From 9fdbe1f39bb4e4cd6b7765cdfba76b3421173d98 Mon Sep 17 00:00:00 2001
From: David Brazdil <dbrazdil@google.com>
Date: Tue, 15 Mar 2022 11:37:28 +0000
Subject: [PATCH] ANDROID: KVM: arm64: iommu: Harden __pkvm_iommu_pm_notify

Currently __pkvm_iommu_pm_notify always changes the value of
dev->powered following a suspend/resume attempt. This could potentially
be abused to force the hypervisor to stop issuing updates to an S2MPU
and preserving an old/invalid state.

Modify to only update the power state if suspend/resume was successful.

Bug: 190463801
Change-Id: I32d5ce7d18b55c3bebfa3273c9f5ca098d5e61f4
Signed-off-by: David Brazdil <dbrazdil@google.com>
(cherry picked from commit 6eaed0b8b769b78fe237a13d757adb4bf1a883c6)
Signed-off-by: Mostafa Saleh <smostafa@google.com>
Signed-off-by: Quentin Perret <qperret@google.com>
---
 arch/arm64/kvm/hyp/nvhe/iommu.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kvm/hyp/nvhe/iommu.c b/arch/arm64/kvm/hyp/nvhe/iommu.c
index c6224056dfa0..f8fc5ad4e040 100644
--- a/arch/arm64/kvm/hyp/nvhe/iommu.c
+++ b/arch/arm64/kvm/hyp/nvhe/iommu.c
@@ -360,10 +360,12 @@ int __pkvm_iommu_pm_notify(unsigned long dev_id, enum pkvm_iommu_pm_event event)
 	if (dev) {
 		if (event == PKVM_IOMMU_PM_SUSPEND) {
 			ret = dev->ops->suspend ? dev->ops->suspend(dev) : 0;
-			dev->powered = !!ret;
+			if (!ret)
+				dev->powered = false;
 		} else if (event == PKVM_IOMMU_PM_RESUME) {
 			ret = dev->ops->resume ? dev->ops->resume(dev) : 0;
-			dev->powered = !ret;
+			if (!ret)
+				dev->powered = true;
 		} else {
 			ret = -EINVAL;
 		}