-
Notifications
You must be signed in to change notification settings - Fork 240
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tee-supplicant: Support multiple ta load paths #306
base: master
Are you sure you want to change the base?
Conversation
tee-supplicant/src/teec_ta_load.c
Outdated
} | ||
|
||
tofree = multi_path; | ||
while ((single_path = strsep(&multi_path, ":")) != NULL) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This parsing could be done once at startup in order to avoid doing this strdup()
, strsep()
, free()
sequence each time a TA is to be loaded.
This pull request has been marked as a stale pull request because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this pull request will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time. |
this P-R could be tags as an enhancement. |
I will address the comments and update the change. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the update.
Please fix commit message to also mention TEEC_LOAD_PATH
TEEC_TEST_LOAD_PATH
and add your Signed-off-by
tag.
(edited)
dev_path, destination, ta, ta_size); | ||
for (int i = 0; i < num_ta_prefix; i++) { | ||
res = try_load_secure_module(ta_prefix[i], | ||
dev_path, destination, ta, ta_size); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fix indentation
res = try_load_secure_module(ta_prefix[i], dev_path,
destination, ta, ta_size);
tee-supplicant/src/teec_ta_load.h
Outdated
@@ -31,6 +31,11 @@ | |||
#define TA_BINARY_FOUND 0 | |||
#define TA_BINARY_NOT_FOUND -1 | |||
|
|||
/* support multiple TA load path */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nitpicking: s/support/Support/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will fix.
tee-supplicant/src/teec_ta_load.h
Outdated
@@ -31,6 +31,11 @@ | |||
#define TA_BINARY_FOUND 0 | |||
#define TA_BINARY_NOT_FOUND -1 | |||
|
|||
/* support multiple TA load path */ | |||
#define MAX_TA_PREFIX 8 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's likely there will be less than 8 alternate dir paths, however it would be more flexible to remove that limitation and allocated ta_prefix[]
dynamically.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pre-allocate enough entries is efficient if the number of entries is not large. I doubt the practicality for cases with more than 8 paths. Adding code and runt time dynamic allocation for virtually non-exist case, it's kind of over kill.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be better to not have built-in limitation if not strictly needed (IMHO).
I'll rely on maintainers point of view.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's fair. Let the maintainers to pick which way to go.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please pick a dynamic solution.
tee-supplicant/src/tee_supplicant.c
Outdated
@@ -67,6 +67,9 @@ | |||
#define RPC_BUF_SIZE (sizeof(struct tee_iocl_supp_send_arg) + \ | |||
RPC_NUM_PARAMS * sizeof(struct tee_ioctl_param)) | |||
|
|||
char *ta_prefix[MAX_TA_PREFIX] = {0}; | |||
int num_ta_prefix = 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can (should) remove the initialization value when: global variables are default zero-initialized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will remove the values.
CFG_TEE_CLIENT_LOAD_PATH can have multiple paths separated by :
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Many comments from me below 😉 I propose the following instead: #311.
i = 0; | ||
#ifdef TEEC_TEST_LOAD_PATH | ||
test_ta_prefix_multipath = strdup(TEEC_TEST_LOAD_PATH); | ||
if (!test_ta_prefix) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
test_ta_prefix_multipath
} | ||
while ((temp = strsep(&test_ta_prefix_multipath, ":")) != NULL) { | ||
ta_prefix[i++] = temp; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ta_prefix[i]
may be an empty string if multiple colons are found in a row.
@@ -762,30 +769,81 @@ int main(int argc, char *argv[]) | |||
exit(EXIT_FAILURE); | |||
} | |||
|
|||
/* Support multiple ta load paths */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd rather have a helper function to parse the paths. There is duplication.
@@ -31,6 +31,8 @@ CFG_TEE_CLIENT_LOG_FILE ?= $(CFG_TEE_FS_PARENT_PATH)/teec.log | |||
|
|||
# CFG_TEE_CLIENT_LOAD_PATH | |||
# The location of the client library file. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This line is just wrong, it should be removed. The same error is present in CMakeLists.mk
.
return try_load_secure_module(TEEC_LOAD_PATH, | ||
dev_path, destination, ta, ta_size); | ||
for (int i = 0; i < num_ta_prefix; i++) { | ||
res = try_load_secure_module(ta_prefix[i], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note, the documentation for try_load_secure_module()
lacks the description of its first two arguments.
exit: | ||
free(test_ta_prefix_multipath); | ||
free(ta_prefix_multipath); | ||
free(ta_prefix); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not convinced this kind of cleanup is desirable immediately before exiting.
@@ -701,6 +704,10 @@ int main(int argc, char *argv[]) | |||
int e = 0; | |||
int long_index = 0; | |||
int opt = 0; | |||
char *test_ta_prefix_multipath = NULL; | |||
char *ta_prefix_multipath = NULL; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The purpose of the variables is a bit hard to figure out from their names IMO.
CFG_TEE_CLIENT_LOAD_PATH can have multiple paths separated by :