diff mbox series

[v4,10/21] fs: Convert fs_read/write to take buffer instead of address

Message ID 20180618152315.34233-11-agraf@suse.de
State New
Headers show
Series sandbox: efi_loader support | expand

Commit Message

Alexander Graf June 18, 2018, 3:23 p.m. UTC
The fs_read() and fs_write() functions are internal interfaces that
naturally want to get pointers as arguments. Most users so far even
have pointers and explicitly cast them into integers just to be able
to pass them into the function.

Convert them over to instead take a pointer argument for the buffer.
That way any sandbox mapping gets greatly simplified and users of
the API intuitively know what to do.

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 board/BuR/common/common.c             |  2 +-
 board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----
 cmd/mvebu/bubt.c                      |  4 ++--
 common/splash_source.c                |  4 +++-
 drivers/bootcount/bootcount_ext.c     | 12 ++++++------
 drivers/fpga/zynqpl.c                 |  8 +++++---
 fs/fs.c                               | 20 ++++++++++----------
 include/fs.h                          | 12 ++++++------
 lib/efi_loader/efi_file.c             |  6 ++----
 9 files changed, 40 insertions(+), 38 deletions(-)

Comments

Simon Glass June 21, 2018, 2:02 a.m. UTC | #1
kOn 18 June 2018 at 09:23, Alexander Graf <agraf@suse.de> wrote:
> The fs_read() and fs_write() functions are internal interfaces that
> naturally want to get pointers as arguments. Most users so far even
> have pointers and explicitly cast them into integers just to be able
> to pass them into the function.
>
> Convert them over to instead take a pointer argument for the buffer.
> That way any sandbox mapping gets greatly simplified and users of
> the API intuitively know what to do.
>
> Signed-off-by: Alexander Graf <agraf@suse.de>
> ---
>  board/BuR/common/common.c             |  2 +-
>  board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----
>  cmd/mvebu/bubt.c                      |  4 ++--
>  common/splash_source.c                |  4 +++-
>  drivers/bootcount/bootcount_ext.c     | 12 ++++++------
>  drivers/fpga/zynqpl.c                 |  8 +++++---
>  fs/fs.c                               | 20 ++++++++++----------
>  include/fs.h                          | 12 ++++++------
>  lib/efi_loader/efi_file.c             |  6 ++----
>  9 files changed, 40 insertions(+), 38 deletions(-)

As mentioned before, we should not change this API. There is no need -
U-Boot uses addresses, and this just expands the scope of the sandbox
private address.

Regards,
Simon
Tom Rini June 21, 2018, 3:27 p.m. UTC | #2
On Wed, Jun 20, 2018 at 08:02:09PM -0600, Simon Glass wrote:
> kOn 18 June 2018 at 09:23, Alexander Graf <agraf@suse.de> wrote:

> > The fs_read() and fs_write() functions are internal interfaces that

> > naturally want to get pointers as arguments. Most users so far even

> > have pointers and explicitly cast them into integers just to be able

> > to pass them into the function.

> >

> > Convert them over to instead take a pointer argument for the buffer.

> > That way any sandbox mapping gets greatly simplified and users of

> > the API intuitively know what to do.

> >

> > Signed-off-by: Alexander Graf <agraf@suse.de>

> > ---

> >  board/BuR/common/common.c             |  2 +-

> >  board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----

> >  cmd/mvebu/bubt.c                      |  4 ++--

> >  common/splash_source.c                |  4 +++-

> >  drivers/bootcount/bootcount_ext.c     | 12 ++++++------

> >  drivers/fpga/zynqpl.c                 |  8 +++++---

> >  fs/fs.c                               | 20 ++++++++++----------

> >  include/fs.h                          | 12 ++++++------

> >  lib/efi_loader/efi_file.c             |  6 ++----

> >  9 files changed, 40 insertions(+), 38 deletions(-)

> 

> As mentioned before, we should not change this API. There is no need -

> U-Boot uses addresses, and this just expands the scope of the sandbox

> private address.


What we have, in either case, is imperfect.  We're basically hiding some
funky details for sandbox support inside of fs_read/fs_write.  That with
this patch we're moving more of the sandbox wrappers around is something
I don't see as a positive change.  We also don't drop all casts in the
callers.  Some go away, some get changed, at least one gets added.  In
the end, I don't think this patch is a win.  Thanks!

-- 
Tom
diff mbox series

Patch

diff --git a/board/BuR/common/common.c b/board/BuR/common/common.c
index 9df19791c2..ab9d9c51cf 100644
--- a/board/BuR/common/common.c
+++ b/board/BuR/common/common.c
@@ -269,7 +269,7 @@  static int load_devicetree(void)
 		puts("load_devicetree: set_blk_dev failed.\n");
 		return -1;
 	}
-	rc = fs_read(dtbname, (u32)dtbaddr, 0, 0, &dtbsize);
+	rc = fs_read(dtbname, (u_char *)dtbaddr, 0, 0, &dtbsize);
 #endif
 	if (rc == 0) {
 		gd->fdt_blob = (void *)dtbaddr;
diff --git a/board/gdsys/p1022/controlcenterd-id.c b/board/gdsys/p1022/controlcenterd-id.c
index 7e082dff05..2f01f7b7eb 100644
--- a/board/gdsys/p1022/controlcenterd-id.c
+++ b/board/gdsys/p1022/controlcenterd-id.c
@@ -874,7 +874,7 @@  static struct key_program *load_key_chunk(const char *ifname,
 
 	if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
 		goto failure;
-	if (fs_read(path, (ulong)buf, 0, 12, &i) < 0)
+	if (fs_read(path, buf, 0, 12, &i) < 0)
 		goto failure;
 	if (i < 12)
 		goto failure;
@@ -890,7 +890,7 @@  static struct key_program *load_key_chunk(const char *ifname,
 		goto failure;
 	if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
 		goto failure;
-	if (fs_read(path, (ulong)result, 0,
+	if (fs_read(path, result, 0,
 		    sizeof(struct key_program) + header.code_size, &i) < 0)
 		goto failure;
 	if (i <= 0)
@@ -1019,7 +1019,7 @@  static int second_stage_init(void)
 	struct key_program *hmac_blob = NULL;
 	const char *image_path = "/ccdm.itb";
 	char *mac_path = NULL;
-	ulong image_addr;
+	u8 *image_addr;
 	loff_t image_size;
 	uint32_t err;
 
@@ -1059,7 +1059,7 @@  static int second_stage_init(void)
 	strcat(mac_path, mac_suffix);
 
 	/* read image from mmcdev (ccdm.itb) */
-	image_addr = (ulong)get_image_location();
+	image_addr = get_image_location();
 	if (fs_set_blk_dev("mmc", mmcdev, FS_TYPE_EXT))
 		goto failure;
 	if (fs_read(image_path, image_addr, 0, 0, &image_size) < 0)
@@ -1077,7 +1077,7 @@  static int second_stage_init(void)
 		puts("corrupted mac file\n");
 		goto failure;
 	}
-	if (check_hmac(hmac_blob, (u8 *)image_addr, image_size)) {
+	if (check_hmac(hmac_blob, image_addr, image_size)) {
 		puts("image integrity could not be verified\n");
 		goto failure;
 	}
diff --git a/cmd/mvebu/bubt.c b/cmd/mvebu/bubt.c
index b4d371f305..29fff898fa 100644
--- a/cmd/mvebu/bubt.c
+++ b/cmd/mvebu/bubt.c
@@ -209,7 +209,7 @@  static size_t mmc_read_file(const char *file_name)
 	}
 
 	/* Perfrom file read */
-	rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
+	rc = fs_read(file_name, (void *)get_load_addr(), 0, 0, &act_read);
 	if (rc)
 		return 0;
 
@@ -392,7 +392,7 @@  static size_t usb_read_file(const char *file_name)
 	}
 
 	/* Perfrom file read */
-	rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
+	rc = fs_read(file_name, (void *)get_load_addr(), 0, 0, &act_read);
 	if (rc)
 		return 0;
 
diff --git a/common/splash_source.c b/common/splash_source.c
index 62763b9ebd..79dbea12fc 100644
--- a/common/splash_source.c
+++ b/common/splash_source.c
@@ -11,6 +11,7 @@ 
 #include <fs.h>
 #include <fdt_support.h>
 #include <image.h>
+#include <mapmem.h>
 #include <nand.h>
 #include <sata.h>
 #include <spi.h>
@@ -252,7 +253,8 @@  static int splash_load_fs(struct splash_location *location, u32 bmp_load_addr)
 	}
 
 	splash_select_fs_dev(location);
-	res = fs_read(splash_file, bmp_load_addr, 0, 0, &actread);
+	res = fs_read(splash_file, map_sysmem(bmp_load_addr, bmp_size),
+		      0, 0, &actread);
 
 out:
 	if (location->ubivol != NULL)
diff --git a/drivers/bootcount/bootcount_ext.c b/drivers/bootcount/bootcount_ext.c
index 075e590896..4a46f17c15 100644
--- a/drivers/bootcount/bootcount_ext.c
+++ b/drivers/bootcount/bootcount_ext.c
@@ -24,10 +24,10 @@  void bootcount_store(ulong a)
 	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
 	buf[0] = BC_MAGIC;
 	buf[1] = (a & 0xff);
-	unmap_sysmem(buf);
 
-	ret = fs_write(CONFIG_SYS_BOOTCOUNT_EXT_NAME,
-		       CONFIG_SYS_BOOTCOUNT_ADDR, 0, 2, &len);
+	ret = fs_write(CONFIG_SYS_BOOTCOUNT_EXT_NAME, buf, 0, 2, &len);
+
+	unmap_sysmem(buf);
 	if (ret != 0)
 		puts("Error storing bootcount\n");
 }
@@ -44,14 +44,14 @@  ulong bootcount_load(void)
 		return 0;
 	}
 
-	ret = fs_read(CONFIG_SYS_BOOTCOUNT_EXT_NAME, CONFIG_SYS_BOOTCOUNT_ADDR,
-		      0, 2, &len_read);
+	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
+
+	ret = fs_read(CONFIG_SYS_BOOTCOUNT_EXT_NAME, buf, 0, 2, &len_read);
 	if (ret != 0 || len_read != 2) {
 		puts("Error loading bootcount\n");
 		return 0;
 	}
 
-	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
 	if (buf[0] == BC_MAGIC)
 		ret = buf[1];
 
diff --git a/drivers/fpga/zynqpl.c b/drivers/fpga/zynqpl.c
index fd37d18c7f..2fba77d45f 100644
--- a/drivers/fpga/zynqpl.c
+++ b/drivers/fpga/zynqpl.c
@@ -431,7 +431,7 @@  static int zynq_loadfs(xilinx_desc *desc, const void *buf, size_t bsize,
 	if (fs_set_blk_dev(interface, dev_part, fstype))
 		return FPGA_FAIL;
 
-	if (fs_read(filename, (u32) buf, pos, blocksize, &actread) < 0)
+	if (fs_read(filename, (void *)buf, pos, blocksize, &actread) < 0)
 		return FPGA_FAIL;
 
 	if (zynq_validate_bitstream(desc, buf, bsize, blocksize, &swap,
@@ -454,10 +454,12 @@  static int zynq_loadfs(xilinx_desc *desc, const void *buf, size_t bsize,
 			return FPGA_FAIL;
 
 		if (bsize > blocksize) {
-			if (fs_read(filename, (u32) buf, pos, blocksize, &actread) < 0)
+			if (fs_read(filename, (void *)buf, pos, blocksize,
+				    &actread) < 0)
 				return FPGA_FAIL;
 		} else {
-			if (fs_read(filename, (u32) buf, pos, bsize, &actread) < 0)
+			if (fs_read(filename, (void *)buf, pos, bsize,
+				    &actread) < 0)
 				return FPGA_FAIL;
 		}
 	} while (bsize > blocksize);
diff --git a/fs/fs.c b/fs/fs.c
index 33808d549e..27ce9259d2 100644
--- a/fs/fs.c
+++ b/fs/fs.c
@@ -402,20 +402,17 @@  int fs_size(const char *filename, loff_t *size)
 	return ret;
 }
 
-int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_read(const char *filename, void *buf, loff_t offset, loff_t len,
 	    loff_t *actread)
 {
 	struct fstype_info *info = fs_get_info(fs_type);
-	void *buf;
 	int ret;
 
 	/*
 	 * We don't actually know how many bytes are being read, since len==0
 	 * means read the whole file.
 	 */
-	buf = map_sysmem(addr, len);
 	ret = info->read(filename, buf, offset, len, actread);
-	unmap_sysmem(buf);
 
 	/* If we requested a specific number of bytes, check we got it */
 	if (ret == 0 && len && *actread != len)
@@ -425,16 +422,13 @@  int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
 	return ret;
 }
 
-int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_write(const char *filename, void *buf, loff_t offset, loff_t len,
 	     loff_t *actwrite)
 {
 	struct fstype_info *info = fs_get_info(fs_type);
-	void *buf;
 	int ret;
 
-	buf = map_sysmem(addr, len);
 	ret = info->write(filename, buf, offset, len, actwrite);
-	unmap_sysmem(buf);
 
 	if (ret < 0 && len != *actwrite) {
 		printf("** Unable to write file %s **\n", filename);
@@ -529,6 +523,7 @@  int do_load(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	int ret;
 	unsigned long time;
 	char *ep;
+	void *buf;
 
 	if (argc < 2)
 		return CMD_RET_USAGE;
@@ -567,9 +562,11 @@  int do_load(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	else
 		pos = 0;
 
+	buf = map_sysmem(addr, bytes);
 	time = get_timer(0);
-	ret = fs_read(filename, addr, pos, bytes, &len_read);
+	ret = fs_read(filename, buf, pos, bytes, &len_read);
 	time = get_timer(time);
+	unmap_sysmem(buf);
 	if (ret < 0)
 		return 1;
 
@@ -623,6 +620,7 @@  int do_save(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	loff_t len;
 	int ret;
 	unsigned long time;
+	void *buf;
 
 	if (argc < 6 || argc > 7)
 		return CMD_RET_USAGE;
@@ -638,9 +636,11 @@  int do_save(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	else
 		pos = 0;
 
+	buf = map_sysmem(addr, bytes);
 	time = get_timer(0);
-	ret = fs_write(filename, addr, pos, bytes, &len);
+	ret = fs_write(filename, buf, pos, bytes, &len);
 	time = get_timer(time);
+	unmap_sysmem(buf);
 	if (ret < 0)
 		return 1;
 
diff --git a/include/fs.h b/include/fs.h
index 163da103b4..647b0c2ed2 100644
--- a/include/fs.h
+++ b/include/fs.h
@@ -76,27 +76,27 @@  int fs_size(const char *filename, loff_t *size);
  * Note that not all filesystem types support either/both offset!=0 or len!=0.
  *
  * @filename: Name of file to read from
- * @addr: The address to read into
+ * @buf: The buffer to read into
  * @offset: The offset in file to read from
  * @len: The number of bytes to read. Maybe 0 to read entire file
  * @actread: Returns the actual number of bytes read
  * @return 0 if ok with valid *actread, -1 on error conditions
  */
-int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_read(const char *filename, void *buf, loff_t offset, loff_t len,
 	    loff_t *actread);
 
 /*
  * fs_write - Write file to the partition previously set by fs_set_blk_dev()
  * Note that not all filesystem types support offset!=0.
  *
- * @filename: Name of file to read from
- * @addr: The address to read into
- * @offset: The offset in file to read from. Maybe 0 to write to start of file
+ * @filename: Name of file to write to
+ * @buf: The buffer to read from
+ * @offset: The offset in file to write to. Maybe 0 to write to start of file
  * @len: The number of bytes to write
  * @actwrite: Returns the actual number of bytes written
  * @return 0 if ok with valid *actwrite, -1 on error conditions
  */
-int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_write(const char *filename, void *buf, loff_t offset, loff_t len,
 	     loff_t *actwrite);
 
 /*
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index e6a15bcb52..7bd061f395 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -233,8 +233,7 @@  static efi_status_t file_read(struct file_handle *fh, u64 *buffer_size,
 {
 	loff_t actread;
 
-	if (fs_read(fh->path, (ulong)buffer, fh->offset,
-		    *buffer_size, &actread))
+	if (fs_read(fh->path, buffer, fh->offset, *buffer_size, &actread))
 		return EFI_DEVICE_ERROR;
 
 	*buffer_size = actread;
@@ -363,8 +362,7 @@  static efi_status_t EFIAPI efi_file_write(struct efi_file_handle *file,
 		goto error;
 	}
 
-	if (fs_write(fh->path, (ulong)buffer, fh->offset, *buffer_size,
-		     &actwrite)) {
+	if (fs_write(fh->path, buffer, fh->offset, *buffer_size, &actwrite)) {
 		ret = EFI_DEVICE_ERROR;
 		goto error;
 	}