* [PATCH 0/2] KVM: arm64: Support FF-A direct messaging interfaces
@ 2025-10-30 12:29 Per Larsen via B4 Relay
2025-10-30 12:29 ` [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay
2025-10-30 12:29 ` [PATCH 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 " Per Larsen via B4 Relay
0 siblings, 2 replies; 6+ messages in thread
From: Per Larsen via B4 Relay @ 2025-10-30 12:29 UTC (permalink / raw)
To: Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose,
Zenghui Yu, Catalin Marinas, Will Deacon, Yeoreum Yun, Ben Horgan
Cc: Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm,
linux-kernel, Per Larsen
Support FFA_MSG_SEND_DIRECT_REQ unconditionally.
Support FFA_MSG_SEND_DIRECT_REQ2 if hypervisor negotiated version 1.2+.
The second patch was part of a previous patch set [0] but was dropped
since the use case was unclear. A clear use case has now appeared [1].
Tested by booting Android under QEMU.
Best Regards,
Per
[0]: https://lore.kernel.org/all/20250730-virtio-msg-ffa-v9-0-7f1b55c8d149@google.com/
[1]: https://lore.kernel.org/all/20251027191729.1704744-1-yeoreum.yun@arm.com/
Signed-off-by: Per Larsen <perlarsen@google.com>
---
Per Larsen (1):
KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 in host handler
Sebastian Ene (1):
KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler
arch/arm64/kvm/hyp/nvhe/ffa.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
---
base-commit: e53642b87a4f4b03a8d7e5f8507fc3cd0c595ea6
change-id: 20251029-host-direct-messages-5201d7f55abd
Best regards,
--
Per Larsen <perlarsen@google.com>
^ permalink raw reply [flat|nested] 6+ messages in thread* [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler 2025-10-30 12:29 [PATCH 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay @ 2025-10-30 12:29 ` Per Larsen via B4 Relay 2025-10-30 13:48 ` Yeoreum Yun 2025-10-30 12:29 ` [PATCH 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 " Per Larsen via B4 Relay 1 sibling, 1 reply; 6+ messages in thread From: Per Larsen via B4 Relay @ 2025-10-30 12:29 UTC (permalink / raw) To: Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose, Zenghui Yu, Catalin Marinas, Will Deacon, Yeoreum Yun, Ben Horgan Cc: Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm, linux-kernel, Per Larsen From: Sebastian Ene <sebastianene@google.com> Allow direct messages to be forwarded from the host. Signed-off-by: Sebastian Ene <sebastianene@google.com> Signed-off-by: Per Larsen <perlarsen@google.com> --- arch/arm64/kvm/hyp/nvhe/ffa.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c index 4e16f9b96f637599873b16148c6e40cf1210aa3e..191dcb301cca3986758fb6a49f15f1799de9f1d1 100644 --- a/arch/arm64/kvm/hyp/nvhe/ffa.c +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c @@ -857,6 +857,15 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res, hyp_spin_unlock(&host_buffers.lock); } +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res, + struct kvm_cpu_context *ctxt, + u64 vm_handle) +{ + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0]; + + arm_smccc_1_2_smc(args, res); +} + bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) { struct arm_smccc_1_2_regs res; @@ -915,6 +924,13 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) case FFA_PARTITION_INFO_GET: do_ffa_part_get(&res, host_ctxt); goto out_handled; + case FFA_ID_GET: + ffa_to_smccc_res_prop(&res, FFA_RET_SUCCESS, HOST_FFA_ID); + goto out_handled; + case FFA_MSG_SEND_DIRECT_REQ: + case FFA_FN64_MSG_SEND_DIRECT_REQ: + do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID); + goto out_handled; } if (ffa_call_supported(func_id)) -- 2.51.1.851.g4ebd6896fd-goog ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler 2025-10-30 12:29 ` [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay @ 2025-10-30 13:48 ` Yeoreum Yun 2025-10-30 16:18 ` Per Larsen 0 siblings, 1 reply; 6+ messages in thread From: Yeoreum Yun @ 2025-10-30 13:48 UTC (permalink / raw) To: perlarsen Cc: Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose, Zenghui Yu, Catalin Marinas, Will Deacon, Ben Horgan, Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm, linux-kernel Hi Per and Sebasian, > > Allow direct messages to be forwarded from the host. > > Signed-off-by: Sebastian Ene <sebastianene@google.com> > Signed-off-by: Per Larsen <perlarsen@google.com> > --- > arch/arm64/kvm/hyp/nvhe/ffa.c | 16 ++++++++++++++++ > 1 file changed, 16 insertions(+) > > diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c > index 4e16f9b96f637599873b16148c6e40cf1210aa3e..191dcb301cca3986758fb6a49f15f1799de9f1d1 100644 > --- a/arch/arm64/kvm/hyp/nvhe/ffa.c > +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c > @@ -857,6 +857,15 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res, > hyp_spin_unlock(&host_buffers.lock); > } > > +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res, > + struct kvm_cpu_context *ctxt, > + u64 vm_handle) > +{ > + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0]; > + > + arm_smccc_1_2_smc(args, res); > +} > + TBH, I don't have a strong comment for this but, I'm not sure why it is necessary. Since it calls just "smc" with the passed argments, I think it can be handled by default_smc_handler() without adding this function but return the ture for DIRECT MSG2 in ffa_call_support(). Am I missing something? > bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) > { > struct arm_smccc_1_2_regs res; > @@ -915,6 +924,13 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) > case FFA_PARTITION_INFO_GET: > do_ffa_part_get(&res, host_ctxt); > goto out_handled; > + case FFA_ID_GET: > + ffa_to_smccc_res_prop(&res, FFA_RET_SUCCESS, HOST_FFA_ID); > + goto out_handled; I think FFA_ID_GET should be a seperated patch? > + case FFA_MSG_SEND_DIRECT_REQ: > + case FFA_FN64_MSG_SEND_DIRECT_REQ: > + do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID); > + goto out_handled; > } > > if (ffa_call_supported(func_id)) Thanks. -- Sincerely, Yeoreum Yun ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler 2025-10-30 13:48 ` Yeoreum Yun @ 2025-10-30 16:18 ` Per Larsen 2025-10-30 16:52 ` Yeoreum Yun 0 siblings, 1 reply; 6+ messages in thread From: Per Larsen @ 2025-10-30 16:18 UTC (permalink / raw) To: Yeoreum Yun, perlarsen Cc: Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose, Zenghui Yu, Catalin Marinas, Will Deacon, Ben Horgan, Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm, linux-kernel Hi Yeoreum, On 10/30/25 2:48 PM, Yeoreum Yun wrote: > Hi Per and Sebasian, > >> >> Allow direct messages to be forwarded from the host. >> >> Signed-off-by: Sebastian Ene <sebastianene@google.com> >> Signed-off-by: Per Larsen <perlarsen@google.com> >> --- >> arch/arm64/kvm/hyp/nvhe/ffa.c | 16 ++++++++++++++++ >> 1 file changed, 16 insertions(+) >> >> diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c >> index 4e16f9b96f637599873b16148c6e40cf1210aa3e..191dcb301cca3986758fb6a49f15f1799de9f1d1 100644 >> --- a/arch/arm64/kvm/hyp/nvhe/ffa.c >> +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c >> @@ -857,6 +857,15 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res, >> hyp_spin_unlock(&host_buffers.lock); >> } >> >> +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res, >> + struct kvm_cpu_context *ctxt, >> + u64 vm_handle) >> +{ >> + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0]; >> + >> + arm_smccc_1_2_smc(args, res); >> +} >> + > > TBH, I don't have a strong comment for this but, I'm not sure why > it is necessary. > Since it calls just "smc" with the passed argments, > I think it can be handled by default_smc_handler() without adding this > function but return the ture for DIRECT MSG2 in ffa_call_support(). > > Am I missing something? Calling `do_ffa_direct_msg` from the host ffa proxy ensures that the caller has negotiated a FF-A version with the hypervisor first. In turn, this means that `ffa_call_support` can use the negotiated version to decide whether to proxy this interface or not. Moreover, `kvm_host_ffa_handler` currently proxies host FF-A calls. Android also proxies FF-A calls from guest VMs via a similar function: `kvm_guest_ffa_handler` so this function avoids duplication if/when adding a guest proxy. This function is also where one would check FFA IDs before forwarding messages (to prevent spoofing). You can see the downstream implementation here https://android-review.googlesource.com/c/kernel/common/+/3422040. > >> bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) >> { >> struct arm_smccc_1_2_regs res; >> @@ -915,6 +924,13 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) >> case FFA_PARTITION_INFO_GET: >> do_ffa_part_get(&res, host_ctxt); >> goto out_handled; >> + case FFA_ID_GET: >> + ffa_to_smccc_res_prop(&res, FFA_RET_SUCCESS, HOST_FFA_ID); >> + goto out_handled; > > I think FFA_ID_GET should be a seperated patch? Agreed. I've dropped it from this patch set as I don't think we need it.> >> + case FFA_MSG_SEND_DIRECT_REQ: >> + case FFA_FN64_MSG_SEND_DIRECT_REQ: >> + do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID); >> + goto out_handled; >> } >> >> if (ffa_call_supported(func_id)) Thanks,Per ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler 2025-10-30 16:18 ` Per Larsen @ 2025-10-30 16:52 ` Yeoreum Yun 0 siblings, 0 replies; 6+ messages in thread From: Yeoreum Yun @ 2025-10-30 16:52 UTC (permalink / raw) To: Per Larsen Cc: perlarsen, Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose, Zenghui Yu, Catalin Marinas, Will Deacon, Ben Horgan, Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm, linux-kernel Hi, > > > > > > > > Allow direct messages to be forwarded from the host. > > > > > > Signed-off-by: Sebastian Ene <sebastianene@google.com> > > > Signed-off-by: Per Larsen <perlarsen@google.com> > > > --- > > > arch/arm64/kvm/hyp/nvhe/ffa.c | 16 ++++++++++++++++ > > > 1 file changed, 16 insertions(+) > > > > > > diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c > > > index 4e16f9b96f637599873b16148c6e40cf1210aa3e..191dcb301cca3986758fb6a49f15f1799de9f1d1 100644 > > > --- a/arch/arm64/kvm/hyp/nvhe/ffa.c > > > +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c > > > @@ -857,6 +857,15 @@ static void do_ffa_part_get(struct arm_smccc_1_2_regs *res, > > > hyp_spin_unlock(&host_buffers.lock); > > > } > > > > > > +static void do_ffa_direct_msg(struct arm_smccc_1_2_regs *res, > > > + struct kvm_cpu_context *ctxt, > > > + u64 vm_handle) > > > +{ > > > + struct arm_smccc_1_2_regs *args = (void *)&ctxt->regs.regs[0]; > > > + > > > + arm_smccc_1_2_smc(args, res); > > > +} > > > + > > > > TBH, I don't have a strong comment for this but, I'm not sure why > > it is necessary. > > Since it calls just "smc" with the passed argments, > > I think it can be handled by default_smc_handler() without adding this > > function but return the ture for DIRECT MSG2 in ffa_call_support(). > > > > Am I missing something? > Calling `do_ffa_direct_msg` from the host ffa proxy ensures that the caller > has negotiated a FF-A version with the hypervisor first. In turn, > this means that `ffa_call_support` can use the negotiated version to decide > whether to proxy this interface or not. > > Moreover, `kvm_host_ffa_handler` currently proxies host FF-A calls. Android > also proxies FF-A calls from guest VMs via a similar function: > `kvm_guest_ffa_handler` so this function avoids duplication if/when adding a > guest proxy. This function is also where one would check FFA IDs before > forwarding messages (to prevent spoofing). You can see the downstream > implementation here > https://android-review.googlesource.com/c/kernel/common/+/3422040. Thanks for sharing and clarification. [...] Thanks. -- Sincerely, Yeoreum Yun ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 in host handler 2025-10-30 12:29 [PATCH 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay 2025-10-30 12:29 ` [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay @ 2025-10-30 12:29 ` Per Larsen via B4 Relay 1 sibling, 0 replies; 6+ messages in thread From: Per Larsen via B4 Relay @ 2025-10-30 12:29 UTC (permalink / raw) To: Marc Zyngier, Oliver Upton, Joey Gouly, Suzuki K Poulose, Zenghui Yu, Catalin Marinas, Will Deacon, Yeoreum Yun, Ben Horgan Cc: Armelle Laine, Sebastien Ene, linux-arm-kernel, kvmarm, linux-kernel, Per Larsen From: Per Larsen <perlarsen@google.com> FF-A 1.2 adds the DIRECT_REQ2 messaging interface which is similar to the existing FFA_MSG_SEND_DIRECT_{REQ,RESP} functions and can use the existing handler function. Add support for FFA_MSG_SEND_DIRECT_REQ2 in the host ffa handler. Signed-off-by: Per Larsen <perlarsen@google.com> --- arch/arm64/kvm/hyp/nvhe/ffa.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c index 191dcb301cca3986758fb6a49f15f1799de9f1d1..0d91411fd1d0d3fc48d725c51a7f3c77372374be 100644 --- a/arch/arm64/kvm/hyp/nvhe/ffa.c +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c @@ -678,8 +678,10 @@ static bool ffa_call_supported(u64 func_id) case FFA_NOTIFICATION_SET: case FFA_NOTIFICATION_GET: case FFA_NOTIFICATION_INFO_GET: + return false; /* Optional interfaces added in FF-A 1.2 */ case FFA_MSG_SEND_DIRECT_REQ2: /* Optional per 7.5.1 */ + return hyp_ffa_version >= FFA_VERSION_1_2; case FFA_MSG_SEND_DIRECT_RESP2: /* Optional per 7.5.1 */ case FFA_CONSOLE_LOG: /* Optional per 13.1: not in Table 13.1 */ case FFA_PARTITION_INFO_GET_REGS: /* Optional for virtual instances per 13.1 */ @@ -927,6 +929,10 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) case FFA_ID_GET: ffa_to_smccc_res_prop(&res, FFA_RET_SUCCESS, HOST_FFA_ID); goto out_handled; + case FFA_MSG_SEND_DIRECT_REQ2: + if (!ffa_call_supported(func_id)) + goto out_not_supported; + fallthrough; case FFA_MSG_SEND_DIRECT_REQ: case FFA_FN64_MSG_SEND_DIRECT_REQ: do_ffa_direct_msg(&res, host_ctxt, HOST_FFA_ID); @@ -936,6 +942,7 @@ bool kvm_host_ffa_handler(struct kvm_cpu_context *host_ctxt, u32 func_id) if (ffa_call_supported(func_id)) return false; /* Pass through */ +out_not_supported: ffa_to_smccc_error(&res, FFA_RET_NOT_SUPPORTED); out_handled: ffa_set_retval(host_ctxt, &res); -- 2.51.1.851.g4ebd6896fd-goog ^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-10-30 16:53 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2025-10-30 12:29 [PATCH 0/2] KVM: arm64: Support FF-A direct messaging interfaces Per Larsen via B4 Relay 2025-10-30 12:29 ` [PATCH 1/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ in host handler Per Larsen via B4 Relay 2025-10-30 13:48 ` Yeoreum Yun 2025-10-30 16:18 ` Per Larsen 2025-10-30 16:52 ` Yeoreum Yun 2025-10-30 12:29 ` [PATCH 2/2] KVM: arm64: Support FFA_MSG_SEND_DIRECT_REQ2 " Per Larsen via B4 Relay
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox