From 7368dfbdb85f04a4774ce7afb56f09709d9cd368 Mon Sep 17 00:00:00 2001 From: Sebastian Ene Date: Wed, 4 Jun 2025 15:44:52 +0000 Subject: [PATCH] ANDROID: KVM: arm64: Use the correct handle during ff-a transfer Fix the handle creation when the caller is using the fragmentation API. The returned registers w2 and w3 have a different purpose when the caller is using the memory sharing for the fragmentation API and they are defined in 4.1.2.4 FFA_MEM_FRAG_RX (DEN0140 FF-A 1.3): - w3 represent a byte offset - w2 part of the handle Use the w1 and w2 to construct the handle when fragmentation API is used and w2 and w3 when an individual memory transaction is sent. Bug: 269285339 Bug: 278749606 Change-Id: Ia39507653440de450048dca488c720c0af04cf58 Signed-off-by: Sebastian Ene --- arch/arm64/kvm/hyp/nvhe/ffa.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/ffa.c b/arch/arm64/kvm/hyp/nvhe/ffa.c index 6b1e0ac5762e..25d04d63f7b7 100644 --- a/arch/arm64/kvm/hyp/nvhe/ffa.c +++ b/arch/arm64/kvm/hyp/nvhe/ffa.c @@ -609,6 +609,7 @@ static int __do_ffa_mem_xfer(const u64 func_id, u32 offset, nr_ranges; int ret = 0; struct ffa_mem_transfer *transfer = NULL; + u64 ffa_handle; if (addr_mbz || npages_mbz || fraglen > len || fraglen > KVM_FFA_MBOX_NR_PAGES * PAGE_SIZE) { @@ -716,12 +717,16 @@ static int __do_ffa_mem_xfer(const u64 func_id, if (res->a3 != fraglen) goto err_unshare; - } else if (res->a0 != FFA_SUCCESS) { + + ffa_handle = PACK_HANDLE(res->a1, res->a2); + } else if (res->a0 == FFA_SUCCESS) { + ffa_handle = PACK_HANDLE(res->a2, res->a3); + } else { goto err_unshare; } if (hyp_vcpu && transfer) { - transfer->ffa_handle = PACK_HANDLE(res->a2, res->a3); + transfer->ffa_handle = ffa_handle; list_add(&transfer->node, &ffa_buf->xfer_list); }