tkaratapanis commented on code in PR #16734: URL: https://github.com/apache/nuttx/pull/16734#discussion_r2251198592
########## drivers/misc/optee_supplicant.c: ########## @@ -0,0 +1,608 @@ +/**************************************************************************** + * drivers/misc/optee_supplicant.c + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include <nuttx/mutex.h> +#include <nuttx/semaphore.h> +#include <nuttx/kmalloc.h> +#include <nuttx/queue.h> +#include <nuttx/idr.h> +#include <string.h> + +#include "optee.h" +#include "optee_supplicant.h" +#include "optee_msg.h" + +/**************************************************************************** + * Private Types + ****************************************************************************/ + +/* Request structure for RPCs serviced by the supplicant. */ + +struct optee_supplicant_req +{ + sq_entry_t link; + uint32_t func; + uint32_t ret; + uint32_t num_params; + FAR struct tee_ioctl_param *params; + sem_t c; +}; + +struct optee_supplicant +{ + mutex_t mutex; + int req_id; + struct sq_queue_s reqs; + FAR struct idr_s *idr; + FAR struct idr_s *shm_idr; + sem_t reqs_c; +}; + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +static struct optee_supplicant g_optee_supp; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: pop_entry + * + * Description: + * Pop the first request from the request queue, and create unique id. + * + * Parameters: + * num_params - Number of parameters passed. + * id - Pointer to the unique request id. + * + * Returned Value: + * A pointer to the request on success or NULL. + * + ****************************************************************************/ + +static FAR struct optee_supplicant_req * pop_entry(uint32_t num_params, + FAR int *id) +{ + FAR struct optee_supplicant_req *req; + + if (g_optee_supp.req_id != -1) + { + /* Mixing sync/async not supported */ + + return NULL; + } + + if (sq_empty(&g_optee_supp.reqs)) + { + return NULL; + } + + req = (struct optee_supplicant_req *)sq_remfirst(&g_optee_supp.reqs); + + /* The request can't fit in the supplicant's supplied parameter buffer. */ + + if (num_params < req->num_params) + { + return NULL; + } + + *id = idr_alloc(g_optee_supp.idr, req, 0, INT32_MAX); + if (*id < 0) + { + return NULL; + } + + return req; +} + +/**************************************************************************** + * Public Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: optee_supplicant_init + * + * Description: + * Initialize supplicant data. + * + * Parameters: + * shm_idr - A pointer, passed by reference, to the optee driver's shm_idr. + * The destruction of the shm_idr will be handled by + * optee_close(), so we only need to initialize it in this + * context. + * + * Returned Value: + * None + * + ****************************************************************************/ + +void optee_supplicant_init(FAR struct idr_s **shm_idr) Review Comment: If we do this, we will need to expose `g_optee_supp`. Currently in `optee_supplicant.h` we have only: ``` void optee_supplicant_init(FAR struct idr_s **shm_idr); ``` which will update the value of a pointer (we expect `priv->shms` here) to `g_optee_supp.shm_idr`. **Otherwise we don't expose** `g_optee_supp` **at all.** If we decide to go with this approach we will need to expose significantly more `g_optee_supp` and have at least the following changes : 1) Change `g_optee_supp` to a pointer: ``` static struct optee_supplicant *g_optee_supp; ``` 2) Change `optee_supplicant_init()` to return a pointer to the allocated `struct optee_supplicant`. 3) Implement `optee_supplicant_get_shm_idr()` to return the `.shm_idr` list of the supplicant (previously removed to limit exposure of the static `g_optee_supp`). 4) Implement `optee_supplicant_set_private()`, Updates `g_optee_supp` with the `f_inode->i_private ` (previously set by `optee_register()`) 5) Implement `optee_supplicant_unset_private()`, sets `g_optee_supp` to `NULL` Then `optee_open()` could change to something like (changes start with `// `): ``` static int optee_open(FAR struct file *filep) { FAR struct optee_priv_data *priv; //enum optee_role_e role = filep->f_inode->i_private ? OPTEE_ROLE_SUPPLICANT : OPTEE_ROLE_CA; int ret; ret = optee_transport_open(&priv); if (ret < 0) { return ret; } priv->role = role; if (role == OPTEE_ROLE_CA) { priv->shms = idr_init(); } #ifdef CONFIG_DEV_OPTEE_SUPPLICANT else if (role == OPTEE_ROLE_SUPPLICANT) { /* Allow only one process to open the device. */ if (filep->f_inode->i_crefs > 2) { return -EBUSY; } // Update *g_optee_supp with i_private //optee_supplicant_set_private(filep->f_inode->i_private); //priv->shms = optee_supplicant_get_shm_idr(); } #endif else { return -EOPNOTSUPP; } filep->f_priv = priv; return 0; } ``` and in the `optee_close()` function we would call `optee_supplicant_unset_private()`. I would also change my conditions to when `optee_supplicant` is running to check if `g_optee_supp` is `NULL`. Do you want me to go with this approach even though we are exposing `g_optee_supp`? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
