On 28-01-26, 07:41, Armelle Laine wrote:
> Viresh, as a first step we could follow the approach used in the Trusty
> driver with a vendor-specific secure heap which is FFA-aware and can select
> LEND on specific buffers as well as setting the FFA tag.
If the heap can be FFA aware, it can make direct FFA calls and doesn't
need to use dma-ops of the virtio-msg device (Vsock). This is exactly
what I did in the very first implementation. This will work.
Bertrand, rightly, objected to it and suggested to use the dma-ops
instead so we can have a unified path to making FFA share operations.
So until we get a proper solution to this, we can do:
- SHARE via system heap (with my current solution)
- LEND via FFA aware heap (won't upstream)
We also need to support "SEND_SECURE" when the FFA handle already exists.
Shouldn't the heap rather be virtio-msg-ffa aware? wouldn't the heap also be responsible to invoke "FFA_BUS_MSG_AREA_SHARE" with both the FFA handle and the tag (for LEND or SEND_SECURE cases)?
Lets see if someone can suggest something else in the meantime.
--
viresh