fix open issue 4577 TEE_SetTAPersistentTime() is not persistent accro… #7506
Conversation
There was a problem hiding this comment.
This looks a nice step into TA persistent storage support.
The commit message should be refined, e.g.:
core: tee: persistent storage of TA time offset
Implement persistent storage of TA time offset in OP-TEE
private secure storage. TA time offset value is stored in TA
stroage space under file name "ta_time_offs".
Fixes: #4577
Signed-off-by: ...
For TEE_SetTAPersistentTime() to be atomic, I think the mutex should cover both update in RAM and in persistent storage.
core/tee/tee_time_generic.c
Outdated
| #include <utee_defines.h> | ||
| #include <tee/tee_fs.h> | ||
| #include <tee/tee_pobj.h> | ||
|
|
There was a problem hiding this comment.
Nitpicking: sort in alphabetical order (and by the way swap string.h/stdlib.h ordering) and remove the last empty line.
#include <kernel/mutex.h>
#include <kernel/panic.h>
#include <kernel/tee_time.h>
#include <stdlib.h>
#include <string.h>
#include <tee/tee_fs.h>
#include <tee/tee_pobj.h>
#include <utee_defines.h>
core/tee/tee_time_generic.c
Outdated
| size_t n; | ||
| struct tee_ta_time_offs *o; |
There was a problem hiding this comment.
As per OP-TEE coding style, these require a initialization value:
| size_t n; | |
| struct tee_ta_time_offs *o; | |
| size_t n = 0; | |
| struct tee_ta_time_offs *o = NULL; |
core/tee/tee_time_generic.c
Outdated
| size_t n; | ||
| struct tee_ta_time_offs *o; | ||
|
|
||
| mutex_lock(&tee_time_mtx); |
There was a problem hiding this comment.
Could you use tabulations instead of space chars for indenation?
core/tee/tee_time_generic.c
Outdated
|
|
||
| TEE_Time o; | ||
| bool pos = false; | ||
| TEE_Result res = tee_time_ta_storage_read(uuid, &o, &pos); |
There was a problem hiding this comment.
Please define all local variables at instruction block entry (and provide them with an initialization value).
core/tee/tee_time_generic.c
Outdated
| static size_t tee_time_num_offs; | ||
| static struct mutex tee_time_mtx = MUTEX_INITIALIZER; | ||
|
|
||
| #define TA_TIME_OFFS_ID "ta_time_offs" |
There was a problem hiding this comment.
Nitpicking: could you define this macro at source file entry, before struct tee_ta_time_offs definition?
core/tee/tee_time_generic.c
Outdated
| size_t n; | ||
| struct tee_ta_time_offs *o; | ||
| size_t idx = 0; | ||
| TEE_Result res = tee_time_ta_set_offs_mem(uuid, offs, positive, &idx); |
There was a problem hiding this comment.
Need an empty line between local variable definitions and instructions. Suggestion:
TEE_Result res = TEE_ERROR_GENERIC;
size_t idx = 0;
res = tee_time_ta_set_offs_mem(uuid, offs, positive, &idx);
core/tee/tee_time_generic.c
Outdated
| NULL, 0, | ||
| NULL, 0, | ||
| &o, NULL, sizeof(o), | ||
| &fh); |
There was a problem hiding this comment.
Prefer:
res = fops->create(po, true, NULL, 0, NULL, 0, &o, NULL, sizeof(o),
&fh);
core/tee/tee_time_generic.c
Outdated
| if (!fops) | ||
| return TEE_ERROR_TIME_NOT_SET; /* storage unavailable: treat as not set */ | ||
|
|
||
| res = tee_pobj_get((TEE_UUID *)uuid, TA_TIME_OFFS_ID, |
There was a problem hiding this comment.
Needs a (void *) cast to discard const qualifier, as reported by CI make tests.
There was a problem hiding this comment.
Or perhaps even better, fix tee_pobj_get() in a separate patch.
There was a problem hiding this comment.
Indeed, adding const to the few first arguments of tee_pobj_get() would help.
|
thanks for @etienne-lms @jenswi-linaro 's detailed comments, I'm working on it. |
|
Please fix the checkpatch issues. |
working on it |
|
the checkpatch passed from my forked repo https://github.com/jarvisDang/optee_os/actions/runs/17115078518 |
|
why the code style check issues showed in the log not match my latest source code? |
In the forked repo, only one commit is checked (the topmost in the branch). Here we can see that the global diff is OK (see the "checkdiff" line), but some commits are not (see the the "checkpatch" lines). Please squash all the commits into one. |
|
@jforissier thanks for explanation, I will squash all the fixup commits and try again |
|
You can run checkpatch locally with, for instance, |
glad to know that, thanks. |
Implement persistent storage of TA time offset in OP-TEE private secure storage. TA time offset value is stored in TA storage space under file name "ta_time_offs". Fixes: OP-TEE#4577 Signed-off-by: Jarvis Dang <[email protected]>
| if (!fops) | ||
| return TEE_ERROR_NOT_SUPPORTED; | ||
|
|
||
| res = tee_pobj_get((TEE_UUID *)uuid, (void *)TA_TIME_OFFS_ID, |
There was a problem hiding this comment.
The object will be created in the object namespace for the TA/UUID in question. What if a TA has an object with this name?
I think we can manage with a dummy pobj like in check_update_version() instead. This will allow us to create an object outside the normal namespace. However, we must still be careful to avoid conflicts.
| o.positive = positive; | ||
|
|
||
| res = fops->create(po, true, NULL, 0, NULL, 0, &o, NULL, sizeof(o), | ||
| &fh); |
There was a problem hiding this comment.
Please align with the opening (.
| res = tee_time_ta_set_offs_mem(uuid, offs, positive, &idx); | ||
| if (res) | ||
| return res; | ||
| return tee_time_ta_storage_write(uuid, offs, positive); |
There was a problem hiding this comment.
What if tee_time_ta_storage_write() fails? Then we have an inconsistent state.
|
|
||
| mutex_lock(&tee_time_mtx); | ||
| for (n = 0; n < tee_time_num_offs; n++) { | ||
| if (memcmp(uuid, &tee_time_offs[n].uuid, sizeof(TEE_UUID)) |
There was a problem hiding this comment.
Prefer if (!memcmp...).
| static TEE_Result tee_time_ta_storage_read(const TEE_UUID *uuid, | ||
| TEE_Time *offs, bool *positive) | ||
| { | ||
| const struct tee_file_operations *fops = |
There was a problem hiding this comment.
Please initialize with NULL here and assign it below for cleaner code flow.
|
@jenswi-linaro sounds good suggestion, I will push more fixup commits soon. |
|
This pull request has been marked as a stale pull request because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this pull request will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time. |
…ss reboots #4577
fix open issue 4577, Link: #4577