refactor: simplify secure interrupt handling
Simplify fucntions doing the handling of secure interrupts.
The function 'plat_ffa_handle_secure_interrupt' is unified to
cover cases in which execution is in the secure world, and
in the normal world, at a time the secure interrupt is triggered.
Change-Id: Iee743dc1aed2db717038a3a81f12c4c1b9868ab5
Signed-off-by: J-Alves <joao.alves@arm.com>
diff --git a/src/arch/aarch64/hypervisor/handler.c b/src/arch/aarch64/hypervisor/handler.c
index 0204429..28e0e8b 100644
--- a/src/arch/aarch64/hypervisor/handler.c
+++ b/src/arch/aarch64/hypervisor/handler.c
@@ -14,6 +14,7 @@
#include "hf/arch/mmu.h"
#include "hf/arch/plat/ffa.h"
#include "hf/arch/plat/smc.h"
+#include "hf/arch/vmid_base.h"
#include "hf/api.h"
#include "hf/check.h"
@@ -705,7 +706,16 @@
*args = api_ffa_notification_info_get(current);
return true;
case FFA_INTERRUPT_32:
- *args = plat_ffa_handle_secure_interrupt(current, next, true);
+ /*
+ * A malicious SP could invoke a HVC/SMC call with
+ * FFA_INTERRUPT_32 as the function argument. Return error to
+ * avoid DoS.
+ */
+ if (current->vm->id != HF_OTHER_WORLD_ID) {
+ *args = ffa_error(FFA_DENIED);
+ return true;
+ }
+ *args = plat_ffa_handle_secure_interrupt(current, next);
return true;
case FFA_CONSOLE_LOG_32:
case FFA_CONSOLE_LOG_64:
@@ -1052,7 +1062,7 @@
#if SECURE_WORLD == 1
struct vcpu *next = NULL;
- plat_ffa_handle_secure_interrupt(current(), &next, false);
+ plat_ffa_handle_secure_interrupt(current(), &next);
/*
* Since we are in interrupt context, set the bit for the