1. Patchew
  2. Xen
  3. View series

[PATCH v2 00/12] xen/arm: ffa: v1.2 improvements

Bertrand Marquis posted 12 patches 2 months ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/cover.1770826406.git.bertrand.marquis@arm.com
xen/arch/arm/tee/ffa.c          | 127 +++++++++++++++---
xen/arch/arm/tee/ffa_msg.c      |  80 ++++++++---
xen/arch/arm/tee/ffa_notif.c    |  11 +-
xen/arch/arm/tee/ffa_partinfo.c |  29 ++--
xen/arch/arm/tee/ffa_private.h  |  34 ++++-
xen/arch/arm/tee/ffa_rxtx.c     |  80 +++++++++--
xen/arch/arm/tee/ffa_shm.c      | 226 ++++++++++++++++++++++----------
7 files changed, 450 insertions(+), 137 deletions(-)
[PATCH v2 00/12] xen/arm: ffa: v1.2 improvements
Posted by Bertrand Marquis 2 months ago 
This series tightens Xen's FF-A mediator after the v1.2 enablement work,
focusing on correctness, validation, and diagnostics while keeping
existing v1.0/v1.1 guests working.

Hardening and validation (Patches 1-3):
  1) centralize endpoint lookup validation for messaging paths
  2) reject NS MEM_SHARE attributes and name normal memory encoding
  3) tighten MEM_SHARE page parsing with overflow/alignment checks

FF-A 1.2 support (Patch 4):
  4) accept 1.2 EMADs in MEM_SHARE and forward IMPDEF while allowing 1.1 layouts

Correctness fixes (Patches 5-9):
  5) avoid spurious SPMC RX releases on PARTINFO failures
  6) align RX/TX map descriptor layout and return NO_MEMORY on map failures
  7) deny RXTX_UNMAP while a VM owns the RX buffer and close the race
  8) validate FFA_FEATURES properties and gate ABIs, with RX_ACQUIRE workaround
  9) gate SEND2 SP support on RX_ACQUIRE

Code quality and diagnostics (Patches 10-12):
  10) reduce log noise and ratelimit expected failures
  11) add MEM_SHARE page diagnostics for malformed ranges and mapping issues
  12) add message parameter diagnostics for SEND2 and direct requests

Backward compatibility: v1.0/v1.1 guests continue to use their ABI unchanged;
v1.2 guests use EMADs and negotiated ABI features.

The implementation passes the FF-A Architecture Compliance Suite.

This serie was validated through gitlab-ci here:
https://gitlab.com/xen-project/people/bmarquis/xen-ffa-research/-/tree/ffa-v12-improve/v2
Build pipeline for the serie:
https://gitlab.com/xen-project/people/bmarquis/xen-ffa-research/-/pipelines/2319853458

Changes since v1:
- Handle review comments, details in each patch
- add Jens R-b on reviewed patches

Bertrand Marquis (12):
  xen/arm: ffa: Add endpoint lookup helper
  xen/arm: ffa: Fix MEM_SHARE NS attribute handling
  xen/arm: ffa: Harden shm page parsing
  xen/arm: ffa: Add FF-A 1.2 endpoint memory access descriptors
  xen/arm: ffa: Fix PARTINFO RX release errors
  xen/arm: ffa: Fix RX/TX map layout and errors
  xen/arm: ffa: Fix RXTX_UNMAP ownership race
  xen/arm: ffa: Fix FFA_FEATURES validation
  xen/arm: ffa: Fix SEND2 SP support gating
  xen/arm: ffa: Reduce logging noise
  xen/arm: ffa: Add MEM_SHARE page diagnostics
  xen/arm: ffa: Add message parameter diagnostics

 xen/arch/arm/tee/ffa.c          | 127 +++++++++++++++---
 xen/arch/arm/tee/ffa_msg.c      |  80 ++++++++---
 xen/arch/arm/tee/ffa_notif.c    |  11 +-
 xen/arch/arm/tee/ffa_partinfo.c |  29 ++--
 xen/arch/arm/tee/ffa_private.h  |  34 ++++-
 xen/arch/arm/tee/ffa_rxtx.c     |  80 +++++++++--
 xen/arch/arm/tee/ffa_shm.c      | 226 ++++++++++++++++++++++----------
 7 files changed, 450 insertions(+), 137 deletions(-)

-- 
2.52.0

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.