From: Christoph Hellwig <hch@lst.de>
To: Jon Derrick <jonathan.derrick@intel.com>
Cc: Jens Axboe <axboe@fb.com>,
Rafael Antognolli <rafael.antognolli@intel.com>,
linux-nvme@lists.infradead.org, linux-block@vger.kernel.org,
Christoph Hellwig <hch@lst.de>,
Scott Bauer <scott.bauer@intel.com>
Subject: Re: [PATCHv2 4/5] block/sed: Embed function data into the function sequence
Date: Sat, 18 Feb 2017 09:36:05 +0100 [thread overview]
Message-ID: <20170218083605.GB11798@lst.de> (raw)
In-Reply-To: <1487376029-22662-5-git-send-email-jonathan.derrick@intel.com>
Hi Jon,
I think this is a great cleanup!
A few nitpicky comments below:
> -typedef int (*opal_step)(struct opal_dev *dev);
> +typedef struct opal_step {
> + int (*fn)(struct opal_dev *dev, void *data);
> + void *data;
> +} opal_step;
no typedefs for structure types, please.
> + opal_step *funcs;
maybe calls this member steps?
> +static int set_mbr_done(struct opal_dev *dev, void *data)
> {
> - u8 mbr_done_tf = *(u8 *)dev->func_data[dev->state];
> + u8 mbr_done_tf = *(u8 *)data;
No need for casts when going from void * to any pointer type. There are
a couple more instance below where the cast should be removed as well.
> +static int __opal_lock_unlock(struct opal_dev *dev,
> + struct opal_lock_unlock *lk_unlk)
> {
> + opal_step _unlock_funcs[] = {
> + { opal_discovery0, },
> + { start_auth_opal_session, &lk_unlk->session },
> + { NULL, lk_unlk },
> + { end_opal_session, },
> + { NULL, }
> };
>
> + if (lk_unlk->session.sum)
> + _unlock_funcs[2].fn = lock_unlock_locking_range_sum;
> + else
> + _unlock_funcs[2].fn = lock_unlock_locking_range;
>
> dev->funcs = _unlock_funcs;
I would suggest to just have two different arrays, and merge
__opal_lock_unlock into opal_lock_unlock. E.g. something like:
static int opal_lock_unlock(struct opal_dev *dev,
struct opal_lock_unlock *lk_unlk)
{
const struct opal_step unlock_funcs[] = {
{ opal_discovery0, },
{ start_auth_opal_session, &lk_unlk->session },
{ lock_unlock_locking_range, lk_unlk },
{ end_opal_session, },
{ NULL, }
};
const struct opal_step unlock_sun_funcs[] = {
{ opal_discovery0, },
{ start_auth_opal_session, &lk_unlk->session },
{ lock_unlock_locking_range_sum, lk_unlk },
{ end_opal_session, },
{ NULL, }
};
int ret;
if (lk_unlk->session.who < OPAL_ADMIN1 ||
lk_unlk->session.who > OPAL_USER9)
return -EINVAL;
mutex_lock(&dev->dev_lock);
setup_opal_dev(dev, lk_unlk->session.sum ?
unlock_sum_funcs : unlock_funcs);
ret = next(dev);
mutex_unlock(&dev->dev_lock);
return ret;
}
and yes, I noticed that all the opal_step structures really should
be marked const, especially given that they contain function pointers
and are potential exploit targets. Please apply that everywhere.
_______________________________________________
Linux-nvme mailing list
Linux-nvme@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-nvme
WARNING: multiple messages have this Message-ID (diff)
From: hch@lst.de (Christoph Hellwig)
Subject: [PATCHv2 4/5] block/sed: Embed function data into the function sequence
Date: Sat, 18 Feb 2017 09:36:05 +0100 [thread overview]
Message-ID: <20170218083605.GB11798@lst.de> (raw)
In-Reply-To: <1487376029-22662-5-git-send-email-jonathan.derrick@intel.com>
Hi Jon,
I think this is a great cleanup!
A few nitpicky comments below:
> -typedef int (*opal_step)(struct opal_dev *dev);
> +typedef struct opal_step {
> + int (*fn)(struct opal_dev *dev, void *data);
> + void *data;
> +} opal_step;
no typedefs for structure types, please.
> + opal_step *funcs;
maybe calls this member steps?
> +static int set_mbr_done(struct opal_dev *dev, void *data)
> {
> - u8 mbr_done_tf = *(u8 *)dev->func_data[dev->state];
> + u8 mbr_done_tf = *(u8 *)data;
No need for casts when going from void * to any pointer type. There are
a couple more instance below where the cast should be removed as well.
> +static int __opal_lock_unlock(struct opal_dev *dev,
> + struct opal_lock_unlock *lk_unlk)
> {
> + opal_step _unlock_funcs[] = {
> + { opal_discovery0, },
> + { start_auth_opal_session, &lk_unlk->session },
> + { NULL, lk_unlk },
> + { end_opal_session, },
> + { NULL, }
> };
>
> + if (lk_unlk->session.sum)
> + _unlock_funcs[2].fn = lock_unlock_locking_range_sum;
> + else
> + _unlock_funcs[2].fn = lock_unlock_locking_range;
>
> dev->funcs = _unlock_funcs;
I would suggest to just have two different arrays, and merge
__opal_lock_unlock into opal_lock_unlock. E.g. something like:
static int opal_lock_unlock(struct opal_dev *dev,
struct opal_lock_unlock *lk_unlk)
{
const struct opal_step unlock_funcs[] = {
{ opal_discovery0, },
{ start_auth_opal_session, &lk_unlk->session },
{ lock_unlock_locking_range, lk_unlk },
{ end_opal_session, },
{ NULL, }
};
const struct opal_step unlock_sun_funcs[] = {
{ opal_discovery0, },
{ start_auth_opal_session, &lk_unlk->session },
{ lock_unlock_locking_range_sum, lk_unlk },
{ end_opal_session, },
{ NULL, }
};
int ret;
if (lk_unlk->session.who < OPAL_ADMIN1 ||
lk_unlk->session.who > OPAL_USER9)
return -EINVAL;
mutex_lock(&dev->dev_lock);
setup_opal_dev(dev, lk_unlk->session.sum ?
unlock_sum_funcs : unlock_funcs);
ret = next(dev);
mutex_unlock(&dev->dev_lock);
return ret;
}
and yes, I noticed that all the opal_step structures really should
be marked const, especially given that they contain function pointers
and are potential exploit targets. Please apply that everywhere.
next prev parent reply other threads:[~2017-02-18 8:36 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-18 0:00 [PATCHv2 0/5] OPAL patche'd cont'd Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 0:00 ` [PATCHv2 1/5] block/sed: Use ssize_t on atom parsers to return errors Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 0:00 ` [PATCHv2 2/5] block/sed: Add helper to qualify response tokens Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 0:00 ` [PATCHv2 3/5] block/sed: Check received header lengths Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 0:00 ` [PATCHv2 4/5] block/sed: Embed function data into the function sequence Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 8:36 ` Christoph Hellwig [this message]
2017-02-18 8:36 ` Christoph Hellwig
2017-02-18 15:52 ` Scott Bauer
2017-02-18 15:52 ` Scott Bauer
2017-02-18 16:22 ` Christoph Hellwig
2017-02-18 16:22 ` Christoph Hellwig
2017-02-18 0:00 ` [PATCHv2 5/5] block/sed: Eliminate state variable Jon Derrick
2017-02-18 0:00 ` Jon Derrick
2017-02-18 8:36 ` Christoph Hellwig
2017-02-18 8:36 ` Christoph Hellwig
2017-02-18 8:24 ` [PATCHv2 0/5] OPAL patche'd cont'd Christoph Hellwig
2017-02-18 8:24 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170218083605.GB11798@lst.de \
--to=hch@lst.de \
--cc=axboe@fb.com \
--cc=jonathan.derrick@intel.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=rafael.antognolli@intel.com \
--cc=scott.bauer@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.