Re: [RFC PATCH v3 2/9] FWU: Add FWU metadata access functions for GPT partitioned block devices

All of lore.kernel.org
 help / color / mirror / Atom feed

From: AKASHI Takahiro <takahiro.akashi@linaro.org>
To: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: Masami Hiramatsu <masami.hiramatsu@linaro.org>,
	u-boot@lists.denx.de,
	Patrick Delaunay <patrick.delaunay@foss.st.com>,
	Patrice Chotard <patrice.chotard@foss.st.com>,
	Heinrich Schuchardt <xypron.glpk@gmx.de>,
	Alexander Graf <agraf@csgraf.de>, Simon Glass <sjg@chromium.org>,
	Bin Meng <bmeng.cn@gmail.com>,
	Ilias Apalodimas <ilias.apalodimas@linaro.org>,
	Jose Marinho <jose.marinho@arm.com>,
	Grant Likely <grant.likely@arm.com>,
	Tom Rini <trini@konsulko.com>,
	Etienne Carriere <etienne.carriere@linaro.org>
Subject: Re: [RFC PATCH v3 2/9] FWU: Add FWU metadata access functions for GPT partitioned block devices
Date: Mon, 24 Jan 2022 16:38:18 +0900	[thread overview]
Message-ID: <20220124073818.GD48616@laputa> (raw)
In-Reply-To: <CADg8p94x-xnNRLFyreev9ego9go=O6VEM9KmxF0dm3uUovjA3A@mail.gmail.com>

On Mon, Jan 24, 2022 at 12:28:24PM +0530, Sughosh Ganu wrote:
> hi Masami,
> 
> On Thu, 20 Jan 2022 at 14:13, Masami Hiramatsu
> <masami.hiramatsu@linaro.org> wrote:
> >
> > Hi Sughosh,
> >
> > 2022年1月20日(木) 3:56 Sughosh Ganu <sughosh.ganu@linaro.org>:
> >
> > > +static int fwu_gpt_update_mdata(struct fwu_mdata *mdata)
> > > +{
> > > +       int ret;
> > > +       struct blk_desc *desc;
> > > +       u16 primary_mpart = 0, secondary_mpart = 0;
> > > +
> >
> > I think this update_mdata() method (or fwu_update_mdata() wrapper)
> > should always update mdata::crc32. calculate crc32 at each call site is
> > inefficient and easy to introduce bugs.
> 
> Okay. Will do.
> 
> >
> > > +       ret = fwu_plat_get_blk_desc(&desc);
> > > +       if (ret < 0) {
> > > +               log_err("Block device not found\n");
> > > +               return -ENODEV;
> > > +       }
> > > +
> > > +       ret = gpt_get_mdata_partitions(desc, &primary_mpart,
> > > +                                         &secondary_mpart);
> > > +
> > > +       if (ret < 0) {
> > > +               log_err("Error getting the FWU metadata partitions\n");
> > > +               return -ENODEV;
> > > +       }
> > > +
> > > +       /* First write the primary partition*/
> > > +       ret = gpt_write_mdata_partition(desc, mdata, primary_mpart);
> > > +       if (ret < 0) {
> > > +               log_err("Updating primary FWU metadata partition failed\n");
> > > +               return ret;
> > > +       }
> > > +
> > > +       /* And now the replica */
> > > +       ret = gpt_write_mdata_partition(desc, mdata, secondary_mpart);
> > > +       if (ret < 0) {
> > > +               log_err("Updating secondary FWU metadata partition failed\n");
> > > +               return ret;
> > > +       }
> > > +
> > > +       return 0;
> > > +}
> > > +
> > > +static int gpt_get_mdata(struct fwu_mdata **mdata)
> > > +{
> > > +       int ret;
> > > +       struct blk_desc *desc;
> > > +       u16 primary_mpart = 0, secondary_mpart = 0;
> > > +
> > > +       ret = fwu_plat_get_blk_desc(&desc);
> > > +       if (ret < 0) {
> > > +               log_err("Block device not found\n");
> > > +               return -ENODEV;
> > > +       }
> > > +
> > > +       ret = gpt_get_mdata_partitions(desc, &primary_mpart,
> > > +                                      &secondary_mpart);
> > > +
> > > +       if (ret < 0) {
> > > +               log_err("Error getting the FWU metadata partitions\n");
> > > +               return -ENODEV;
> > > +       }
> > > +
> > > +       *mdata = malloc(sizeof(struct fwu_mdata));
> > > +       if (!*mdata) {
> > > +               log_err("Unable to allocate memory for reading FWU metadata\n");
> > > +               return -ENOMEM;
> > > +       }
> > > +
> > > +       ret = gpt_read_mdata(desc, *mdata, primary_mpart);
> > > +       if (ret < 0) {
> > > +               log_err("Failed to read the FWU metadata from the device\n");
> >
> > Also, please release mdata inside the gpt_get_mdata() itself.
> >
> > I think it is not a good design to ask caller to free mdata if get_mdata()
> > operation is failed because mdata may or may not allocated in error case.
> >
> > In success case, user must free it because it is allocated (user accessed it),
> > and in error case, user can ignore it because it should not be allocated.
> > This is simpler mind model and less memory leak chance.
> 
> I think this is confusing. It would be better to be consistent and
> have the caller free up the allocated/not allocated memory. If you
> check, the mdata pointer is being initialised to NULL in every
> instance. Calling free with a NULL pointer is a valid case, which the
> free call handles. There are multiple places in u-boot where the
> caller is freeing up the allocated memory. So i think this should not
> be an issue.

The simple rule should be that, if the function returns 0 (successfully),
the area will be allocated. If not (i.e. returns an error), the area
will not be allocated.

This will be a much more common behavior.

-Takahiro Akashi

> -sughosh
> 
> >
> > Thank you,
> > --
> > Masami Hiramatsu

next prev parent reply	other threads:[~2022-01-24  7:38 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-19 18:55 [RFC PATCH v3 0/9] FWU: Add support for FWU Multi Bank Update feature Sughosh Ganu
2022-01-19 18:55 ` [RFC PATCH v3 1/9] FWU: Add FWU metadata structure and functions for accessing metadata Sughosh Ganu
2022-01-20  5:53   ` Masami Hiramatsu
2022-01-24  6:59     ` Sughosh Ganu
2022-01-20  6:05   ` Masami Hiramatsu
2022-01-24  7:07     ` Sughosh Ganu
2022-01-20 12:18   ` Heinrich Schuchardt
2022-01-19 18:55 ` [RFC PATCH v3 2/9] FWU: Add FWU metadata access functions for GPT partitioned block devices Sughosh Ganu
2022-01-20  8:43   ` Masami Hiramatsu
2022-01-24  6:58     ` Sughosh Ganu
2022-01-24  7:17       ` Masami Hiramatsu
2022-01-24  7:38       ` AKASHI Takahiro [this message]
2022-01-20 11:27   ` Heinrich Schuchardt
2022-01-21 10:20     ` Sughosh Ganu
2022-01-19 18:55 ` [RFC PATCH v3 3/9] FWU: stm32mp1: Add helper functions for accessing FWU metadata Sughosh Ganu
2022-01-20 10:59   ` Heinrich Schuchardt
2022-01-21 10:05     ` Sughosh Ganu
2022-01-21 11:52   ` Ilias Apalodimas
2022-01-24  2:46   ` Masami Hiramatsu
2022-01-24  7:17     ` Sughosh Ganu
2022-01-19 18:55 ` [RFC PATCH v3 4/9] FWU: STM32MP1: Add support to read boot index from backup register Sughosh Ganu
2022-01-20 12:24   ` Heinrich Schuchardt
2022-01-19 18:55 ` [RFC PATCH v3 5/9] EFI: FMP: Add provision to update image's ImageTypeId in image descriptor Sughosh Ganu
2022-01-20  5:24   ` AKASHI Takahiro
2022-01-21  7:02     ` Sughosh Ganu
2022-01-24  2:33       ` AKASHI Takahiro
2022-01-24  6:27         ` Sughosh Ganu
2022-01-19 18:55 ` [RFC PATCH v3 6/9] FWU: Add boot time checks as highlighted by the FWU specification Sughosh Ganu
2022-01-21 13:15   ` Ilias Apalodimas
2022-01-19 18:55 ` [RFC PATCH v3 7/9] FWU: Add support for FWU Multi Bank Update feature Sughosh Ganu
2022-01-20  6:07   ` Masami Hiramatsu
2022-01-21  7:17     ` Sughosh Ganu
2022-01-19 18:55 ` [RFC PATCH v3 8/9] FWU: cmd: Add a command to read FWU metadata Sughosh Ganu
2022-01-20 12:28   ` Heinrich Schuchardt
2022-01-19 18:55 ` [RFC PATCH v3 9/9] mkeficapsule: Add support for generating empty capsules Sughosh Ganu
2022-01-20  2:13   ` AKASHI Takahiro
2022-01-21  6:48     ` Sughosh Ganu
2022-01-24  2:08       ` AKASHI Takahiro
2022-01-24  2:48         ` Masami Hiramatsu
2022-01-21 13:00   ` Ilias Apalodimas
2022-01-31 13:17     ` Sughosh Ganu
2022-01-20  5:31 ` [RFC PATCH v3 0/9] FWU: Add support for FWU Multi Bank Update feature AKASHI Takahiro
2022-01-21  7:10   ` Sughosh Ganu
2022-01-20 10:08 ` Heinrich Schuchardt
2022-01-21  7:15   ` Sughosh Ganu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220124073818.GD48616@laputa \
    --to=takahiro.akashi@linaro.org \
    --cc=agraf@csgraf.de \
    --cc=bmeng.cn@gmail.com \
    --cc=etienne.carriere@linaro.org \
    --cc=grant.likely@arm.com \
    --cc=ilias.apalodimas@linaro.org \
    --cc=jose.marinho@arm.com \
    --cc=masami.hiramatsu@linaro.org \
    --cc=patrice.chotard@foss.st.com \
    --cc=patrick.delaunay@foss.st.com \
    --cc=sjg@chromium.org \
    --cc=sughosh.ganu@linaro.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.