* [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
2026-01-21 8:27 [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay
@ 2026-01-21 8:27 ` Per Larsen via B4 Relay
2026-01-23 12:55 ` Will Deacon
2026-01-21 8:27 ` [PATCH v5 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 " Per Larsen via B4 Relay
2026-04-30 21:40 ` [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Yeoreum Yun
2 siblings, 1 reply; 7+ messages in thread
From: Per Larsen via B4 Relay @ 2026-01-21 8:27 UTC (permalink / raw)
To: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Will Deacon, Yeoreum Yun, Ben Horgan,
Oliver Upton
Cc: Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel, Per Larsen
From: Sebastian Ene <sebastianene@google.com>
Allow direct messages to be forwarded from the host. The host should
not be sending framework messages so they are filtered out.
Signed-off-by: Sebastian Ene <sebastianene@google.com>
Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
Signed-off-by: Per Larsen <perlarsen@google.com>
---
arch/arm64/kvm/hyp/nvhe/ffa.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
index f731cc4c3f280a32acccca0de92b9ac6c8e05602..9967916278a7ca051500946ef2fcfe7bb40e0e8d 100644
--- a/arch/arm64/kvm/hyp/nvhe/ffa.c
+++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
@@ -862,6 +862,28 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res,
hyp_spin_unlock(&host_buffers.lock);
}
+static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res,
+ struct kvm_cpu_context *ctxt,
+ u64 vm_handle)
+{
+ DECLARE_REG(u32, flags, ctxt, 2);
+
+ struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0];
+
+ if (vm_handle != HOST_FFA_ID) {
+ ffa_to_smccc_error(res, FFA_RET_INVALID_PARAMETERS);
+ return;
+ }
+
+ /* filter out framework messages and validate SBZ/MBZ bits */
+ if (flags) {
+ ffa_to_smccc_error(res, FFA_RET_INVALID_PARAMETERS);
+ return;
+ }
+
+ arm_smccc_1_2_smc(args, res);
+}
+
bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
{
struct arm_smccc_1_2_regs res;
@@ -920,6 +942,10 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
case FFA_PARTITION_INFO_GET:
do_ffa_part_get(&res, host_ctxt);
goto out_handled;
+ case FFA_MSG_SEND_DIRECT_REQ:
+ case FFA_FN64_MSG_SEND_DIRECT_REQ:
+ do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID);
+ goto out_handled;
}
if (ffa_call_supported(func_id))
--
2.52.0.457.g6b5491de43-goog
^ permalink raw reply related [flat|nested] 7+ messages in thread* Re: [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
2026-01-21 8:27 ` [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay
@ 2026-01-23 12:55 ` Will Deacon
2026-05-01 2:18 ` Per Larsen
0 siblings, 1 reply; 7+ messages in thread
From: Will Deacon @ 2026-01-23 12:55 UTC (permalink / raw)
To: perlarsen
Cc: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Yeoreum Yun, Ben Horgan, Oliver Upton,
Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel
Per,
On Wed, Jan 21, 2026 at 08:27:12AM +0000, Per Larsen via B4 Relay wrote:
> From: Sebastian Ene <sebastianene@google.com>
>
> Allow direct messages to be forwarded from the host. The host should
> not be sending framework messages so they are filtered out.
>
> Signed-off-by: Sebastian Ene <sebastianene@google.com>
> Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
> Signed-off-by: Per Larsen <perlarsen@google.com>
> ---
> arch/arm64/kvm/hyp/nvhe/ffa.c | 26 ++++++++++++++++++++++++++
> 1 file changed, 26 insertions(+)
>
> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
> index f731cc4c3f280a32acccca0de92b9ac6c8e05602..9967916278a7ca051500946ef2fcfe7bb40e0e8d 100644
> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
> @@ -862,6 +862,28 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res,
> hyp_spin_unlock(&host_buffers.lock);
> }
>
> +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res,
> + struct kvm_cpu_context *ctxt,
> + u64 vm_handle)
> +{
> + DECLARE_REG(u32, flags, ctxt, 2);
> +
> + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0];
> +
> + if (vm_handle != HOST_FFA_ID) {
> + ffa_to_smccc_error(res, FFA_RET_INVALID_PARAMETERS);
> + return;
> + }
Sorry, but this isn't what I had in mind. 'vm_handle' is just a local
variable and the only caller passes HOST_FFA_ID, so this isn't really
achieving anything.
What you had in v4 dropped the 'vm_handle' argument entirely, which I
think is the right thing to do. However, the FF-A spec encodes the sender
ID in bits 31:16 of register W1 and so _that_ is what I think we should
be checking because _that_ is what the receiver will see.
Honestly, we could avoid quite a lot of these review cycles if you
actually replied to my emails on the list instead of just responding
with a new patch series each time. It's supposed to be a technical
discussion...
Will
^ permalink raw reply [flat|nested] 7+ messages in thread* Re: [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
2026-01-23 12:55 ` Will Deacon
@ 2026-05-01 2:18 ` Per Larsen
0 siblings, 0 replies; 7+ messages in thread
From: Per Larsen @ 2026-05-01 2:18 UTC (permalink / raw)
To: Will Deacon, perlarsen
Cc: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Yeoreum Yun, Ben Horgan, Oliver Upton,
Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel
On 1/23/26 4:55 AM, Will Deacon wrote:
> Per,
>
> On Wed, Jan 21, 2026 at 08:27:12AM +0000, Per Larsen via B4 Relay wrote:
>> From: Sebastian Ene <sebastianene@google.com>
>>
>> Allow direct messages to be forwarded from the host. The host should
>> not be sending framework messages so they are filtered out.
>>
>> Signed-off-by: Sebastian Ene <sebastianene@google.com>
>> Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
>> Signed-off-by: Per Larsen <perlarsen@google.com>
>> ---
>> arch/arm64/kvm/hyp/nvhe/ffa.c | 26 ++++++++++++++++++++++++++
>> 1 file changed, 26 insertions(+)
>>
>> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
>> index f731cc4c3f280a32acccca0de92b9ac6c8e05602..9967916278a7ca051500946ef2fcfe7bb40e0e8d 100644
>> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c
>> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
>> @@ -862,6 +862,28 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res,
>> hyp_spin_unlock(&host_buffers.lock);
>> }
>>
>> +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res,
>> + struct kvm_cpu_context *ctxt,
>> + u64 vm_handle)
>> +{
>> + DECLARE_REG(u32, flags, ctxt, 2);
>> +
>> + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0];
>> +
>> + if (vm_handle != HOST_FFA_ID) {
>> + ffa_to_smccc_error(res, FFA_RET_INVALID_PARAMETERS);
>> + return;
>> + }
>
> Sorry, but this isn't what I had in mind. 'vm_handle' is just a local
> variable and the only caller passes HOST_FFA_ID, so this isn't really
> achieving anything.
>
> What you had in v4 dropped the 'vm_handle' argument entirely, which I
> think is the right thing to do. However, the FF-A spec encodes the sender
> ID in bits 31:16 of register W1 and so _that_ is what I think we should
> be checking because _that_ is what the receiver will see.
I should have read your feedback more closely and checked against the
spec. I will add a new mask for bits 31:16 to check sender ID against
HOST_FFA_ID. Sorry to waste a review cycle and your attention on this.
> Honestly, we could avoid quite a lot of these review cycles if you
> actually replied to my emails on the list instead of just responding
> with a new patch series each time. It's supposed to be a technical
> discussion...
Acknowledged; will do! Apologies for the very late reply.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH v5 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 in host handler
2026-01-21 8:27 [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay
2026-01-21 8:27 ` [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay
@ 2026-01-21 8:27 ` Per Larsen via B4 Relay
2026-04-30 21:40 ` [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Yeoreum Yun
2 siblings, 0 replies; 7+ messages in thread
From: Per Larsen via B4 Relay @ 2026-01-21 8:27 UTC (permalink / raw)
To: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Will Deacon, Yeoreum Yun, Ben Horgan,
Oliver Upton
Cc: Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel, Per Larsen
From: Per Larsen <perlarsen@google.com>
FF-A 1.2 adds the DIRECT_REQ2 messaging interface which is similar to
the existing FFA_MSG_SEND_DIRECT_{REQ,RESP} functions and can use the
existing handler function. Add support for FFA_MSG_SEND_DIRECT_REQ2 in
the host ffa handler.
Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
Signed-off-by: Per Larsen <perlarsen@google.com>
---
arch/arm64/kvm/hyp/nvhe/ffa.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c
index 9967916278a7ca051500946ef2fcfe7bb40e0e8d..17b92f7faaf68e56aef0ebbe58710b7485a87231 100644
--- a/arch/arm64/kvm/hyp/nvhe/ffa.c
+++ b/arch/arm64/kvm/hyp/nvhe/ffa.c
@@ -684,11 +684,12 @@ static bool ffa_call_supported(u64 func_id)
case FFA_NOTIFICATION_GET:
case FFA_NOTIFICATION_INFO_GET:
/* Optional interfaces added in FF-A 1.2 */
- case FFA_MSG_SEND_DIRECT_REQ2: /* Optional per 7.5.1 */
case FFA_MSG_SEND_DIRECT_RESP2: /* Optional per 7.5.1 */
case FFA_CONSOLE_LOG: /* Optional per 13.1: not in Table 13.1 */
case FFA_PARTITION_INFO_GET_REGS: /* Optional for virtual instances per 13.1 */
return false;
+ case FFA_MSG_SEND_DIRECT_REQ2: /* Optional per 7.5.1 */
+ return hyp_ffa_version >= FFA_VERSION_1_2;
}
return true;
@@ -866,6 +867,7 @@ static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res,
struct kvm_cpu_context *ctxt,
u64 vm_handle)
{
+ DECLARE_REG(u64, func_id, ctxt, 0);
DECLARE_REG(u32, flags, ctxt, 2);
struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0];
@@ -875,8 +877,12 @@ static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res,
return;
}
- /* filter out framework messages and validate SBZ/MBZ bits */
- if (flags) {
+ /*
+ * filter out framework messages and validate SBZ/MBZ flag bits.
+ * FFA_MSG_SEND_DIRECT_REQ2 implies flag-less partition message.
+ */
+ if ((func_id == FFA_MSG_SEND_DIRECT_REQ ||
+ func_id == FFA_FN64_MSG_SEND_DIRECT_REQ) && flags) {
ffa_to_smccc_error(res, FFA_RET_INVALID_PARAMETERS);
return;
}
@@ -942,6 +948,10 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
case FFA_PARTITION_INFO_GET:
do_ffa_part_get(&res, host_ctxt);
goto out_handled;
+ case FFA_MSG_SEND_DIRECT_REQ2:
+ if (!ffa_call_supported(func_id))
+ goto out_not_supported;
+ fallthrough;
case FFA_MSG_SEND_DIRECT_REQ:
case FFA_FN64_MSG_SEND_DIRECT_REQ:
do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID);
@@ -951,6 +961,7 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id)
if (ffa_call_supported(func_id))
return false; /* Pass through */
+out_not_supported:
ffa_to_smccc_error(&res, FFA_RET_NOT_SUPPORTED);
out_handled:
ffa_set_retval(host_ctxt, &res);
--
2.52.0.457.g6b5491de43-goog
^ permalink raw reply related [flat|nested] 7+ messages in thread* Re: [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces
2026-01-21 8:27 [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay
2026-01-21 8:27 ` [PATCH v5 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay
2026-01-21 8:27 ` [PATCH v5 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 " Per Larsen via B4 Relay
@ 2026-04-30 21:40 ` Yeoreum Yun
2026-05-01 2:30 ` Per Larsen
2 siblings, 1 reply; 7+ messages in thread
From: Yeoreum Yun @ 2026-04-30 21:40 UTC (permalink / raw)
To: perlarsen
Cc: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Will Deacon, Ben Horgan, Oliver Upton,
Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel
Hi Per,
May I ask how this patch is progressing?
Thanks!
> Support FFA_MSG_SEND_DIRECT_REQ unconditionally.
> Support FFA_MSG_SEND_DIRECT_REQ2 if hypervisor negotiated version 1.2+.
>
> Framework messages (FF-A control plane) are filtered out. For
> FFA_MSG_SEND_DIRECT_REQ, we look at flags in w2. Messages using the REQ2
> interface are always partition messages.
>
> The second patch was part of a previous patch set [0] but was dropped
> since the use case was unclear. A clear use case has now appeared: use
> TPM device with CRB over FF-A when kernel boots with pkvm [1].
>
> Tested by booting Android under QEMU.
>
> Best Regards,
> Per
>
> [0]: https://lore.kernel.org/all/20250730-virtio-msg-ffa-v9-0-7f1b55c8d149@google.com/
> [1]: https://lore.kernel.org/all/20251027191729.1704744-1-yeoreum.yun@arm.com/
>
>
> Signed-off-by: Per Larsen <perlarsen@google.com>
> ---
> Changes in v5:
> - 1/2: do_ffa_direct_msg: validate that sender is HOST_FFA_ID.
> - Link to v4: https://lore.kernel.org/r/20260109-host-direct-messages-v4-0-95da4221d186@google.com
>
> Changes in v4:
> - 1/2: do_ffa_direct_msg: check that flag in w2 is zero; drop unused vm_handle parameter.
> - 2/2: ffa_call_supported: simplify logic by reordering cases.
> - do_ffa_direct_msg: switch polarity of check and update comment.
> - Link to v3: https://lore.kernel.org/r/20251119-host-direct-messages-v3-0-c74d04944b26@google.com
>
> Changes in v3:
> - Filter out framework messages as suggested by Will Deacon. Update cover letter accordingly.
> - Update trailers: Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
> - Link to v2: https://lore.kernel.org/r/20251030-host-direct-messages-v2-0-9f27cef36730@google.com
>
> Changes in v2:
> - 1/2: Drop support for FFA_ID_GET interface in host handler.
> - Link to v1: https://lore.kernel.org/r/20251030-host-direct-messages-v1-0-463e57871c8f@google.com
>
> ---
> Per Larsen (1):
> KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 in host handler
>
> Sebastian Ene (1):
> KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
>
> arch/arm64/kvm/hyp/nvhe/ffa.c | 39 ++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 38 insertions(+), 1 deletion(-)
> ---
> base-commit: 6c790212c588fddeb0d852f2790840753bb604b1
> change-id: 20251029-host-direct-messages-5201d7f55abd
>
> Best regards,
> --
> Per Larsen <perlarsen@google.com>
>
>
--
Sincerely,
Yeoreum Yun
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces
2026-04-30 21:40 ` [PATCH v5 0/2] KVM: arm64: Support FF-A direct messaging interfaces Yeoreum Yun
@ 2026-05-01 2:30 ` Per Larsen
0 siblings, 0 replies; 7+ messages in thread
From: Per Larsen @ 2026-05-01 2:30 UTC (permalink / raw)
To: Yeoreum Yun, perlarsen
Cc: Marc Zyngier, Joey Gouly, Suzuki K Poulose, Zenghui Yu,
Catalin Marinas, Will Deacon, Ben Horgan, Oliver Upton,
Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel
Hi Yeoreum,
Sorry to keep you waiting; I'm addressing v5 feedback now.
Per
On 4/30/26 2:40 PM, Yeoreum Yun wrote:
> Hi Per,
>
> May I ask how this patch is progressing?
>
> Thanks!
>
>> Support FFA_MSG_SEND_DIRECT_REQ unconditionally.
>> Support FFA_MSG_SEND_DIRECT_REQ2 if hypervisor negotiated version 1.2+.
>>
>> Framework messages (FF-A control plane) are filtered out. For
>> FFA_MSG_SEND_DIRECT_REQ, we look at flags in w2. Messages using the REQ2
>> interface are always partition messages.
>>
>> The second patch was part of a previous patch set [0] but was dropped
>> since the use case was unclear. A clear use case has now appeared: use
>> TPM device with CRB over FF-A when kernel boots with pkvm [1].
>>
>> Tested by booting Android under QEMU.
>>
>> Best Regards,
>> Per
>>
>> [0]: https://lore.kernel.org/all/20250730-virtio-msg-ffa-v9-0-7f1b55c8d149@google.com/
>> [1]: https://lore.kernel.org/all/20251027191729.1704744-1-yeoreum.yun@arm.com/
>>
>>
>> Signed-off-by: Per Larsen <perlarsen@google.com>
>> ---
>> Changes in v5:
>> - 1/2: do_ffa_direct_msg: validate that sender is HOST_FFA_ID.
>> - Link to v4: https://lore.kernel.org/r/20260109-host-direct-messages-v4-0-95da4221d186@google.com
>>
>> Changes in v4:
>> - 1/2: do_ffa_direct_msg: check that flag in w2 is zero; drop unused vm_handle parameter.
>> - 2/2: ffa_call_supported: simplify logic by reordering cases.
>> - do_ffa_direct_msg: switch polarity of check and update comment.
>> - Link to v3: https://lore.kernel.org/r/20251119-host-direct-messages-v3-0-c74d04944b26@google.com
>>
>> Changes in v3:
>> - Filter out framework messages as suggested by Will Deacon. Update cover letter accordingly.
>> - Update trailers: Reviewed-by: Yeoreum Yun <yeoreum.yun@arm.com>
>> - Link to v2: https://lore.kernel.org/r/20251030-host-direct-messages-v2-0-9f27cef36730@google.com
>>
>> Changes in v2:
>> - 1/2: Drop support for FFA_ID_GET interface in host handler.
>> - Link to v1: https://lore.kernel.org/r/20251030-host-direct-messages-v1-0-463e57871c8f@google.com
>>
>> ---
>> Per Larsen (1):
>> KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 in host handler
>>
>> Sebastian Ene (1):
>> KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
>>
>> arch/arm64/kvm/hyp/nvhe/ffa.c | 39 ++++++++++++++++++++++++++++++++++++++-
>> 1 file changed, 38 insertions(+), 1 deletion(-)
>> ---
>> base-commit: 6c790212c588fddeb0d852f2790840753bb604b1
>> change-id: 20251029-host-direct-messages-5201d7f55abd
>>
>> Best regards,
>> --
>> Per Larsen <perlarsen@google.com>
>>
>>
>
^ permalink raw reply [flat|nested] 7+ messages in thread