core: ffa: Clear FFA_MEM_RETRIEVE_RESP memory descriptor fields

Clear the memory descriptors in FFA_MEM_RETRIEVE_RESP calls in order to
set the reserved fields to zero. The caller might check if the reserved
fields are zero as it is stated in the FF-A spec. With FF-A v1.1 the
memory transaction descriptor's 4 byte field at offset 24 has changed
from reserved (MBZ) to Endpoint memory access descriptor size
(non-zero). With the reserved field not cleared in the v1.0 descriptor,
the caller cannot verify if it got the right version of the memory
transaction descriptor.

This issue only affects the FFA_MEM_RETRIEVE_RESP call at the
S-EL1 <-> S-EL0 interface, in all other cases the descriptors are
cleared properly.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

core/arch/arm/kernel/spmc_sp_handler.c

@@ -1,6 +1,6 @@
 // SPDX-License-Identifier: BSD-2-Clause
 /*
- * Copyright (c) 2021-2023, Arm Limited
+ * Copyright (c) 2021-2024, Arm Limited
  */
 #include <assert.h>
 #include <bench.h>
@@ -500,6 +500,8 @@ static void create_retrieve_response(uint32_t ffa_vers, void *dst_buffer,
 	if (ffa_vers <= FFA_VERSION_1_0) {
 		struct ffa_mem_transaction_1_0 *d_ds = dst_buffer;
 
+		memset(d_ds, 0, sizeof(*d_ds));
+
 		off = sizeof(*d_ds);
 		mem_acc = d_ds->mem_access_array;
 
@@ -512,6 +514,8 @@ static void create_retrieve_response(uint32_t ffa_vers, void *dst_buffer,
 	} else {
 		struct ffa_mem_transaction_1_1 *d_ds = dst_buffer;
 
+		memset(d_ds, 0, sizeof(*d_ds));
+
 		off = sizeof(*d_ds);
 		mem_acc = (void *)(d_ds + 1);
 
@@ -533,6 +537,7 @@ static void create_retrieve_response(uint32_t ffa_vers, void *dst_buffer,
 	       sizeof(struct ffa_mem_access_perm));
 
 	/* Copy the mem_region_descr */
+	memset(dst_region, 0, sizeof(*dst_region));
 	dst_region->address_range_count = 0;
 	dst_region->total_page_count = 0;