TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / hafnium.git / 6b754a188dca1a9cbcf8b8eb5056f0f2ab9b4a59^! / .
commit6b754a188dca1a9cbcf8b8eb5056f0f2ab9b4a59[log] [tgz]
authorJ-Alves <joao.alves@arm.com>Wed Feb 14 14:26:30 2024 +0000
committerJ-Alves <joao.alves@arm.com>Mon Feb 26 10:30:16 2024 +0000
treec4ed00040b4abb633e8f8b865612a0f7b1722060
parentf020814b4105a9fc390deb8306cfee24946d50a1 [diff]
fix: flags that mbz are checked

Added a check that the flags MBZ are checked
in the handling of FFA_NOTICATION_SET.

Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I3115126104cffcacb5f03a937436ce792a942294

diff --git a/src/api.c b/src/api.c
index 2ac9f91..c733bbf 100644
--- a/src/api.c
+++ b/src/api.c

@@ -3867,13 +3867,21 @@
 {
 	struct ffa_value ret;
 	struct vm_locked receiver_locked;
-
 	/*
 	 * Check if is per-vCPU or global, and extracting vCPU ID according
 	 * to table 17.19 of the FF-A v1.1 Beta 0 spec.
 	 */
 	bool is_per_vcpu = (flags & FFA_NOTIFICATION_FLAG_PER_VCPU) != 0U;
 	ffa_vcpu_index_t vcpu_id = (uint16_t)(flags >> 16);
+	const uint32_t flags_mbz =
+		~(FFA_NOTIFICATIONS_FLAG_PER_VCPU |
+		  FFA_NOTIFICATIONS_FLAG_DELAY_SRI | (0xFFFFU << 16));
+
+	if ((flags_mbz & flags) != 0U) {
+		dlog_verbose("%s: caller shouldn't set bits that MBZ.\n",
+			     __func__);
+		return ffa_error(FFA_INVALID_PARAMETERS);
+	}
 
 	if (!plat_ffa_is_notification_set_valid(current, sender_vm_id,
 						receiver_vm_id)) {

diff --git a/test/vmapi/ffa_secure_partitions/notifications.c b/test/vmapi/ffa_secure_partitions/notifications.c
index e7e5da6..c2585b1 100644
--- a/test/vmapi/ffa_secure_partitions/notifications.c
+++ b/test/vmapi/ffa_secure_partitions/notifications.c

@@ -252,6 +252,27 @@
 	EXPECT_FFA_ERROR(res, FFA_INVALID_PARAMETERS);
 }
 
+TEST(ffa_notifications, fail_if_mbz_set_in_notification_set)
+{
+	struct ffa_value res;
+	const ffa_id_t sender = SP_ID(1);
+	ffa_id_t own_id = hf_vm_get_id();
+
+	/* Arbitrarily bind notification. */
+	res = ffa_notification_bind(sender, own_id, 0,
+				    FFA_NOTIFICATION_MASK(1));
+	EXPECT_EQ(res.func, FFA_SUCCESS_32);
+
+	/* Requesting sender to set notification. */
+	res = sp_notif_set_cmd_send(own_id, sender, own_id,
+				    ~(FFA_NOTIFICATION_FLAG_PER_VCPU |
+				      FFA_NOTIFICATIONS_FLAG_DELAY_SRI),
+				    FFA_NOTIFICATION_MASK(1));
+	EXPECT_EQ(res.func, FFA_MSG_SEND_DIRECT_RESP_32);
+	EXPECT_EQ(sp_resp(res), SP_ERROR);
+	EXPECT_EQ(sp_resp_value(res), FFA_INVALID_PARAMETERS);
+}
+
 TEST(ffa_notifications, fail_if_mbz_set_in_notifications_bind)
 {
 	struct ffa_value res;