tkaratapanis commented on code in PR #16734: URL: https://github.com/apache/nuttx/pull/16734#discussion_r2251089717
########## drivers/misc/optee_supplicant.c: ########## @@ -0,0 +1,608 @@ +/**************************************************************************** + * drivers/misc/optee_supplicant.c + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include <nuttx/mutex.h> +#include <nuttx/semaphore.h> +#include <nuttx/kmalloc.h> +#include <nuttx/queue.h> +#include <nuttx/idr.h> +#include <string.h> + +#include "optee.h" +#include "optee_supplicant.h" +#include "optee_msg.h" + +/**************************************************************************** + * Private Types + ****************************************************************************/ + +/* Request structure for RPCs serviced by the supplicant. */ + +struct optee_supplicant_req +{ + sq_entry_t link; + uint32_t func; + uint32_t ret; + uint32_t num_params; + FAR struct tee_ioctl_param *params; + sem_t c; +}; + +struct optee_supplicant +{ + mutex_t mutex; + int req_id; + struct sq_queue_s reqs; + FAR struct idr_s *idr; + FAR struct idr_s *shm_idr; + sem_t reqs_c; +}; + +/**************************************************************************** + * Private Data + ****************************************************************************/ + +static struct optee_supplicant g_optee_supp; + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: pop_entry + * + * Description: + * Pop the first request from the request queue, and create unique id. + * + * Parameters: + * num_params - Number of parameters passed. + * id - Pointer to the unique request id. + * + * Returned Value: + * A pointer to the request on success or NULL. + * + ****************************************************************************/ + +static FAR struct optee_supplicant_req * pop_entry(uint32_t num_params, + FAR int *id) +{ + FAR struct optee_supplicant_req *req; + + if (g_optee_supp.req_id != -1) + { + /* Mixing sync/async not supported */ + + return NULL; + } + + if (sq_empty(&g_optee_supp.reqs)) + { + return NULL; + } + + req = (struct optee_supplicant_req *)sq_remfirst(&g_optee_supp.reqs); + + /* The request can't fit in the supplicant's supplied parameter buffer. */ + + if (num_params < req->num_params) + { + return NULL; + } + + *id = idr_alloc(g_optee_supp.idr, req, 0, INT32_MAX); + if (*id < 0) + { + return NULL; + } + + return req; +} + +/**************************************************************************** + * Public Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: optee_supplicant_init + * + * Description: + * Initialize supplicant data. + * + * Parameters: + * shm_idr - A pointer, passed by reference, to the optee driver's shm_idr. + * The destruction of the shm_idr will be handled by + * optee_close(), so we only need to initialize it in this + * context. + * + * Returned Value: + * None + * + ****************************************************************************/ + +void optee_supplicant_init(FAR struct idr_s **shm_idr) +{ + memset(&g_optee_supp, 0, sizeof(g_optee_supp)); + nxmutex_init(&g_optee_supp.mutex); + nxsem_init(&g_optee_supp.reqs_c, 0, 0); + sq_init(&g_optee_supp.reqs); + g_optee_supp.idr = idr_init(); + g_optee_supp.shm_idr = idr_init(); Review Comment: We need to store a separate list with the shared memory entries managed by the `optee_supplicant`. The reason is that they are used in the following scenario: 1) An application (different from `optee_supplicant`) receives an RPC request from OP-TEE to allocate memory 2) From the context of that application, eventually, we end up to: ``` File: drivers/misc/optee_supplicant.c [...] 455 int optee_supplicant_alloc(FAR struct optee_priv_data *priv, 456 size_t size, FAR struct optee_shm **shm) 457 { 458 uint32_t ret; 459 struct tee_ioctl_param param; 460 461 param.attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; 462 param.a = OPTEE_MSG_RPC_SHM_TYPE_APPL; 463 param.b = size; 464 param.c = 0; 465 466 ret = optee_supplicant_request(OPTEE_MSG_RPC_CMD_SHM_ALLOC, 1, ¶m); 467 if (ret) 468 { 469 return optee_convert_to_errno(ret); 470 } 471 472 if (NULL == g_optee_supp.shm_idr) 473 { 474 return -ECOMM; 475 } 476 477 *shm = idr_find(g_optee_supp.shm_idr, param.c); 478 479 if (NULL == *shm) 480 { 481 return -ENOENT; 482 } 483 484 return OK; 485 } [...] ``` 3) When we reach line 466 and invoke `optee_supplicant_request()` we will wait on a semaphore untill the `optee_supplicant` user application, allocates memory (or fails). The current application will be put to sleep and scheduled out while waiting on the semaphore, signalling the completion of the request (only posted by `optee_supplicant`): ``` File: drivers/misc/optee_supplicant.c [...] 142 static uint32_t optee_supplicant_request(uint32_t func, uint32_t num_params, 143 FAR struct tee_ioctl_param *params) [...] 168 /* Wait for completion if supplicant is running. */ 169 170 while (sem_wait(&req.c) < 0) 171 { 172 } [...] ``` 4) Once the `optee_supplicant` succeeds at some point the original application will be scheduled back and will need to pass from line 477: ``` *shm = idr_find(g_optee_supp.shm_idr, param.c); ``` As you see if we didn't have a different reference for `.shm_idr`, we wouldn't be able to find that `shm` entry since it would have been allocated by `optee_supplicant` which is a different application and has different fpriv (and different `struct optee_priv_data *priv`). **In order to allow an application to search the entries allocated by** `optee_supplicant` **we must keep** `.shm_idr`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
