Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp1918734lqo;
        Mon, 13 May 2024 02:22:34 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCUpfujIrBI8j9/Ao92E9dLNG6WdtdShjkDDthvwBiIcAjV6gImbCWBFk4UtIpB34hv4a3S6RTta22RG+tp8MURz4xco+6H+ClOsjEkmvg==
X-Google-Smtp-Source: AGHT+IG+qof4n+naio05VagnHpb0NfldLaFeQgIUZ/K8Es3oSTzV9Qiujsdk1pOsnIJa24uNUSh4
X-Received: by 2002:ac8:588c:0:b0:43a:f13e:7d53 with SMTP id d75a77b69052e-43dfdaf45cdmr90657501cf.31.1715592153857;
        Mon, 13 May 2024 02:22:33 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1715592153; cv=pass;
        d=google.com; s=arc-20160816;
        b=texTlaLmf+JdF9XfZZYx67moVDzqg3oSectsW78zvyKLu6/p2Y2FJpo0Sx/VstEYwr
         PSbcTd20u+hyzWHZCHFUJ7CZrKHt/iL1WgvYkrd0Vmywdx+5FseK5yAmNsTcn/MNUrfl
         Cqh7bdCouNpi0XJzDrQ6bK2AJzmukSPvFTSP176NjjOY9YUV6rmFJPYsfzXAkwVwITrq
         PUHdUm6Lnk6Li67d53fAbgmtK1KcZji+OERE9ERD7zjRw2755Y/sjZb3LeywuOa9j652
         TV0x33FmPaXbrPwopPIamlAKlXBwJe6R/G1e1b9es9E4otAhQ44Ck06KFHGyx8NYcyzr
         6X9A==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date;
        bh=5dfdm9Vk9P5CiArU2QhD4a6bzcQ7+TFM9CMFHzaxjVU=;
        fh=Nh0BtEFwPUhlUw7j/qVSA0sD1PaE8TVvdzSm0ty2yyU=;
        b=COKiSK4+Eq4/EjCM6akb7jBlY4T1SYQIiBQOlPaT9BCz+AccCsDfZC32+WE8CODCtw
         LTxDosqt995LUrli2g2qR/azDwkhKQN73Fc4Gc53wtoI5xob/gst+5eqkwLvpXHtqUaP
         X5Vdm5g3cOvr2z+HKT0nId6zAvd+0YUTNe/v34+q2h2QJSCdwGjaqJTxguGoib12QN2w
         N0jtJn8kE0InA3vXyiOMncWTpB7+zMBTiYNQhGUJudenlQvNADG7l6dv2q+hJxmGVrWk
         btfmAHexc/5E/mN4OfO7FWJZthLZM+4/m9PMhquwPTpkx7sMf+ldogZ/+8LXoOmFZGkA
         WvBQ==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com);
       spf=pass (google.com: domain of linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id d75a77b69052e-43e1e7f21c6si7047441cf.414.2024.05.13.02.22.33
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 13 May 2024 02:22:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com);
       spf=pass (google.com: domain of linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-177400-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 92BA71C214C2
	for <linux.lists.archive@gmail.com>; Mon, 13 May 2024 09:22:33 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B8AFF1487E4;
	Mon, 13 May 2024 09:22:27 +0000 (UTC)
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id DC2E91474CF;
	Mon, 13 May 2024 09:22:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715592147; cv=none; b=XXF1V1c+g855/EjAeli+YM4eqHu5I+vpz5JyfxLs/08y7Mw2g45Q2HmkEAFSSfKTtWkcmyyhDn670SUmXV4fEcvxQV+GuAAYwhYtCqck5MzAVCxlcsNrgyZFJmEemqfZk1LP5dS3LRePHnJ5sYBViT3VOA/SW14MXRmKcyfV6bA=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715592147; c=relaxed/simple;
	bh=5dfdm9Vk9P5CiArU2QhD4a6bzcQ7+TFM9CMFHzaxjVU=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=G0mStU40oUPu6oE4iRUhoVvMNyQbzetzBJBaZCNGfYh57rvDbe6CdZPrUpmggGDTDJ9aU+sszjP7eNESSRfu7a20tzqV/U4609mOQCjo0NJCHlpYyhVvMrIr2NXFSkWG7kiDtxh50n2ta3Sa13tw+lW1rP5BWyjcMCSK0RJ/KT4=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9B36B1007;
	Mon, 13 May 2024 02:22:50 -0700 (PDT)
Received: from bogus (e103737-lin.cambridge.arm.com [10.1.197.49])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4D7353F762;
	Mon, 13 May 2024 02:22:24 -0700 (PDT)
Date: Mon, 13 May 2024 10:22:21 +0100
From: Sudeep Holla <sudeep.holla@arm.com>
To: Dominique Martinet <dominique.martinet@atmark-techno.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, stable@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Sudeep Holla <sudeep.holla@arm.com>,
	Cristian Marussi <cristian.marussi@arm.com>
Subject: Re: [PATCH 5.4 / 5.10] firmware: arm_scmi: Harden accesses to the
 reset domains
Message-ID: <ZkHbzRahnQgptrVr@bogus>
References: <20240513003837.810709-1-dominique.martinet@atmark-techno.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240513003837.810709-1-dominique.martinet@atmark-techno.com>

On Mon, May 13, 2024 at 09:38:37AM +0900, Dominique Martinet wrote:
> From: Cristian Marussi <cristian.marussi@arm.com>
>
> [ Upstream commit e9076ffbcaed5da6c182b144ef9f6e24554af268 ]
>
> Accessing reset domains descriptors by the index upon the SCMI drivers
> requests through the SCMI reset operations interface can potentially
> lead to out-of-bound violations if the SCMI driver misbehave.
>
> Add an internal consistency check before any such domains descriptors
> accesses.
>
> Link: https://lore.kernel.org/r/20220817172731.1185305-5-cristian.marussi@arm.com
> Signed-off-by: Cristian Marussi <cristian.marussi@arm.com>
> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
> Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
> ---
> This is the backport I promised for CVE-2022-48655[1]
> [1] https://lkml.kernel.org/r/Zj4t4q_w6gqzdvhz@codewreck.org
>

The backport looks good and thanks for doing that. Sometimes since we
know all the users are in the kernel, we tend to ignore the facts that
they need to be backport as this was considered as theoretical issue when
we pushed the fix. We try to keep that in mind and add fixes tag more
carefully in the future. Thanks for your effort and bring this to our
attention.

--
Regards,
Sudeep