From b366878684444ff38a25fb9c1bd55d823b2f22f1 Mon Sep 17 00:00:00 2001
From: Quentin Perret <qperret@google.com>
Date: Fri, 7 Oct 2022 12:27:51 +0000
Subject: [PATCH] ANDROID: KVM: arm64: Fix MMIO guard unmap
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Pierre-Clément reports that the MMIO guard unmap hypercall exposed to
protected guests returns an error upon success. Indeed,
SMCCC_RET_SUCCESS is returned only if __pkvm_remove_ioguard_page()
failed, which doesn't match the expected behaviour.

Fix this by returning SMCCC_RET_INVALID_PARAMETER instead.

Bug: 251426790
Reported-by: Pierre-Clément Tosi <ptosi@google.com>
Signed-off-by: Quentin Perret <qperret@google.com>
Change-Id: Id746fa7d5d3a03ee5df6d114a07240822a0be93b
---
 arch/arm64/kvm/hyp/nvhe/pkvm.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/arm64/kvm/hyp/nvhe/pkvm.c b/arch/arm64/kvm/hyp/nvhe/pkvm.c
index 50717a46e735..3caa670a18cb 100644
--- a/arch/arm64/kvm/hyp/nvhe/pkvm.c
+++ b/arch/arm64/kvm/hyp/nvhe/pkvm.c
@@ -1338,6 +1338,8 @@ bool kvm_handle_pvm_hvc64(struct kvm_vcpu *vcpu, u64 *exit_code)
 		return pkvm_install_ioguard_page(vcpu, exit_code);
 	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_UNMAP_FUNC_ID:
 		if (__pkvm_remove_ioguard_page(vcpu, vcpu_get_reg(vcpu, 1)))
+			val[0] = SMCCC_RET_INVALID_PARAMETER;
+		else
 			val[0] = SMCCC_RET_SUCCESS;
 		break;
 	case ARM_SMCCC_VENDOR_HYP_KVM_MMIO_GUARD_INFO_FUNC_ID: