Hi Bertrand, On Tue, Feb 3, 2026 at 6:38 PM Bertrand Marquis <[email protected]> wrote: > > FFA_RXTX_MAP builds a descriptor for the SPMC and the composite region > offsets must be 8-byte aligned. Xen currently uses a 12-byte header > size, which produces misaligned RX/TX offsets. Mapping failures also > return INVALID_PARAMETERS even when the failure is due to resource > exhaustion, which misreports the error condition. > > Round the descriptor header size up to 8 bytes before placing the RX > region and derive the TX offset from the aligned RX offset. Return > FFA_RET_NO_MEMORY when the TX or RX buffer mapping fails before the > error paths unwind. > > Functional impact: RXTX_MAP now returns NO_MEMORY on mapping failures > and the SPMC receives an aligned RX/TX descriptor layout. > > Signed-off-by: Bertrand Marquis <[email protected]> > --- > xen/arch/arm/tee/ffa_rxtx.c | 13 ++++++++++--- > 1 file changed, 10 insertions(+), 3 deletions(-)
Looks good: Reviewed-by: Jens Wiklander <[email protected]> Cheers, Jens > > diff --git a/xen/arch/arm/tee/ffa_rxtx.c b/xen/arch/arm/tee/ffa_rxtx.c > index 50758fb57cdf..eff95a7955d7 100644 > --- a/xen/arch/arm/tee/ffa_rxtx.c > +++ b/xen/arch/arm/tee/ffa_rxtx.c > @@ -119,11 +119,17 @@ int32_t ffa_handle_rxtx_map(uint32_t fid, register_t > tx_addr, > > tx = __map_domain_page_global(tx_pg); > if ( !tx ) > + { > + ret = FFA_RET_NO_MEMORY; > goto err_put_rx_pg; > + } > > rx = __map_domain_page_global(rx_pg); > if ( !rx ) > + { > + ret = FFA_RET_NO_MEMORY; > goto err_unmap_tx; > + } > > /* > * Transmit the RX/TX buffer information to the SPM if acquire is > supported > @@ -136,7 +142,8 @@ int32_t ffa_handle_rxtx_map(uint32_t fid, register_t > tx_addr, > struct ffa_mem_region *mem_reg; > > /* All must fit in our TX buffer */ > - BUILD_BUG_ON(sizeof(*rxtx_desc) + sizeof(*mem_reg) * 2 + > + BUILD_BUG_ON(ROUNDUP(sizeof(*rxtx_desc), 8) + > + sizeof(*mem_reg) * 2 + > sizeof(struct ffa_address_range) * 2 > > FFA_MAX_RXTX_PAGE_COUNT * FFA_PAGE_SIZE); > > @@ -153,8 +160,8 @@ int32_t ffa_handle_rxtx_map(uint32_t fid, register_t > tx_addr, > */ > rxtx_desc->sender_id = ffa_get_vm_id(d); > rxtx_desc->reserved = 0; > - rxtx_desc->rx_region_offs = sizeof(*rxtx_desc); > - rxtx_desc->tx_region_offs = sizeof(*rxtx_desc) + > + rxtx_desc->rx_region_offs = ROUNDUP(sizeof(*rxtx_desc), 8); > + rxtx_desc->tx_region_offs = rxtx_desc->rx_region_offs + > offsetof(struct ffa_mem_region, > address_range_array[1]); > > -- > 2.50.1 (Apple Git-155) >
