core: ffa: add direct request v2 support#7840
Conversation
| } | ||
|
|
||
| if (ffa_version != FFA_VERSION_1_0 && ffa_version != FFA_VERSION_1_1) { | ||
| if (ffa_version != FFA_VERSION_1_0 && |
There was a problem hiding this comment.
How about if (ffa_version < FFA_VERSION_1_0 || ffa_version > FFA_VERSION_1_2)?
|
|
||
| #ifdef ARM64 | ||
| memcpy(ctx->sp_regs.x, args->a, sizeof(args->a)); | ||
| #else |
There was a problem hiding this comment.
This isn't working for ARM32, so we should replace the assignment with the memcpy instead.
Same further down in this function.
There was a problem hiding this comment.
The old ARM32 path in this patch still used x[] even though ARM32 thread_ctx_regs does not have that field. I replaced it with a struct copy, and made the same change at the second copy site.
There was a problem hiding this comment.
Can remove the ARM32 part entirely if you want.
There was a problem hiding this comment.
Please remove the ARM32 part entirely.
| static void direct_req2_uuid_from_args(struct thread_smc_1_2_regs *args, | ||
| uint32_t uuid_words[4]) | ||
| { | ||
| uuid_words[0] = (uint32_t)args->a2; |
There was a problem hiding this comment.
Please use high32_from_64() and low32_from_64() to extract the words.
| !uuid_words[2] && !uuid_words[3]); | ||
| } | ||
|
|
||
| #ifdef ARM64 |
There was a problem hiding this comment.
This file is only compiled for ARM64, so the ifdef isn't needed.
There was a problem hiding this comment.
Removed the ifdefs for ARM64
| struct sp_session *dst = NULL; | ||
| struct spmc_lsp_desc *lsp = NULL; | ||
| TEE_Result res = FFA_OK; | ||
| bool is_req2 = args->a0 == FFA_MSG_SEND_DIRECT_REQ2; |
There was a problem hiding this comment.
To keep it simple, I'd prefer:
uint32_t caller_props = 0;
uint32_t dst_prots = 0
if (args->a0 == FFA_MSG_SEND_DIRECT_REQ2) {
caller_props = FFA_PART_PROP_DIRECT_REQ2_SEND;
dst_props = FFA_PART_PROP_DIRECT_REQ2_RECV;
} else {
caller_props = FFA_PART_PROP_DIRECT_REQ_SEND;
dst_props = FFA_PART_PROP_DIRECT_REQ_RECV;
}| } | ||
|
|
||
| if (args->a2 & FFA_MSG_FLAG_FRAMEWORK) { | ||
| if (is_resp2) { |
There was a problem hiding this comment.
if (args->a0 == FFA_MSG_SEND_DIRECT_RESP2) {
| static void init_regs_spmc(struct thread_ctx *thread, | ||
| const struct thread_smc_1_2_regs *args, void *pc) | ||
| { | ||
| #ifdef ARM64 |
There was a problem hiding this comment.
With CFG_SECURE_PARTITION y, we can depend on ARM64 to be defined.
| #ifdef ARM64 | ||
| size_t n = 0; | ||
|
|
||
| thread->regs.pc = (uint64_t)pc; |
There was a problem hiding this comment.
Prefer casting to vaddr_t when converting a pointer into an integer.
| for (; n < ARRAY_SIZE(thread->regs.x); n++) | ||
| thread->regs.x[n] = 0; | ||
|
|
||
| thread->regs.x[29] = 0; |
There was a problem hiding this comment.
This should already be cleared in the loop above.
| FFA_PART_PROP_DIRECT_REQ_SEND | | ||
| FFA_PART_PROP_INDIRECT_MSGS; | ||
| /* In FF-A 1.1 only bits [8:0] are defined, let's mask others */ | ||
| else if (ffa_vers < FFA_VERSION_1_2) |
There was a problem hiding this comment.
This seems a bit broken. How about something like this instead?
/* mask out bits introduced with FF-A version 1.1 */
if (ffa_vers < FFA_VERSION_1_1)
...
/* mask out bits introduced with FF-A version 1.2 */
if (ffa_vers < FFA_VERSION_1_2)
...There was a problem hiding this comment.
Made the switch to this form
|
|
||
| if (ffa_version != FFA_VERSION_1_0 && ffa_version != FFA_VERSION_1_1) { | ||
| if (ffa_version < FFA_VERSION_1_0 || | ||
| ffa_version > FFA_VERSION_1_2) { |
There was a problem hiding this comment.
Please fold up, it fits on one line.
|
|
||
| #ifdef ARM64 | ||
| memcpy(ctx->sp_regs.x, args->a, sizeof(args->a)); | ||
| #else |
There was a problem hiding this comment.
Please remove the ARM32 part entirely.
| switch (resp_fid) { | ||
| case FFA_MSG_SEND_DIRECT_RESP_32: | ||
| return req_fid == FFA_MSG_SEND_DIRECT_REQ_32; | ||
| #ifdef ARM64 |
There was a problem hiding this comment.
The ifdef/endif isn't needed.
|
Looks good, please squash in the fixups and apply: |
Add support for FF-A direct request/response v2 messages for secure partitions. Direct request v2 carries the target service UUID in x2/x3 and uses x4-x17 for the payload, so preserve the full AArch64 FF-A register set when entering and returning from secure partitions. Advertise DirectReq2/Resp2 to normal-world and secure partition callers, and expose the corresponding partition properties for AArch64 secure partitions that support direct messaging. Validate DirectReq2 messages by checking sender and receiver capabilities and matching non-nil UUIDs against the destination partition UUID. Logical secure partitions do not support DirectReq2 yet, so reject Req2 messages targeting LSPs. Signed-off-by: Arteom Katkov <arteom.katkov@arm.com> Signed-off-by: Sahil Kaushal <Sahil.Kaushal@arm.com> Reviewed-by: Jens Wiklander <jenswi@kernel.org>
sah01Kaushal
force-pushed
the
directreq2-upstream
branch
from
0d70e5b to
73947a6
Compare
Thank you very much for the review, Jens! I have squashed the fixups in and pushed again. |
|
I'll merge this when the CI checks have passed. |
3 participants
Add support for FF-A direct request/response v2 messages for secure partitions.
Direct request v2 carries the target service UUID in x2/x3 and uses x4-x17 for the payload, so preserve the full AArch64 FF-A register set when entering and returning from secure partitions.
Advertise DirectReq2/Resp2 to normal-world and secure partition callers, and expose the corresponding partition properties for AArch64 secure partitions that support direct messaging. Validate DirectReq2 messages by checking sender and receiver capabilities and matching non-nil UUIDs against the destination partition UUID.
Logical secure partitions do not support DirectReq2 yet, so reject Req2 messages targeting LSPs.