[v3,10/17] fs: Convert fs_read/write to take buffer instead of address

Message ID 20180615124229.35310-11-agraf@suse.de
State Superseded
Headers show
Series
  • sandbox: efi_loader support
Related show

Commit Message

Alexander Graf June 15, 2018, 12:42 p.m.
The fs_read() and fs_write() functions are internal interfaces that
naturally want to get pointers as arguments. Most users so far even
have pointers and explicitly cast them into integers just to be able
to pass them into the function.

Convert them over to instead take a pointer argument for the buffer.
That way any sandbox mapping gets greatly simplified and users of
the API intuitively know what to do.

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 board/BuR/common/common.c             |  2 +-
 board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----
 cmd/mvebu/bubt.c                      |  4 ++--
 common/splash_source.c                |  4 +++-
 drivers/bootcount/bootcount_ext.c     | 12 ++++++------
 drivers/fpga/zynqpl.c                 |  8 +++++---
 fs/fs.c                               | 20 ++++++++++----------
 include/fs.h                          | 12 ++++++------
 lib/efi_loader/efi_file.c             |  6 ++----
 9 files changed, 40 insertions(+), 38 deletions(-)

Comments

Simon Glass June 15, 2018, 2:24 p.m. | #1
Hi Alex,

On 15 June 2018 at 06:42, Alexander Graf <agraf@suse.de> wrote:
> The fs_read() and fs_write() functions are internal interfaces that
> naturally want to get pointers as arguments. Most users so far even
> have pointers and explicitly cast them into integers just to be able
> to pass them into the function.
>
> Convert them over to instead take a pointer argument for the buffer.
> That way any sandbox mapping gets greatly simplified and users of
> the API intuitively know what to do.
>
> Signed-off-by: Alexander Graf <agraf@suse.de>
> ---
>  board/BuR/common/common.c             |  2 +-
>  board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----
>  cmd/mvebu/bubt.c                      |  4 ++--
>  common/splash_source.c                |  4 +++-
>  drivers/bootcount/bootcount_ext.c     | 12 ++++++------
>  drivers/fpga/zynqpl.c                 |  8 +++++---
>  fs/fs.c                               | 20 ++++++++++----------
>  include/fs.h                          | 12 ++++++------
>  lib/efi_loader/efi_file.c             |  6 ++----
>  9 files changed, 40 insertions(+), 38 deletions(-)

U-Boot uses addresses for loading and managing images. I don't see a
good reason to change that. We expect all logging to emit an address
rather than a pointer, for example. See for example all the FIT and
legacy image stuff, bootm, all the commands, etc.

Regards,
Simon
Alexander Graf June 15, 2018, 2:30 p.m. | #2
On 15.06.18 16:24, Simon Glass wrote:
> Hi Alex,
> 
> On 15 June 2018 at 06:42, Alexander Graf <agraf@suse.de> wrote:
>> The fs_read() and fs_write() functions are internal interfaces that
>> naturally want to get pointers as arguments. Most users so far even
>> have pointers and explicitly cast them into integers just to be able
>> to pass them into the function.
>>
>> Convert them over to instead take a pointer argument for the buffer.
>> That way any sandbox mapping gets greatly simplified and users of
>> the API intuitively know what to do.
>>
>> Signed-off-by: Alexander Graf <agraf@suse.de>
>> ---
>>  board/BuR/common/common.c             |  2 +-
>>  board/gdsys/p1022/controlcenterd-id.c | 10 +++++-----
>>  cmd/mvebu/bubt.c                      |  4 ++--
>>  common/splash_source.c                |  4 +++-
>>  drivers/bootcount/bootcount_ext.c     | 12 ++++++------
>>  drivers/fpga/zynqpl.c                 |  8 +++++---
>>  fs/fs.c                               | 20 ++++++++++----------
>>  include/fs.h                          | 12 ++++++------
>>  lib/efi_loader/efi_file.c             |  6 ++----
>>  9 files changed, 40 insertions(+), 38 deletions(-)
> 
> U-Boot uses addresses for loading and managing images. I don't see a
> good reason to change that. We expect all logging to emit an address
> rather than a pointer, for example. See for example all the FIT and
> legacy image stuff, bootm, all the commands, etc.

Yes, usually the point of transition from address is when you go from
command line to internal infrastructure.

If you for example take a look at struct fstype_info in fs.c, you can
see that the read and write callbacks already use pointers.

The block equivalent of fs_read() is blk_dread() which also takes a buffer.

fs_read()/fs_write() really are the odd ones out in the API. And if you
take a look at all users of the API, I'd say 90% of them already get it
"wrong" (read: they assume a 1:1 map and just randomly cast pointers to
addresses).

So IMHO this patch really is just streamlining the API to adjust it to
the rest of the U-Boot infrastructure.


Alex

Patch

diff --git a/board/BuR/common/common.c b/board/BuR/common/common.c
index 9df19791c2..ab9d9c51cf 100644
--- a/board/BuR/common/common.c
+++ b/board/BuR/common/common.c
@@ -269,7 +269,7 @@  static int load_devicetree(void)
 		puts("load_devicetree: set_blk_dev failed.\n");
 		return -1;
 	}
-	rc = fs_read(dtbname, (u32)dtbaddr, 0, 0, &dtbsize);
+	rc = fs_read(dtbname, (u_char *)dtbaddr, 0, 0, &dtbsize);
 #endif
 	if (rc == 0) {
 		gd->fdt_blob = (void *)dtbaddr;
diff --git a/board/gdsys/p1022/controlcenterd-id.c b/board/gdsys/p1022/controlcenterd-id.c
index 7e082dff05..2f01f7b7eb 100644
--- a/board/gdsys/p1022/controlcenterd-id.c
+++ b/board/gdsys/p1022/controlcenterd-id.c
@@ -874,7 +874,7 @@  static struct key_program *load_key_chunk(const char *ifname,
 
 	if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
 		goto failure;
-	if (fs_read(path, (ulong)buf, 0, 12, &i) < 0)
+	if (fs_read(path, buf, 0, 12, &i) < 0)
 		goto failure;
 	if (i < 12)
 		goto failure;
@@ -890,7 +890,7 @@  static struct key_program *load_key_chunk(const char *ifname,
 		goto failure;
 	if (fs_set_blk_dev(ifname, dev_part_str, fs_type))
 		goto failure;
-	if (fs_read(path, (ulong)result, 0,
+	if (fs_read(path, result, 0,
 		    sizeof(struct key_program) + header.code_size, &i) < 0)
 		goto failure;
 	if (i <= 0)
@@ -1019,7 +1019,7 @@  static int second_stage_init(void)
 	struct key_program *hmac_blob = NULL;
 	const char *image_path = "/ccdm.itb";
 	char *mac_path = NULL;
-	ulong image_addr;
+	u8 *image_addr;
 	loff_t image_size;
 	uint32_t err;
 
@@ -1059,7 +1059,7 @@  static int second_stage_init(void)
 	strcat(mac_path, mac_suffix);
 
 	/* read image from mmcdev (ccdm.itb) */
-	image_addr = (ulong)get_image_location();
+	image_addr = get_image_location();
 	if (fs_set_blk_dev("mmc", mmcdev, FS_TYPE_EXT))
 		goto failure;
 	if (fs_read(image_path, image_addr, 0, 0, &image_size) < 0)
@@ -1077,7 +1077,7 @@  static int second_stage_init(void)
 		puts("corrupted mac file\n");
 		goto failure;
 	}
-	if (check_hmac(hmac_blob, (u8 *)image_addr, image_size)) {
+	if (check_hmac(hmac_blob, image_addr, image_size)) {
 		puts("image integrity could not be verified\n");
 		goto failure;
 	}
diff --git a/cmd/mvebu/bubt.c b/cmd/mvebu/bubt.c
index b4d371f305..29fff898fa 100644
--- a/cmd/mvebu/bubt.c
+++ b/cmd/mvebu/bubt.c
@@ -209,7 +209,7 @@  static size_t mmc_read_file(const char *file_name)
 	}
 
 	/* Perfrom file read */
-	rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
+	rc = fs_read(file_name, (void *)get_load_addr(), 0, 0, &act_read);
 	if (rc)
 		return 0;
 
@@ -392,7 +392,7 @@  static size_t usb_read_file(const char *file_name)
 	}
 
 	/* Perfrom file read */
-	rc = fs_read(file_name, get_load_addr(), 0, 0, &act_read);
+	rc = fs_read(file_name, (void *)get_load_addr(), 0, 0, &act_read);
 	if (rc)
 		return 0;
 
diff --git a/common/splash_source.c b/common/splash_source.c
index 62763b9ebd..79dbea12fc 100644
--- a/common/splash_source.c
+++ b/common/splash_source.c
@@ -11,6 +11,7 @@ 
 #include <fs.h>
 #include <fdt_support.h>
 #include <image.h>
+#include <mapmem.h>
 #include <nand.h>
 #include <sata.h>
 #include <spi.h>
@@ -252,7 +253,8 @@  static int splash_load_fs(struct splash_location *location, u32 bmp_load_addr)
 	}
 
 	splash_select_fs_dev(location);
-	res = fs_read(splash_file, bmp_load_addr, 0, 0, &actread);
+	res = fs_read(splash_file, map_sysmem(bmp_load_addr, bmp_size),
+		      0, 0, &actread);
 
 out:
 	if (location->ubivol != NULL)
diff --git a/drivers/bootcount/bootcount_ext.c b/drivers/bootcount/bootcount_ext.c
index 075e590896..4a46f17c15 100644
--- a/drivers/bootcount/bootcount_ext.c
+++ b/drivers/bootcount/bootcount_ext.c
@@ -24,10 +24,10 @@  void bootcount_store(ulong a)
 	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
 	buf[0] = BC_MAGIC;
 	buf[1] = (a & 0xff);
-	unmap_sysmem(buf);
 
-	ret = fs_write(CONFIG_SYS_BOOTCOUNT_EXT_NAME,
-		       CONFIG_SYS_BOOTCOUNT_ADDR, 0, 2, &len);
+	ret = fs_write(CONFIG_SYS_BOOTCOUNT_EXT_NAME, buf, 0, 2, &len);
+
+	unmap_sysmem(buf);
 	if (ret != 0)
 		puts("Error storing bootcount\n");
 }
@@ -44,14 +44,14 @@  ulong bootcount_load(void)
 		return 0;
 	}
 
-	ret = fs_read(CONFIG_SYS_BOOTCOUNT_EXT_NAME, CONFIG_SYS_BOOTCOUNT_ADDR,
-		      0, 2, &len_read);
+	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
+
+	ret = fs_read(CONFIG_SYS_BOOTCOUNT_EXT_NAME, buf, 0, 2, &len_read);
 	if (ret != 0 || len_read != 2) {
 		puts("Error loading bootcount\n");
 		return 0;
 	}
 
-	buf = map_sysmem(CONFIG_SYS_BOOTCOUNT_ADDR, 2);
 	if (buf[0] == BC_MAGIC)
 		ret = buf[1];
 
diff --git a/drivers/fpga/zynqpl.c b/drivers/fpga/zynqpl.c
index fd37d18c7f..2fba77d45f 100644
--- a/drivers/fpga/zynqpl.c
+++ b/drivers/fpga/zynqpl.c
@@ -431,7 +431,7 @@  static int zynq_loadfs(xilinx_desc *desc, const void *buf, size_t bsize,
 	if (fs_set_blk_dev(interface, dev_part, fstype))
 		return FPGA_FAIL;
 
-	if (fs_read(filename, (u32) buf, pos, blocksize, &actread) < 0)
+	if (fs_read(filename, (void *)buf, pos, blocksize, &actread) < 0)
 		return FPGA_FAIL;
 
 	if (zynq_validate_bitstream(desc, buf, bsize, blocksize, &swap,
@@ -454,10 +454,12 @@  static int zynq_loadfs(xilinx_desc *desc, const void *buf, size_t bsize,
 			return FPGA_FAIL;
 
 		if (bsize > blocksize) {
-			if (fs_read(filename, (u32) buf, pos, blocksize, &actread) < 0)
+			if (fs_read(filename, (void *)buf, pos, blocksize,
+				    &actread) < 0)
 				return FPGA_FAIL;
 		} else {
-			if (fs_read(filename, (u32) buf, pos, bsize, &actread) < 0)
+			if (fs_read(filename, (void *)buf, pos, bsize,
+				    &actread) < 0)
 				return FPGA_FAIL;
 		}
 	} while (bsize > blocksize);
diff --git a/fs/fs.c b/fs/fs.c
index 33808d549e..27ce9259d2 100644
--- a/fs/fs.c
+++ b/fs/fs.c
@@ -402,20 +402,17 @@  int fs_size(const char *filename, loff_t *size)
 	return ret;
 }
 
-int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_read(const char *filename, void *buf, loff_t offset, loff_t len,
 	    loff_t *actread)
 {
 	struct fstype_info *info = fs_get_info(fs_type);
-	void *buf;
 	int ret;
 
 	/*
 	 * We don't actually know how many bytes are being read, since len==0
 	 * means read the whole file.
 	 */
-	buf = map_sysmem(addr, len);
 	ret = info->read(filename, buf, offset, len, actread);
-	unmap_sysmem(buf);
 
 	/* If we requested a specific number of bytes, check we got it */
 	if (ret == 0 && len && *actread != len)
@@ -425,16 +422,13 @@  int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
 	return ret;
 }
 
-int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_write(const char *filename, void *buf, loff_t offset, loff_t len,
 	     loff_t *actwrite)
 {
 	struct fstype_info *info = fs_get_info(fs_type);
-	void *buf;
 	int ret;
 
-	buf = map_sysmem(addr, len);
 	ret = info->write(filename, buf, offset, len, actwrite);
-	unmap_sysmem(buf);
 
 	if (ret < 0 && len != *actwrite) {
 		printf("** Unable to write file %s **\n", filename);
@@ -529,6 +523,7 @@  int do_load(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	int ret;
 	unsigned long time;
 	char *ep;
+	void *buf;
 
 	if (argc < 2)
 		return CMD_RET_USAGE;
@@ -567,9 +562,11 @@  int do_load(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	else
 		pos = 0;
 
+	buf = map_sysmem(addr, bytes);
 	time = get_timer(0);
-	ret = fs_read(filename, addr, pos, bytes, &len_read);
+	ret = fs_read(filename, buf, pos, bytes, &len_read);
 	time = get_timer(time);
+	unmap_sysmem(buf);
 	if (ret < 0)
 		return 1;
 
@@ -623,6 +620,7 @@  int do_save(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	loff_t len;
 	int ret;
 	unsigned long time;
+	void *buf;
 
 	if (argc < 6 || argc > 7)
 		return CMD_RET_USAGE;
@@ -638,9 +636,11 @@  int do_save(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[],
 	else
 		pos = 0;
 
+	buf = map_sysmem(addr, bytes);
 	time = get_timer(0);
-	ret = fs_write(filename, addr, pos, bytes, &len);
+	ret = fs_write(filename, buf, pos, bytes, &len);
 	time = get_timer(time);
+	unmap_sysmem(buf);
 	if (ret < 0)
 		return 1;
 
diff --git a/include/fs.h b/include/fs.h
index 163da103b4..647b0c2ed2 100644
--- a/include/fs.h
+++ b/include/fs.h
@@ -76,27 +76,27 @@  int fs_size(const char *filename, loff_t *size);
  * Note that not all filesystem types support either/both offset!=0 or len!=0.
  *
  * @filename: Name of file to read from
- * @addr: The address to read into
+ * @buf: The buffer to read into
  * @offset: The offset in file to read from
  * @len: The number of bytes to read. Maybe 0 to read entire file
  * @actread: Returns the actual number of bytes read
  * @return 0 if ok with valid *actread, -1 on error conditions
  */
-int fs_read(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_read(const char *filename, void *buf, loff_t offset, loff_t len,
 	    loff_t *actread);
 
 /*
  * fs_write - Write file to the partition previously set by fs_set_blk_dev()
  * Note that not all filesystem types support offset!=0.
  *
- * @filename: Name of file to read from
- * @addr: The address to read into
- * @offset: The offset in file to read from. Maybe 0 to write to start of file
+ * @filename: Name of file to write to
+ * @buf: The buffer to read from
+ * @offset: The offset in file to write to. Maybe 0 to write to start of file
  * @len: The number of bytes to write
  * @actwrite: Returns the actual number of bytes written
  * @return 0 if ok with valid *actwrite, -1 on error conditions
  */
-int fs_write(const char *filename, ulong addr, loff_t offset, loff_t len,
+int fs_write(const char *filename, void *buf, loff_t offset, loff_t len,
 	     loff_t *actwrite);
 
 /*
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index e6a15bcb52..7bd061f395 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -233,8 +233,7 @@  static efi_status_t file_read(struct file_handle *fh, u64 *buffer_size,
 {
 	loff_t actread;
 
-	if (fs_read(fh->path, (ulong)buffer, fh->offset,
-		    *buffer_size, &actread))
+	if (fs_read(fh->path, buffer, fh->offset, *buffer_size, &actread))
 		return EFI_DEVICE_ERROR;
 
 	*buffer_size = actread;
@@ -363,8 +362,7 @@  static efi_status_t EFIAPI efi_file_write(struct efi_file_handle *file,
 		goto error;
 	}
 
-	if (fs_write(fh->path, (ulong)buffer, fh->offset, *buffer_size,
-		     &actwrite)) {
+	if (fs_write(fh->path, buffer, fh->offset, *buffer_size, &actwrite)) {
 		ret = EFI_DEVICE_ERROR;
 		goto error;
 	}