Viresh, as a first step we could follow the approach used in the Trusty driver with a vendor-specific secure heap which is FFA-aware and can select LEND on specific buffers as well as setting the FFA tag.

On Wed, Jan 28, 2026 at 7:01 AM Viresh Kumar <viresh.kumar@linaro.org> wrote:

On Wed, 28 Jan 2026 at 19:59, Arnd Bergmann <arnd@linaro.org> wrote:
> If I understand you correctly, I think you need a dmabuf object that is
> mapped neither into the kernel nor into userspace, and to me that sounds
> like you should not be using the system heap for that, since that
> remains mapped into the kernel and is accessible from userspace
> as well.

That is doable with the help of a custom heap. Not an issue.

> The dma_map_sgtable() call in turn does not have to know about
> LEND vs SHARE, as all it does is map the memory into a bus
> address that can be shared with the firmware.

The FFA memory share interface has a different interface for LEND, and
so I need to distinguish LEND vs SHARE there as well in device specific dma-ops.

--
Viresh