fix(memory sharing): memory attributes checks
In [1] we enforced that the sender of memory sharing call, should
specify the memory attributes supported by Hafnium. Though this remains
true for a FFA_MEM_SHARE call, this differs to what the spec mandates
for FFA_MEM_DONATE and FFA_MEM_LEND with single borrower. According
to section 10.10.4.2 of FF-A v1.1 EAC0 specification, in those cases the
memory attributes shall remain unspecified.
This patch fixes the checks in the handling of memory sharing calls,
and the tests that were affected by this change.
[1] https://review.trustedfirmware.org/c/hafnium/hafnium/+/13338
Change-Id: I125fbbe4213eb8cfadb53d8fd57ff8e7207dd4e6
Signed-off-by: J-Alves <joao.alves@arm.com>
diff --git a/src/ffa_memory.c b/src/ffa_memory.c
index dfe31de..1cd8c5e 100644
--- a/src/ffa_memory.c
+++ b/src/ffa_memory.c
@@ -1529,13 +1529,29 @@
}
/*
- * Check that sender's memory attributes match Hafnium expectations:
- * Normal Memory, Inner shareable, Write-Back Read-Allocate
- * Write-Allocate Cacheable.
+ * If a memory donate or lend with single borrower, the memory type
+ * shall not be specified by the sender.
*/
- ret = ffa_memory_attributes_validate(memory_region->attributes);
- if (ret.func != FFA_SUCCESS_32) {
- return ret;
+ if (share_func == FFA_MEM_DONATE_32 ||
+ (share_func == FFA_MEM_LEND_32 &&
+ memory_region->receiver_count == 1)) {
+ if (ffa_get_memory_type_attr(memory_region->attributes) !=
+ FFA_MEMORY_NOT_SPECIFIED_MEM) {
+ dlog_verbose(
+ "Memory type shall not be specified by "
+ "sender.\n");
+ return ffa_error(FFA_INVALID_PARAMETERS);
+ }
+ } else {
+ /*
+ * Check that sender's memory attributes match Hafnium
+ * expectations: Normal Memory, Inner shareable, Write-Back
+ * Read-Allocate Write-Allocate Cacheable.
+ */
+ ret = ffa_memory_attributes_validate(memory_region->attributes);
+ if (ret.func != FFA_SUCCESS_32) {
+ return ret;
+ }
}
return (struct ffa_value){.func = FFA_SUCCESS_32};