[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v4 5/5] xen/arm: ffa: Enable VM to VM without firmware
- To: Julien Grall <julien@xxxxxxx>
- From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
- Date: Thu, 27 Mar 2025 08:37:01 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=arm.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EmkhyCtEOEhLBaybFLIZ4HYsv7SNKTd41UY4xdvR9Jg=; b=pFIxAkJu+0EeN3AFNWO+10kuXYlQ/wugh7m8WBxOain80dIM8LtikNHwjYtk6HyC78GwcvplHQ7+2TCr8iSc859GODsvYKsBJu2CM5lhKZmKFDZtc0disk0paqtf9JxxmGrWC7NlyNPL5720Du+C6T0eeQpDHvV933o99c9Z4AkC3x1nBbZTFzjsmI69KIRUV0mO65RAjrUljrZZBP4kW9nrXtzeecdKwDIGLCtrdZIVJvYvELVa+w5OJTqEXsGlseTAe0I1EObJuZl40Tcoh1kdXqhi7t1OHAawdyqV5SRm7wqib8ksktCWUrPc/N7XJbVWWNDXNVsoBAmMg34nJg==
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EmkhyCtEOEhLBaybFLIZ4HYsv7SNKTd41UY4xdvR9Jg=; b=kdI0HDUdkg8fHmPdWClVJE7Glx0CMhTKnDqrwoiMPAxmKgjfwKfypuJx2WHbDoPPmFdrc21fxb9gAinpRcDbxWwPLKrAkFI1/RuezXWYPqE3zVJAO1Zr7YnKjnsZ/KwnZRcMOqaFCxu6fnMtats8oHu47AKr/mnvLvFYfwTjz7DhT7ZpU4YlHrmXbA4Y6pY4RQaWV17U6QviiWJFP5yWvA2TGAp3Lvv9TO2ZSz/jS7m0RVpI6fVn0DacOaK2VPLEed1KCJhOw7zqBn3nWdf8SCK44pdUxbgOip40I8bhtyE5RfAm6W7NKR8IBMW2SG0mYqthz8QnApZBnJ3jq7DJaw==
- Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=pLl/m+/vETEnEtI3Y1nXgSKEdNve8eHeay7y9OMqfNZQWtL3IgLmdIrw2D0c1DPgGwLASBTFUwU9tzcmMyILIY8AXZ+wCftVpE0ORdznI3ogss2Slj64vXpcaps4Xs7U0snE7GL80x7vFEqo25E7uOOpiIjfu0ATtiwRlTXOQbIx7njA5pCiTbvPw3n8JTjD4O7wWvqXrcHA/AlDsyJdOtwSF+/0A5a6/1uVytgy3Uvc6SJ0cV21vNbh8Wyhv50qU2yBGtrdWoYtGHNSztAGZvhVvn/xJbi/vvqGgpcA5NyjN+TfUmslduYQmEqTXGCoGIF7K2VmN7THSFpn7LgBkw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=TDLJjxnj8zptLmZ8T+tmmgBrLlm1xxNhiETScdf+G821hiL5NcoeH0K6giFVnXUrKMt2FoiIX2HXP8cCZN5nur25M81eGdh2h4K8cWOHHgrhq1srq8HjQrJlJTMmLNiyQDMik0qUkssFh2xE018MEKD6Jysor6yPdHoC4SNkOca6updsfv5vPDRbYyKyqMt+SjSuA0LiGy+Y7JiLqd+s+PoHeUWadrSMcJ7YYWjvudb+9Oa29fIEEZMjb7kReUHBryzgtm6NxpBiSJPja4QZv1h5GOisLjU4Rdgg5qWroCFW3qV4bXaPXsYX1J+Nv6TxVz/05x3+8VZMoWubi/72oA==
- Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "jens.wiklander@xxxxxxxxxx" <jens.wiklander@xxxxxxxxxx>, Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>
- Delivery-date: Thu, 27 Mar 2025 08:37:23 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Nodisclaimer: true
- Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Thread-index: AQHbnMQpJ/OSxu9MyEmYd5oQRaZ927OGF78AgACVfQA=
- Thread-topic: [PATCH v4 5/5] xen/arm: ffa: Enable VM to VM without firmware
Hi Julien,
> On 27 Mar 2025, at 00:41, Julien Grall <julien@xxxxxxx> wrote:
>
> Hi Bertrand,
>
> On 24/03/2025 13:53, Bertrand Marquis wrote:
>> When VM to VM support is activated and there is no suitable FF-A support
>> in the firmware, enable FF-A support for VMs to allow using it for VM to
>> VM communications.
>
> tee/ and the callbacks associated are meant to be used for mediatiors. My
> current interpretation ist this is only meant to interpose between a guest
> and physical resources. Here you are extending the meaning to "virtual TEE".
> I am sort of ok with that but ...
I see what you mean but FF-A will not only be used to communicate with TEE
(even if the primary use case right now is this one, including have it in a VM
instead of the secure world).
>
>> If there is OP-TEE running in the secure world and using the non FF-A
>> communication system, having CONFIG_FFA_VM_TO_VM could be non functional
>> (if optee is probed first) or OP-TEE could be non functional (if FF-A is
>> probed first) so it is not recommended to activate the configuration
>> option for such systems.
>
> ... this part is concerning me. You should be able to build with
> CONFIG_FFA_VM_TO_VM and still boot when OP-TEE is present on the system. This
> is not too critical now as this is tech preview but this is definitely a
> blocker for making FFA supported. Can this be mentioned at the top of the
> ffa.c file (which already contains existing blocker)?
OP-TEE supports FF-A and in fact should be switched to using it by default as
it allows it to run in parallel of other TEEs in the secure world or have FF-A
compliant SPs running on top of OP-TEE.
More and more you will see FF-A popping up as a recommended (or required) part
of the firmware features.
So the only reason to use OP-TEE without FF-A is if you have an old OP-TEE in
which case your firmware will not support FF-A and using it between VMs is
probably not required.
>
> Also, given this would expose a fully virtual TEE, we should be able to have
> a system where you have some VMs talking FFA and some using the physical
> OPTEE (or another TEE). Whether we want to support it is a different question
> but this design would prevent it. Is this intended?
Right now i would say this is definitely not something we need as part of the
tech preview as anybody using this feature in Xen would use an OP-TEE with FF-A
support.
But from Xen point of view, we should (if we can) support running on old
systems with an existing OP-TEE but still use FF-A between VMs.
This has some consequences on how the tee mediator and FF-A support is designed
and I will definitely give it some thoughts (primary idea would be to decouple
FF-A with secure as mediator to FF-A between VMs somehow).
For the review side of things, am I right to understand from your comments that
this ok for now as tech-preview ?
Cheers
Bertrand
>
> Cheers,
>
> --
> Julien Grall
>
|