]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f71f7af) | patch
KVM: arm64: Check the untrusted offset in FF-A memory share
authorSebastian Ene <sebastianene@google.com>
Fri, 17 Oct 2025 07:57:10 +0000 (07:57 +0000)
committerMarc Zyngier <maz@kernel.org>
Thu, 30 Oct 2025 16:14:58 +0000 (16:14 +0000)
commit103e17aac09cdd358133f9e00998b75d6c1f1518
tree4354f94dff17ba18a2c8204374c68b9842826876tree | snapshot
parentf71f7afd0a0cd3f044cd2f8aba71a1a7229df762commit | diff
KVM: arm64: Check the untrusted offset in FF-A memory share

Verify the offset to prevent OOB access in the hypervisor
FF-A buffer in case an untrusted large enough value
[U32_MAX - sizeof(struct ffa_composite_mem_region) + 1, U32_MAX]
is set from the host kernel.

Signed-off-by: Sebastian Ene <sebastianene@google.com>
Acked-by: Will Deacon <will@kernel.org>
Link: https://patch.msgid.link/20251017075710.2605118-1-sebastianene@google.com
Signed-off-by: Marc Zyngier <maz@kernel.org>
arch/arm64/kvm/hyp/nvhe/ffa.c diff | blob | blame | history
A mirror of Linus' kernel repository