[U-Boot] [PATCH v5 2/2] common: Generic firmware loader for file system

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Chee, Tien Fong <tien.fong.chee@intel.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v5 2/2] common: Generic firmware loader for file system
Date: Fri, 22 Dec 2017 09:21:56 +0000	[thread overview]
Message-ID: <1513934514.2071.16.camel@intel.com> (raw)
In-Reply-To: <20171222094719.10f9e0e2@karo-electronics.de>

On Jum, 2017-12-22 at 09:47 +0100, Lothar Waßmann wrote:
> Hi,
> 
> On Fri, 22 Dec 2017 08:04:32 +0000 Chee, Tien Fong wrote:
> > 
> > On Jum, 2017-12-22 at 08:44 +0100, Lothar Waßmann wrote:
> > > 
> > > Hi,
> > > 
> > > On Fri, 22 Dec 2017 01:43:38 +0000 Chee, Tien Fong wrote:
> > > > 
> > > > 
> > > > On Kha, 2017-12-21 at 16:08 +0100, Lothar Waßmann wrote:
> > > > > 
> > > > > 
> > > > > Hi,
> > > > > 
> > > > > On Thu, 21 Dec 2017 12:48:53 +0000 Chee, Tien Fong wrote:
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > On Kha, 2017-12-21 at 12:53 +0100, Lothar Waßmann wrote:
> > > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > Hi,
> > > > > > > 
> > > > > > > On Thu, 21 Dec 2017 09:36:41 +0000 Chee, Tien Fong wrote:
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > On Kha, 2017-12-21 at 09:48 +0100, Lothar Waßmann
> > > > > > > > wrote:
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > Hi,
> > > > > > > > > 
> > > > > > > > > On Thu, 21 Dec 2017 15:25:29 +0800 tien.fong.chee at int
> > > > > > > > > el.c
> > > > > > > > > om
> > > > > > > > > wrote:
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > From: Tien Fong Chee <tien.fong.chee@intel.com>
> > > > > > > > > > 
> > > > > > > > > > This is file system generic loader which can be
> > > > > > > > > > used to
> > > > > > > > > > load
> > > > > > > > > > the file image from the storage into target such as
> > > > > > > > > > memory.
> > > > > > > > > > The consumer driver would then use this loader to
> > > > > > > > > > program
> > > > > > > > > > whatever,
> > > > > > > > > > ie. the FPGA device.
> > > > > > > > > > 
> > > > > > > > > > Signed-off-by: Tien Fong Chee <tien.fong.chee@intel
> > > > > > > > > > .com
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > ---
> > > > > > > > > >  common/Makefile            |   1 +
> > > > > > > > > >  common/fs_loader.c         | 311
> > > > > > > > > > +++++++++++++++++++++++++++++++++++++++++++++
> > > > > > > > > >  doc/README.firmware_loader |  76 +++++++++++
> > > > > > > > > >  include/fs_loader.h        |  28 ++++
> > > > > > > > > >  4 files changed, 416 insertions(+)
> > > > > > > > > >  create mode 100644 common/fs_loader.c
> > > > > > > > > >  create mode 100644 doc/README.firmware_loader
> > > > > > > > > >  create mode 100644 include/fs_loader.h
> > > > > > > > > > 
> > > > > > > > > > diff --git a/common/Makefile b/common/Makefile
> > > > > > > > > > index cec506f..2934221 100644
> > > > > > > > > > --- a/common/Makefile
> > > > > > > > > > +++ b/common/Makefile
> > > > > > > > > > @@ -130,3 +130,4 @@ obj-$(CONFIG_CMD_DFU) += dfu.o
> > > > > > > > > >  obj-y += command.o
> > > > > > > > > >  obj-y += s_record.o
> > > > > > > > > >  obj-y += xyzModem.o
> > > > > > > > > > +obj-y += fs_loader.o
> > > > > > > > > > diff --git a/common/fs_loader.c
> > > > > > > > > > b/common/fs_loader.c
> > > > > > > > > > new file mode 100644
> > > > > > > > > > index 0000000..ddfce58
> > > > > > > > > > --- /dev/null
> > > > > > > > > > +++ b/common/fs_loader.c
> > > > > > > > > > @@ -0,0 +1,311 @@
> > > > > > > > > > +/*
> > > > > > > > > > + * Copyright (C) 2017 Intel Corporation <www.intel
> > > > > > > > > > .com
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > + *
> > > > > > > > > > + * SPDX-License-Identifier:    GPL-2.0
> > > > > > > > > > + */
> > > > > > > > > > +
> > > > > > > > > > +#include <common.h>
> > > > > > > > > > +#include <errno.h>
> > > > > > > > > > +#include <fs.h>
> > > > > > > > > > +#include <fs_loader.h>
> > > > > > > > > > +#include <nand.h>
> > > > > > > > > > +#include <sata.h>
> > > > > > > > > > +#include <spi.h>
> > > > > > > > > > +#include <spi_flash.h>
> > > > > > > > > > +#include <spl.h>
> > > > > > > > > > +#include <linux/string.h>
> > > > > > > > > > +#include <usb.h>
> > > > > > > > > > +
> > > > > > > > > > +struct firmware_priv {
> > > > > > > > > > +	const char *name;	/* Filename */
> > > > > > > > > > +	u32 offset;		/* Offset of
> > > > > > > > > > reading a
> > > > > > > > > > file
> > > > > > > > > > */
> > > > > > > > > > +};
> > > > > > > > > > +
> > > > > > > > > > +static struct device_location default_locations[]
> > > > > > > > > > = {
> > > > > > > > > > +	{
> > > > > > > > > > +		.name = "mmc",
> > > > > > > > > > +		.devpart = "0:1",
> > > > > > > > > > +	},
> > > > > > > > > > +	{
> > > > > > > > > > +		.name = "usb",
> > > > > > > > > > +		.devpart = "0:1",
> > > > > > > > > > +	},
> > > > > > > > > > +	{
> > > > > > > > > > +		.name = "sata",
> > > > > > > > > > +		.devpart = "0:1",
> > > > > > > > > > +	},
> > > > > > > > > > +};
> > > > > > > > > > +
> > > > > > > > > > +/* USB build is not supported yet in SPL */
> > > > > > > > > > +#ifndef CONFIG_SPL_BUILD
> > > > > > > > > > +#ifdef CONFIG_USB_STORAGE
> > > > > > > > > > +static int init_usb(void)
> > > > > > > > > > +{
> > > > > > > > > > +	int err;
> > > > > > > > > > +
> > > > > > > > > > +	err = usb_init();
> > > > > > > > > > +	if (err)
> > > > > > > > > > +		return err;
> > > > > > > > > > +
> > > > > > > > > > +#ifndef CONFIG_DM_USB
> > > > > > > > > > +	err = usb_stor_scan(1) < 0 ? -ENODEV : 0;
> > > > > > > > > > +#endif
> > > > > > > > > > +
> > > > > > > > > > +	return err;
> > > > > > > > > > +}
> > > > > > > > > > +#else
> > > > > > > > > > +static int init_usb(void)
> > > > > > > > > > +{
> > > > > > > > > > +	printf("Error: Cannot load flash image: no
> > > > > > > > > > USB
> > > > > > > > > > support\n");
> > > > > > > > > > +	return -ENOSYS;
> > > > > > > > > > +}
> > > > > > > > > > +#endif
> > > > > > > > > > +#endif
> > > > > > > > > > +
> > > > > > > > > > +#ifdef CONFIG_SATA
> > > > > > > > > > +static int init_storage_sata(void)
> > > > > > > > > > +{
> > > > > > > > > > +	return sata_probe(0);
> > > > > > > > > > +}
> > > > > > > > > > +#else
> > > > > > > > > > +static int init_storage_sata(void)
> > > > > > > > > > +{
> > > > > > > > > > +	printf("Error: Cannot load image: no SATA
> > > > > > > > > > support\n");
> > > > > > > > > > +	return -ENOSYS;
> > > > > > > > > > +}
> > > > > > > > > > +#endif
> > > > > > > > > > +
> > > > > > > > > > +#ifdef CONFIG_CMD_UBIFS
> > > > > > > > > > +static int mount_ubifs(struct device_location
> > > > > > > > > > *location)
> > > > > > > > > > +{
> > > > > > > > > > +	int ret;
> > > > > > > > > > +	char cmd[32];
> > > > > > > > > > +
> > > > > > > > > > +	sprintf(cmd, "ubi part %s", location-
> > > > > > > > > > > 
> > > > > > > > > > > mtdpart);
> > > > > > > > > > +
> > > > > > > > > > +	ret = run_command(cmd, 0);
> > > > > > > > > > +	if (ret)
> > > > > > > > > > +		return ret;
> > > > > > > > > > +
> > > > > > > > > > +	sprintf(cmd, "ubifsmount %s", location-
> > > > > > > > > > > 
> > > > > > > > > > > ubivol);
> > > > > > > > > > +
> > > > > > > > > > +	ret = run_command(cmd, 0);
> > > > > > > > > > +
> > > > > > > > > > +	return ret;
> > > > > > > > > > +}
> > > > > > > > > > +
> > > > > > > > > > +static int umount_ubifs(void)
> > > > > > > > > > +{
> > > > > > > > > > +	return run_command("ubifsumount", 0);
> > > > > > > > > > +}
> > > > > > > > > > +#else
> > > > > > > > > > +static int mount_ubifs(struct device_location
> > > > > > > > > > *location)
> > > > > > > > > > +{
> > > > > > > > > > +	printf("Error: Cannot load image: no UBIFS
> > > > > > > > > > support\n");
> > > > > > > > > > +	return -ENOSYS;
> > > > > > > > > > +}
> > > > > > > > > > +#endif
> > > > > > > > > > +
> > > > > > > > > > +#if defined(CONFIG_SPL_MMC_SUPPORT) &&
> > > > > > > > > > defined(CONFIG_SPL_BUILD)
> > > > > > > > > > +static int init_mmc(void)
> > > > > > > > > > +{
> > > > > > > > > > +	/* Just for the case MMC is not yet
> > > > > > > > > > initialized */
> > > > > > > > > > +	struct mmc *mmc = NULL;
> > > > > > > > > > +	int err;
> > > > > > > > > > +
> > > > > > > > > > +	spl_mmc_find_device(&mmc,
> > > > > > > > > > spl_boot_device());
> > > > > > > > > > +
> > > > > > > > > > +	err = mmc_init(mmc);
> > > > > > > > > > +	if (err) {
> > > > > > > > > > +		printf("spl: mmc init failed with
> > > > > > > > > > error:
> > > > > > > > > > %d\n",
> > > > > > > > > > err);
> > > > > > > > > > +		return err;
> > > > > > > > > > +	}
> > > > > > > > > > +
> > > > > > > > > > +	return err;
> > > > > > > > > > +}
> > > > > > > > > > +#else
> > > > > > > > > > +static int init_mmc(void)
> > > > > > > > > > +{
> > > > > > > > > > +	/* Expect somewhere already initialize MMC
> > > > > > > > > > */
> > > > > > > > > > +	return 0;
> > > > > > > > > > +}
> > > > > > > > > > +#endif
> > > > > > > > > > +
> > > > > > > > > > +static int select_fs_dev(struct device_location
> > > > > > > > > > *location)
> > > > > > > > > > +{
> > > > > > > > > > +	int ret;
> > > > > > > > > > +
> > > > > > > > > > +	if (!strcmp("mmc", location->name)) {
> > > > > > > > > > +		ret = fs_set_blk_dev("mmc",
> > > > > > > > > > location-
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > devpart,
> > > > > > > > > > FS_TYPE_ANY);
> > > > > > > > > > +	} else if (!strcmp("usb", location->name)) 
> > > > > > > > > > {
> > > > > > > > > > +		ret = fs_set_blk_dev("usb",
> > > > > > > > > > location-
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > devpart,
> > > > > > > > > > FS_TYPE_ANY);
> > > > > > > > > > +	} else if (!strcmp("sata", location-
> > > > > > > > > > >name)) {
> > > > > > > > > > +		ret = fs_set_blk_dev("sata",
> > > > > > > > > > location-
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > devpart,
> > > > > > > > > > FS_TYPE_ANY);
> > > > > > > > > > +	} else if (!strcmp("ubi", location->name)) 
> > > > > > > > > > {
> > > > > > > > > > +		if (location->ubivol != NULL)
> > > > > > > > > > +			ret =
> > > > > > > > > > fs_set_blk_dev("ubi",
> > > > > > > > > > NULL,
> > > > > > > > > > FS_TYPE_UBIFS);
> > > > > > > > > > +		else
> > > > > > > > > > +			ret = -ENODEV;
> > > > > > > > > > +	} else {
> > > > > > > > > > +		printf("Error: unsupported
> > > > > > > > > > location
> > > > > > > > > > storage.\n");
> > > > > > > > > > +		return -ENODEV;
> > > > > > > > > > +	}
> > > > > > > > > > +
> > > > > > > > > > +	if (ret)
> > > > > > > > > > +		printf("Error: could not access
> > > > > > > > > > storage.\n");
> > > > > > > > > > +
> > > > > > > > > > +	return ret;
> > > > > > > > > > +}
> > > > > > > > > > +
> > > > > > > > > > +static int init_storage_device(struct
> > > > > > > > > > device_location
> > > > > > > > > > *location)
> > > > > > > > > > +{
> > > > > > > > > > +	int ret;
> > > > > > > > > > +
> > > > > > > > > > +	if (!strcmp("mmc", location->name)) {
> > > > > > > > > > +		ret = init_mmc();
> > > > > > > > > > +	} else if (!strcmp("sata", location-
> > > > > > > > > > >name)) {
> > > > > > > > > > +		ret = init_storage_sata();
> > > > > > > > > > +	} else if (location->ubivol != NULL) {
> > > > > > > > > > +		ret = mount_ubifs(location);
> > > > > > > > > > +#ifndef CONFIG_SPL_BUILD
> > > > > > > > > > +	/* USB build is not supported yet in SPL
> > > > > > > > > > */
> > > > > > > > > > +	} else if (!strcmp("usb", location->name)) 
> > > > > > > > > > {
> > > > > > > > > > +		ret = init_usb();
> > > > > > > > > > +#endif
> > > > > > > > > > +	} else {
> > > > > > > > > > +		printf("Error: no supported
> > > > > > > > > > storage
> > > > > > > > > > device
> > > > > > > > > > is
> > > > > > > > > > available.\n");
> > > > > > > > > > +		ret = -ENODEV;
> > > > > > > > > > +	}
> > > > > > > > > > +
> > > > > > > > > > +	return ret;
> > > > > > > > > > +}
> > > > > > > > > > +
> > > > > > > > > > +static void set_storage_devpart(char *name, char
> > > > > > > > > > *devpart)
> > > > > > > > > > +{
> > > > > > > > > > +	size_t i;
> > > > > > > > > > +
> > > > > > > > > > +	for (i = 0; i <
> > > > > > > > > > ARRAY_SIZE(default_locations);
> > > > > > > > > > i++) {
> > > > > > > > > > +		if
> > > > > > > > > > (!strcmp(default_locations[i].name,
> > > > > > > > > > name))
> > > > > > > > > > +			default_locations[i].devpa
> > > > > > > > > > rt =
> > > > > > > > > > devpart;
> > > > > > > > > > +	}
> > > > > > > > > > +}
> > > > > > > > > > +
> > > > > > > > > > +/*
> > > > > > > > > > + * Prepare firmware struct;
> > > > > > > > > > + * return -ve if fail.
> > > > > > > > > > + */
> > > > > > > > > > +static int _request_firmware_prepare(struct
> > > > > > > > > > firmware
> > > > > > > > > > **firmware_p,
> > > > > > > > > > +				     const char
> > > > > > > > > > *name,
> > > > > > > > > > void
> > > > > > > > > > *dbuf,
> > > > > > > > > > +				     size_t size,
> > > > > > > > > > u32
> > > > > > > > > > offset)
> > > > > > > > > > +{
> > > > > > > > > > +	struct firmware *firmware;
> > > > > > > > > > +	struct firmware_priv *fw_priv;
> > > > > > > > > > +
> > > > > > > > > > +	*firmware_p = NULL;
> > > > > > > > > > +
> > > > > > > > > > +	if (!name || name[0] == '\0')
> > > > > > > > > > +		return -EINVAL;
> > > > > > > > > > +
> > > > > > > > > > +	firmware = calloc(1, sizeof(*firmware));
> > > > > > > > > > +	if (!firmware) {
> > > > > > > > > > +		printf("%s: calloc(struct
> > > > > > > > > > firmware)
> > > > > > > > > > failed\n",
> > > > > > > > > > __func__);
> > > > > > > > > > +		return -ENOMEM;
> > > > > > > > > > +	}
> > > > > > > > > > +
> > > > > > > > > > +	fw_priv = calloc(1, sizeof(*fw_priv));
> > > > > > > > > > +	if (!fw_priv) {
> > > > > > > > > > +		printf("%s: calloc(struct fw_priv)
> > > > > > > > > > failed\n",
> > > > > > > > > > __func__);
> > > > > > > > > > +		free(firmware);
> > > > > > > > > > +		return -ENOMEM;
> > > > > > > > > > +	}
> > > > > > > > > > +
> > > > > > > > > > +	fw_priv->name = name;
> > > > > > > > > > +	fw_priv->offset = offset;
> > > > > > > > > > +	firmware->data = dbuf;
> > > > > > > > > > +	firmware->size = size;
> > > > > > > > > > +	firmware->priv = fw_priv;
> > > > > > > > > > +	*firmware_p = firmware;
> > > > > > > > > > +
> > > > > > > > > > +	return 0;
> > > > > > > > > > +}
> > > > > > > > > > +
> > > > > > > > > > +/*
> > > > > > > > > > + * fw_get_filesystem_firmware - load firmware into
> > > > > > > > > > an
> > > > > > > > > > allocated
> > > > > > > > > > buffer
> > > > > > > > > > + * @location: An array of supported firmware
> > > > > > > > > > location
> > > > > > > > > > + * @firmware_p: pointer to firmware image
> > > > > > > > > > + *
> > > > > > > > > > + * @return: size of total read
> > > > > > > > > > + *	    -ve when error
> > > > > > > > > > + */
> > > > > > > > > > +static int fw_get_filesystem_firmware(struct
> > > > > > > > > > device_location
> > > > > > > > > > *location,
> > > > > > > > > > +				      struct
> > > > > > > > > > firmware
> > > > > > > > > > *firmware_p)
> > > > > > > > > > +{
> > > > > > > > > > +	struct firmware_priv *fw_priv = NULL;
> > > > > > > > > > +	loff_t actread;
> > > > > > > > > > +	char *dev_part;
> > > > > > > > > > +	int ret;
> > > > > > > > > > +
> > > > > > > > > > +	dev_part = env_get("fw_dev_part");
> > > > > > > > > > +	if (dev_part)
> > > > > > > > > > +		set_storage_devpart(location-
> > > > > > > > > > >name,
> > > > > > > > > > dev_part);
> > > > > > > > > > +
> > > > > > > > > > +	ret = init_storage_device(location);
> > > > > > > > > > +	if (ret)
> > > > > > > > > > +		goto out;
> > > > > > > > > > +
> > > > > > > > > > +	select_fs_dev(location);
> > > > > > > > > > 
> > > > > > > > > 'ret = ' is missing.
> > > > > > > > > 
> > > > > > > > Okay.
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > +	if (ret)
> > > > > > > > > > +		goto out;
> > > > > > > > > > +
> > > > > > > > > > +	fw_priv = firmware_p->priv;
> > > > > > > > > > +
> > > > > > > > > > +	ret = fs_read(fw_priv->name,
> > > > > > > > > > (ulong)firmware_p-
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > data,
> > > > > > > > > > fw_priv->offset,
> > > > > > > > > > +		     firmware_p->size, &actread);
> > > > > > > > > > +
> > > > > > > > > > +	if (ret) {
> > > > > > > > > > +		printf("Error: %d Failed to read
> > > > > > > > > > %s
> > > > > > > > > > from
> > > > > > > > > > flash
> > > > > > > > > > %lld != %d.\n",
> > > > > > > > > > +		      ret, fw_priv->name, actread,
> > > > > > > > > > firmware_p-
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > size);
> > > > > > > > > > +		return ret;
> > > > > > > > > Y
> > > > > > > > > Shouldn't this be 'goto out', do do the
> > > > > > > > > umount_ubifs() as
> > > > > > > > > in
> > > > > > > > > all
> > > > > > > > > other
> > > > > > > > > error cases?
> > > > > > > > > 
> > > > > > > > okay.
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > 
> > > > > > > > > > +	} else {
> > > > > > > > > > +		ret = actread;
> > > > > > > > > > +	}
> > > > > > > > > > 
> > > > > > > > > What if actread != firmware_p->size?
> > > > > > > > > You handled it as an error before, now you happily
> > > > > > > > > return
> > > > > > > > > the
> > > > > > > > > number
> > > > > > > > > of
> > > > > > > > > bytes read in case of a short read.
> > > > > > > > > Operation not permitted
> > > > > > > > May be i misunderstand on ur previosly comment. There
> > > > > > > > is
> > > > > > > > not
> > > > > > > > much
> > > > > > > > 
> > > > > > > My comment was about returning -EPERM in this case.
> > > > > > > First of all you discarded the possible error code
> > > > > > > returned
> > > > > > > from
> > > > > > > fs_read() and secondly -EIO would be more appropriate
> > > > > > > than
> > > > > > > EPERM
> > > > > > > in
> > > > > > > case of reading less data than expected. 
> > > > > > > 
> > > > > > One of the reason I prefer to use -EIO instead of return
> > > > > > from
> > > > > > fs_read,
> > > > > > because i'm not sure when "actread != firmware_p->size",
> > > > > > the
> > > > > > return
> > > > > > from the fs_read is still -ve or not.
> > > > > > 
> > > > > The return code of fs_read() could be for example -ENOENT, if
> > > > > the
> > > > > file
> > > > > you try to load does not exist. Replacing it with -EIO will
> > > > > mislead
> > > > > users about the cause of the error.
> > > > > Thus, if fs_read()'s return code is < 0, you should return
> > > > > that!
> > > > > If it is zero and you decide to treat actread =! firmware_p-
> > > > > >size 
> > > > > as
> > > > > an
> > > > > error, you should return -EIO only in that case!
> > > > > 
> > > > Okay.
> > > > > 
> > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > description on fd_read, i just knowing that -ve is
> > > > > > > > error
> > > > > > > > from
> > > > > > > > function
> > > > > > > > based on other example codes in U-Boot as they check
> > > > > > > > the
> > > > > > > > error
> > > > > > > > with
> > > > > > > > "ret < 0" or "ret != 0". "actread != firmware_p->size"
> > > > > > > > is
> > > > > > > > the
> > > > > > > > additonal
> > > > > > > > checking i added myself because when i digging to the
> > > > > > > > code,
> > > > > > > > i
> > > > > > > > found
> > > > > > > > that such condition only with error printf inside the
> > > > > > > > function
> > > > > > > > without
> > > > > > > > any error code return. So, i am not sure when "actread
> > > > > > > > !=
> > > > > > > > firmware_p-
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > size", the ret would be -ve too.
> > > > > > > If 'size' is the actual size of the caller provided
> > > > > > > buffer
> > > > > > > and
> > > > > > > not
> > > > > > > the
> > > > > > > exact size of the firmware to be loaded, the condition
> > > > > > > actread !=
> > > > > > > size
> > > > > > > would not be an error at all.
> > > > > > > If 'size' designates the exact size of the firmware, that
> > > > > > > the
> > > > > > > caller
> > > > > > > may know by other means, it is obviously an error if
> > > > > > > actread
> > > > > > > !=
> > > > > > > size.
> > > > > > > Since you treated actread != size as an error in your
> > > > > > > original
> > > > > > > patch
> > > > > > > I
> > > > > > > assumed the latter case.
> > > > > > > 
> > > > > > The size here refer to the size of firmware or chunk of
> > > > > > firmware to
> > > > > > read when the buffer is smaller than firmware.
> > > > > > 
> > > > > OK. In that case, you should not print a message when actread
> > > > > !=
> > > > > firmware_p->size, since fs_read will have already printed a
> > > > > message
> > > > > due
> > > > > to this.
> > > > > 
> > > > The printed message with additional info such as ret, size and
> > > > actread.
> > > > > 
> > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > > AFAICT Linux uses the first semantics ('size' specifies
> > > > > > > the
> > > > > > > size
> > > > > > > of
> > > > > > > the
> > > > > > > caller provided buffer as an upper limit for the read()
> > > > > > > call
> > > > > > > and
> > > > > > > not
> > > > > > > the exact amount of data to be read).
> > > > > > > Unfortunately the fs_read() semantics is fundamentally
> > > > > > > broken
> > > > > > > as
> > > > > > > it
> > > > > > > interprets 'size == 0' as 'read as much data as you can
> > > > > > > get'
> > > > > > > which
> > > > > > > may
> > > > > > > easily lead to buffer overflows and prints a very
> > > > > > > unhelpful
> > > > > > > error
> > > > > > > message "<filename> shorter than offset + len" in case
> > > > > > > 'size'
> > > > > > > does
> > > > > > > not
> > > > > > > match the actual amount of data read. 
> > > > > > > 
> > > > > > > You should also consider what happens, if the firmware
> > > > > > > file
> > > > > > > you
> > > > > > > read
> > > > > > > is
> > > > > > > larger than the buffer you provided, as in that case
> > > > > > > fs_read()
> > > > > > > will
> > > > > > > stop reading at the provided buffer size and you won't be
> > > > > > > able to
> > > > > > > notice, that the file was not completely loaded!
> > > > > > > 
> > > > > > I prefer to let the caller handles this, because this
> > > > > > function
> > > > > > can
> > > > > > be
> > > > > > used to read the firmware chunk by chunk when the allocated
> > > > > > buffer
> > > > > > is
> > > > > > smaller than firmware.
> > > > > > 
> > > > > So, the caller should also check, whether the return value of
> > > > > the
> > > > > function matches the requested size and you should omit the
> > > > > special
> > > > > handling of actread != firmware_p->size in
> > > > > fw_get_filesystem_firmware()
> > > > > (as you did in the current version of your patch).
> > > > > 
> > > > Just to confirm we are in same page, the caller i means is
> > > > function
> > > > which call the request_firmware_into_buf. firmware_p->size is
> > > > the
> > > > size
> > > > gonna be read from firmware, could be part of firmware with
> > > > different
> > > > offset.
> > > > Would you mind to explain more why the special handling should
> > > > be
> > > > omitted? This special handling would return error code if
> > > > fail,or 
> > > > actread if pass to the request_firmware_into_buf.
> > > > request_firmware_into_buf just need to know status of file
> > > > reading
> > > > is
> > > > performed successfully or not.
> > > > 
> > > The point is whether to define a short read as failure and return
> > > an
> > > error code in this case or just let the caller know the actual
> > > amount
> > > of data read. If you always return the actual number of bytes
> > > read
> > > (or
> > > a negative error code), no matter whether it matches the
> > > requested
> > > size
> > > or not, the caller has all information to handle the situation
> > > correctly. It could just request a new chunk for the missing
> > > bytes in
> > > case of a short read, or handle a short read as an error
> > > condition at
> > > its own discretion. So there is no need to check the actual read
> > > size
> > > in your function.
> > > 
> > > But probably this discussion is completely vain, since if you
> > > want to
> > > load a piece of firmware, you would probably check for the
> > > existence
> > > of the file and its size beforehand, allocate a sufficiently
> > > large
> > > buffer and then call request_firmware_into_buf() with the correct
> > > size.
> > > Thus the situation actread != size should never occur anyway in
> > > practice.
> > > 
> > Okay, so you means that regardless fs_read  is success or fail,
> > just
> > return the actread to the caller, and let caller to decide the next
> > handling action, right?
> > > 
> > > 
> NOOOOO!
> If fs_read() returns an error code, you should return that of course!
> 
> If the return code from fs_read() is zero, you should just return
> actread without spewing any message and let the caller handle the
> situation appropriately.
> 
Okay, i have no problem with that.
> 
> Lothar Waßmann

     prev parent reply	other threads:[~2017-12-22  9:21 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-12-21  7:25 [U-Boot] [PATCH v5 0/2] Generic firmware loader tien.fong.chee at intel.com
2017-12-21  7:25 ` tien.fong.chee at intel.com
2017-12-21  7:25 ` [U-Boot] [PATCH v5 1/2] spl: Remove static declaration on spl_mmc_find_device function tien.fong.chee at intel.com
2017-12-21  7:25 ` [U-Boot] [PATCH v5 2/2] common: Generic firmware loader for file system tien.fong.chee at intel.com
2017-12-21  8:48   ` Lothar Waßmann
2017-12-21  9:36     ` Chee, Tien Fong
2017-12-21 11:08       ` Chee, Tien Fong
2017-12-21 11:53       ` Lothar Waßmann
2017-12-21 12:48         ` Chee, Tien Fong
2017-12-21 15:08           ` Lothar Waßmann
2017-12-22  1:43             ` Chee, Tien Fong
2017-12-22  7:44               ` Lothar Waßmann
2017-12-22  8:04                 ` Chee, Tien Fong
2017-12-22  8:47                   ` Lothar Waßmann
2017-12-22  9:21                     ` Chee, Tien Fong [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1513934514.2071.16.camel@intel.com \
    --to=tien.fong.chee@intel.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.