Hi OP-TEE maintainers,
I found an issue in optee_os related to FFA memory handling across different kernel page sizes.
File: core/arch/arm/mm/mobj_ffa.c Function: mobj_ffa_get_by_cookie()
At the beginning of this function there is a check:
if (internal_offs >= SMALL_PAGE_SIZE) return NULL;
Here, SMALL_PAGE_SIZE is fixed to 4KB. When running with a Linux kernel built with 16K or 64K page sizes (CONFIG_ARM64_16K_PAGES or CONFIG_ARM64_64K_PAGES), this check incorrectly rejects valid offsets. As a result, mobj_ffa_get_by_cookie() returns NULL, which leads to TEE_ERROR_BAD_PARAMETERS during FFA communication (for example when set_fmem_param() calls it).
Impact: - FFA communication fails on systems where the kernel uses 16K or 64K pages. - With 16K becoming more widely adopted (e.g. Google’s standardization), this problem will be more common.
Expected behavior: The function should not assume a fixed 4K page size, but adapt to the actual kernel page size.
Environment: - OP-TEE version: observed in multiple versions including latest master - Platform: ARM64 with FFA enabled - Kernel config: CONFIG_ARM64_16K_PAGES / CONFIG_ARM64_64K_PAGES
Possible fix: - Replace the SMALL_PAGE_SIZE check with a dynamic check based on the kernel’s actual page size, or make the validation configurable.
Please let me know if you need more details. I am happy to test or provide a patch suggestion if that helps.
Best regards, ddrdtdn
Hi,
On Mon, Sep 08, 2025 at 03:35:02PM +0800, 戴睿 wrote:
Hi OP-TEE maintainers,
I found an issue in optee_os related to FFA memory handling across different kernel page sizes.
File: core/arch/arm/mm/mobj_ffa.c Function: mobj_ffa_get_by_cookie()
At the beginning of this function there is a check:
if (internal_offs >= SMALL_PAGE_SIZE) return NULL;
Here, SMALL_PAGE_SIZE is fixed to 4KB. When running with a Linux kernel built with 16K or 64K page sizes (CONFIG_ARM64_16K_PAGES or CONFIG_ARM64_64K_PAGES), this check incorrectly rejects valid offsets. As a result, mobj_ffa_get_by_cookie() returns NULL, which leads to TEE_ERROR_BAD_PARAMETERS during FFA communication (for example when set_fmem_param() calls it).
Impact:
- FFA communication fails on systems where the kernel uses 16K or 64K pages.
- With 16K becoming more widely adopted (e.g. Google’s standardization), this problem will be more common.
Expected behavior: The function should not assume a fixed 4K page size, but adapt to the actual kernel page size.
Environment:
- OP-TEE version: observed in multiple versions including latest master
- Platform: ARM64 with FFA enabled
- Kernel config: CONFIG_ARM64_16K_PAGES / CONFIG_ARM64_64K_PAGES
Possible fix:
- Replace the SMALL_PAGE_SIZE check with a dynamic check based on the kernel’s actual page size,
or make the validation configurable.
I don't think it is an OP-TEE bug as of now but a missing feature in OP-TEE to support 16K and 64K pages. Would you be able to enable this feature for OP-TEE?
-Sumit
Please let me know if you need more details. I am happy to test or provide a patch suggestion if that helps.
Best regards, ddrdtdn
Thanks for clarifying. I agree this is not really a bug, but rather a feature that OP-TEE may need to support in the future.
As I mentioned earlier, Google is actively moving the Android ecosystem toward 16 KB page sizes. For example: - Android Developers documentation: https://developer.android.com/guide/practices/page-sizes?utm_source=chatgpt.... July 28, 2025) - Android Developers Blog: https://android-developers.googleblog.com/2025/05/prepare-play-apps-for-devi... 8, 2025)
Starting November 1, 2025, all apps targeting Android 15+ on Google Play must support 16 KB page sizes. This shows that the long-term trend is clearly toward larger kernel page sizes.
In my local testing, I made a small adjustment in OP-TEE by adding handling for `internal_offs` in both `set_fmem_param()` and `mobj_ffa_get_by_cookie()`. This resolves the issue without changing `SMALL_PAGE_SIZE`. Updating `SMALL_PAGE_SIZE` itself would be a much more difficult change, so handling the offset seems like a practical compromise.
From: "Sumit Garg"sumit.garg@kernel.org Date: Tue, Sep 9, 2025, 15:12 Subject: Re: [BUG] mobj_ffa_get_by_cookie() fails with 16K/64K kernel page size To: "戴睿"rui.dai@xg.auto Cc: "op-tee@lists.trustedfirmware.org"op-tee@lists.trustedfirmware.org Hi,
On Mon, Sep 08, 2025 at 03:35:02PM +0800, 戴睿 wrote:
Hi OP-TEE maintainers,
I found an issue in optee_os related to FFA memory handling across different kernel page sizes.
File: core/arch/arm/mm/mobj_ffa.c
Function: mobj_ffa_get_by_cookie()
At the beginning of this function there is a check:
if (internal_offs >= SMALL_PAGE_SIZE)
return NULL;
Here, SMALL_PAGE_SIZE is fixed to 4KB. When running with a Linux kernel built with 16K or 64K page sizes
(CONFIG_ARM64_16K_PAGES or CONFIG_ARM64_64K_PAGES), this check incorrectly rejects valid offsets.
As a result, mobj_ffa_get_by_cookie() returns NULL, which leads to TEE_ERROR_BAD_PARAMETERS during FFA
communication (for example when set_fmem_param() calls it).
Impact:
- FFA communication fails on systems where the kernel uses 16K or 64K pages.
- With 16K becoming more widely adopted (e.g. Google’s standardization), this problem will be more common.
Expected behavior:
The function should not assume a fixed 4K page size, but adapt to the actual kernel page size.
Environment:
- OP-TEE version: observed in multiple versions including latest master
- Platform: ARM64 with FFA enabled
- Kernel config: CONFIG_ARM64_16K_PAGES / CONFIG_ARM64_64K_PAGES
Possible fix:
- Replace the SMALL_PAGE_SIZE check with a dynamic check based on the kernel’s actual page size,
or make the validation configurable.
I don't think it is an OP-TEE bug as of now but a missing feature in
OP-TEE to support 16K and 64K pages. Would you be able to enable this
feature for OP-TEE?
-Sumit
Please let me know if you need more details. I am happy to test or provide a patch suggestion if that helps.
Best regards,
ddrdtdn
op-tee@lists.trustedfirmware.org
-
Sumit Garg -
戴睿