the range is page
aligned, and truncate the address to the page boundary.
This make an assumption that TZ will do the same.

Harden this check by also checking that the base address is aligned
and reject it otherwise.

Signed-off-by: Mostafa Saleh <smostafa@xxxxxxxxxx>
---
arch/arm64/kvm/hyp/nvhe/ffa.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
index 79de358333e4..ea39e3362efe 100644
--- a/arch/arm64/kvm/hyp/nvhe/ffa.c
+++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
@@ -352,7 +352,7 @@ static u32 __ffa_host_share_ranges(struct ffa_mem_region_addr_range *ranges,
u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE;
u64 pfn = hyp_phys_to_pfn(range->address);

- if (!PAGE_ALIGNED(sz))
+ if (!PAGE_ALIGNED(sz | range->address))
break;

if (__pkvm_host_share_ffa(pfn, sz / PAGE_SIZE))
@@ -372,7 +372,7 @@ static u32 __ffa_host_unshare_ranges(struct ffa_mem_region_addr_range *ranges,
u64 sz = (u64)range->pg_cnt * FFA_PAGE_SIZE;
u64 pfn = hyp_phys_to_pfn(range->address);

- if (!PAGE_ALIGNED(sz))
+ if (!PAGE_ALIGNED(sz | range->address))
break;

if (__pkvm_host_unshare_ffa(pfn, sz / PAGE_SIZE))
--
2.54.0.746.g67dd491aae-goog