On Wed, Nov 16, 2022 at 05:03:26PM +0000, Quentin Perret wrote: > From: Will Deacon <will@xxxxxxxxxx> > > When KVM is initialised in protected mode, we must take care to filter > certain FFA calls from the host kernel so that the integrity of guest > and hypervisor memory is maintained and is not made available to the > secure world. > > As a first step, intercept and block all memory-related FF-A SMC calls > from the host to EL3. This puts the framework in place for handling them > properly. Shouldn't FFA_FEATURES interception actually precede this patch? At this point in the series we're outright lying about the supported features to the host. -- Thanks, Oliver _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
