Commit d66e50be authored by Vincent Donnefort's avatar Vincent Donnefort Committed by Marc Zyngier

KVM: arm64: FFA: Release hyp rx buffer

According to the FF-A spec (Buffer states and ownership), after a
producer has written into a buffer, it is "full" and now owned by the
consumer. The producer won't be able to use that buffer, until the
consumer hands it over with an invocation such as RX_RELEASE.

It is clear in the following paragraph (Transfer of buffer ownership),
that MEM_RETRIEVE_RESP is transferring the ownership from producer (in
our case SPM) to consumer (hypervisor). RX_RELEASE is therefore
mandatory here.

It is less clear though what is happening with MEM_FRAG_TX. But this
invocation, as a response to MEM_FRAG_RX writes into the same hypervisor
RX buffer (see paragraph "Transmission of transaction descriptor in
fragments"). Also this is matching the TF-A implementation where the RX
buffer is marked "full" during a MEM_FRAG_RX.

Release the RX hypervisor buffer in those two cases. This will unblock
later invocations using this buffer which would otherwise fail.
(RETRIEVE_REQ, MEM_FRAG_RX and PARTITION_INFO_GET).
Signed-off-by: default avatarVincent Donnefort <vdonnefort@google.com>
Reviewed-by: default avatarSudeep Holla <sudeep.holla@arm.com>
Link: https://lore.kernel.org/r/20240611175317.1220842-1-vdonnefort@google.comSigned-off-by: default avatarMarc Zyngier <maz@kernel.org>
parent 0d92e4a7
...@@ -177,6 +177,14 @@ static void ffa_retrieve_req(struct arm_smccc_res *res, u32 len) ...@@ -177,6 +177,14 @@ static void ffa_retrieve_req(struct arm_smccc_res *res, u32 len)
res); res);
} }
static void ffa_rx_release(struct arm_smccc_res *res)
{
arm_smccc_1_1_smc(FFA_RX_RELEASE,
0, 0,
0, 0, 0, 0, 0,
res);
}
static void do_ffa_rxtx_map(struct arm_smccc_res *res, static void do_ffa_rxtx_map(struct arm_smccc_res *res,
struct kvm_cpu_context *ctxt) struct kvm_cpu_context *ctxt)
{ {
...@@ -543,16 +551,19 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res, ...@@ -543,16 +551,19 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res,
if (WARN_ON(offset > len || if (WARN_ON(offset > len ||
fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE)) { fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE)) {
ret = FFA_RET_ABORTED; ret = FFA_RET_ABORTED;
ffa_rx_release(res);
goto out_unlock; goto out_unlock;
} }
if (len > ffa_desc_buf.len) { if (len > ffa_desc_buf.len) {
ret = FFA_RET_NO_MEMORY; ret = FFA_RET_NO_MEMORY;
ffa_rx_release(res);
goto out_unlock; goto out_unlock;
} }
buf = ffa_desc_buf.buf; buf = ffa_desc_buf.buf;
memcpy(buf, hyp_buffers.rx, fraglen); memcpy(buf, hyp_buffers.rx, fraglen);
ffa_rx_release(res);
for (fragoff = fraglen; fragoff < len; fragoff += fraglen) { for (fragoff = fraglen; fragoff < len; fragoff += fraglen) {
ffa_mem_frag_rx(res, handle_lo, handle_hi, fragoff); ffa_mem_frag_rx(res, handle_lo, handle_hi, fragoff);
...@@ -563,6 +574,7 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res, ...@@ -563,6 +574,7 @@ static void do_ffa_mem_reclaim(struct arm_smccc_res *res,
fraglen = res->a3; fraglen = res->a3;
memcpy((void *)buf + fragoff, hyp_buffers.rx, fraglen); memcpy((void *)buf + fragoff, hyp_buffers.rx, fraglen);
ffa_rx_release(res);
} }
ffa_mem_reclaim(res, handle_lo, handle_hi, flags); ffa_mem_reclaim(res, handle_lo, handle_hi, flags);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment