From 7eb3da71b583a7f3908dc0168ac01df2337e0d21 Mon Sep 17 00:00:00 2001
From: Stefan Kalkowski <stefan.kalkowski@genode-labs.com>
Date: Wed, 24 Nov 2021 16:22:08 +0100
Subject: [PATCH] base-hw: check managing_system property for SMC

* When issuing a secure-monitor-call on behalf of a PD session client
  first check the permission via the 'managing_system' property.

Fix #4321
---
 repos/base-hw/src/core/spec/arm_v8/pd_session_support.cc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/repos/base-hw/src/core/spec/arm_v8/pd_session_support.cc b/repos/base-hw/src/core/spec/arm_v8/pd_session_support.cc
index d204a82e47..c23e68c7ab 100644
--- a/repos/base-hw/src/core/spec/arm_v8/pd_session_support.cc
+++ b/repos/base-hw/src/core/spec/arm_v8/pd_session_support.cc
@@ -21,8 +21,14 @@ using State = Genode::Pd_session::Managing_system_state;
 
 State Pd_session_component::managing_system(State const & s)
 {
+	static constexpr addr_t SMCCC_NOT_SUPPORTED = 0xffffffffUL;
+
 	State ret;
-	ret.r[0] = Hw::Psci_smc_functor::call(s.r[0], s.r[1], s.r[2], s.r[3]);
+
+	ret.r[0] = (_managing_system == Managing_system::DENIED)
+		? SMCCC_NOT_SUPPORTED
+		: Hw::Psci_smc_functor::call(s.r[0], s.r[1], s.r[2], s.r[3]);
+
 	return ret;
 }