DemesneGH commented on issue #153: URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/153#issuecomment-2513857292
> sometimes **the return content is bigger than the request content**, for example, fetch file content from plugin. Thanks for pointing out this issue and providing valuable advice. Seems the issue exists due to treat `input_buffer` as `shared_buffer`. For the Rust API `pub fn invoke(&mut self, command_id: u32, subcommand_id: u32, data: &[u8]) -> Result<Vec<u8>>` the intention is to expose the `input_buffer` and `output_buffer` for developers, with the `shared_buffer` is transparent. It's a user-friendly way while developers don't need to truncate the output buffers. However the current implementation treat `input_buffer` as `shared_buffer`, which cause problems when the `output_buffer` is larger than the `input_buffer`. https://github.com/apache/incubator-teaclave-trustzone-sdk/blob/bc14fb63f65bfff77456eea1b9097c1619d30b04/optee-utee/src/extension.rs#L33-L56 To address this issue while maintaining compatibility and simplicity, how about modifying it as follows: ``` const SHARED_BUFFER_SIZE: usize = 1024; // or other size pub fn invoke(&mut self, command_id: u32, subcommand_id: u32, data: &[u8]) -> Result<Vec<u8>> { let raw_uuid: Uuid = self.uuid; let mut outlen: usize = 0; let mut shared_buffer = vec![SHARED_BUFFER_SIZE; u8]; shared_buffer[..data.len()].copy_from_slice(data); match unsafe { raw::tee_invoke_supp_plugin( raw_uuid.as_raw_ptr(), command_id as u32, subcommand_id as u32, shared_buffer.as_mut_ptr() as _, data.len(), &mut outlen as *mut usize, ) } { raw::TEE_SUCCESS => { assert!(outlen <= (shared_buffer.len())); let mut outbuf = vec![0; outlen]; outbuf.copy_from_slice(&shared_buffer[..outlen]); Ok(outbuf) }, code => Err(Error::from_raw_error(code)), } } ``` This approach ensures `shared_buffer` can handle outputs correctly while keeping the interface user-friendly and compatible. However, it comes with a disadvantage: the static `SHARED_BUFFER_SIZE` is not dynamic, which could lead to potential memory waste. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@teaclave.apache.org For additional commands, e-mail: dev-h...@teaclave.apache.org
