ANDROID: KVM: arm64: Use the correct handle during ff-a transfer

Fix the handle creation when the caller is using the
fragmentation API. The returned registers w2 and w3
have a different purpose when the caller is using the
memory sharing for the fragmentation API and they are
defined in 4.1.2.4 FFA_MEM_FRAG_RX (DEN0140 FF-A 1.3):
 - w3 represent a byte offset
 - w2 part of the handle
Use the w1 and w2 to construct the handle when
fragmentation API is used and w2 and w3 when an
individual memory transaction is sent.

Bug: 269285339
Bug: 278749606
Change-Id: Ia39507653440de450048dca488c720c0af04cf58
Signed-off-by: Sebastian Ene <sebastianene@google.com>

arch/arm64/kvm/hyp/nvhe/ffa.c

@@ -609,6 +609,7 @@ static int __do_ffa_mem_xfer(const u64 func_id,
 	u32 offset, nr_ranges;
 	int ret = 0;
 	struct ffa_mem_transfer *transfer = NULL;
+	u64 ffa_handle;
 
 	if (addr_mbz || npages_mbz || fraglen > len ||
 	    fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE) {
@@ -716,12 +717,16 @@ static int __do_ffa_mem_xfer(const u64 func_id,
 
 		if (res->a3 != fraglen)
 			goto err_unshare;
-	} else if (res->a0 != FFA_SUCCESS) {
+
+		ffa_handle = PACK_HANDLE(res->a1, res->a2);
+	} else if (res->a0 == FFA_SUCCESS) {
+		ffa_handle = PACK_HANDLE(res->a2, res->a3);
+	} else {
 		goto err_unshare;
 	}
 
 	if (hyp_vcpu && transfer) {
-		transfer->ffa_handle = PACK_HANDLE(res->a2, res->a3);
+		transfer->ffa_handle = ffa_handle;
 		list_add(&transfer->node, &ffa_buf->xfer_list);
 	}