Public bug reported: Summary
Backport FF-A driver fix to 24.04_linux-nvidia-6.17-next: 1) firmware: arm_ffa: Bound PARTITION_INFO_GET_REGS copies — cherry-picked from mainline 3974ea1938406f9bfa7c1f48d4e43533f447bb08 (Sudeep Holla). Bounds-checks the firmware-provided indices in the register-based PARTITION_INFO_GET path so the copy loop cannot write past the caller buffer. Required as a prerequisite for the second patch. 2) firmware: arm_ffa: Honor partition info descriptor size — backported from linux-next 01b9cae706161a39452a2cce0f281d4369344c51 (Jamie Nguyen, via Sudeep Holla's tree). Makes __ffa_partition_info_get_regs() use the SPMC-advertised per-descriptor size as the register stride instead of the hardcoded 24-byte (regs += 3) value. Without this, an FF-A v1.3 SPMC returning the 48-byte descriptor desyncs the parser, causing every other entry to be read from a slice of two adjacent ones. The former is taken as a dependency so that the latter applies cleanly. Upstream references: linux-next: https://patch.msgid.link/[email protected] ** Affects: linux-nvidia-6.17 (Ubuntu) Importance: Undecided Status: New ** Affects: linux-nvidia-7.0 (Ubuntu) Importance: Undecided Status: New ** Also affects: linux-nvidia-7.0 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2154045 Title: linux-nvidia: backport FF-A partition info descriptor size fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-nvidia-6.17/+bug/2154045/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
