tee-supplicant: Support multiple ta load paths #306
Conversation
tee-supplicant/src/teec_ta_load.c
Outdated
| } | ||
|
|
||
| tofree = multi_path; | ||
| while ((single_path = strsep(&multi_path, ":")) != NULL) { |
There was a problem hiding this comment.
This parsing could be done once at startup in order to avoid doing this strdup(), strsep(), free() sequence each time a TA is to be loaded.
|
This pull request has been marked as a stale pull request because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this pull request will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time. |
|
this P-R could be tags as an enhancement. |
|
I will address the comments and update the change. |
| dev_path, destination, ta, ta_size); | ||
| for (int i = 0; i < num_ta_prefix; i++) { | ||
| res = try_load_secure_module(ta_prefix[i], | ||
| dev_path, destination, ta, ta_size); |
There was a problem hiding this comment.
fix indentation
res = try_load_secure_module(ta_prefix[i], dev_path,
destination, ta, ta_size);
tee-supplicant/src/teec_ta_load.h
Outdated
| @@ -31,6 +31,11 @@ | |||
| #define TA_BINARY_FOUND 0 | |||
| #define TA_BINARY_NOT_FOUND -1 | |||
|
|
|||
| /* support multiple TA load path */ | |||
There was a problem hiding this comment.
nitpicking: s/support/Support/
tee-supplicant/src/teec_ta_load.h
Outdated
| @@ -31,6 +31,11 @@ | |||
| #define TA_BINARY_FOUND 0 | |||
| #define TA_BINARY_NOT_FOUND -1 | |||
|
|
|||
| /* support multiple TA load path */ | |||
| #define MAX_TA_PREFIX 8 | |||
There was a problem hiding this comment.
It's likely there will be less than 8 alternate dir paths, however it would be more flexible to remove that limitation and allocated ta_prefix[] dynamically.
There was a problem hiding this comment.
Pre-allocate enough entries is efficient if the number of entries is not large. I doubt the practicality for cases with more than 8 paths. Adding code and runt time dynamic allocation for virtually non-exist case, it's kind of over kill.
There was a problem hiding this comment.
It would be better to not have built-in limitation if not strictly needed (IMHO).
I'll rely on maintainers point of view.
There was a problem hiding this comment.
That's fair. Let the maintainers to pick which way to go.
There was a problem hiding this comment.
Please pick a dynamic solution.
tee-supplicant/src/tee_supplicant.c
Outdated
| @@ -67,6 +67,9 @@ | |||
| #define RPC_BUF_SIZE (sizeof(struct tee_iocl_supp_send_arg) + \ | |||
| RPC_NUM_PARAMS * sizeof(struct tee_ioctl_param)) | |||
|
|
|||
| char *ta_prefix[MAX_TA_PREFIX] = {0}; | |||
| int num_ta_prefix = 0; | |||
There was a problem hiding this comment.
You can (should) remove the initialization value when: global variables are default zero-initialized.
CFG_TEE_CLIENT_LOAD_PATH can have multiple paths separated by :
There was a problem hiding this comment.
Many comments from me below 😉 I propose the following instead: #311.
| i = 0; | ||
| #ifdef TEEC_TEST_LOAD_PATH | ||
| test_ta_prefix_multipath = strdup(TEEC_TEST_LOAD_PATH); | ||
| if (!test_ta_prefix) { |
There was a problem hiding this comment.
test_ta_prefix_multipath
| } | ||
| while ((temp = strsep(&test_ta_prefix_multipath, ":")) != NULL) { | ||
| ta_prefix[i++] = temp; | ||
| } |
There was a problem hiding this comment.
ta_prefix[i] may be an empty string if multiple colons are found in a row.
| @@ -762,30 +769,81 @@ int main(int argc, char *argv[]) | |||
| exit(EXIT_FAILURE); | |||
| } | |||
|
|
|||
| /* Support multiple ta load paths */ | |||
There was a problem hiding this comment.
I'd rather have a helper function to parse the paths. There is duplication.
| @@ -31,6 +31,8 @@ CFG_TEE_CLIENT_LOG_FILE ?= $(CFG_TEE_FS_PARENT_PATH)/teec.log | |||
|
|
|||
| # CFG_TEE_CLIENT_LOAD_PATH | |||
| # The location of the client library file. | |||
There was a problem hiding this comment.
This line is just wrong, it should be removed. The same error is present in CMakeLists.mk.
| return try_load_secure_module(TEEC_LOAD_PATH, | ||
| dev_path, destination, ta, ta_size); | ||
| for (int i = 0; i < num_ta_prefix; i++) { | ||
| res = try_load_secure_module(ta_prefix[i], |
There was a problem hiding this comment.
Note, the documentation for try_load_secure_module() lacks the description of its first two arguments.
| exit: | ||
| free(test_ta_prefix_multipath); | ||
| free(ta_prefix_multipath); | ||
| free(ta_prefix); |
There was a problem hiding this comment.
I'm not convinced this kind of cleanup is desirable immediately before exiting.
| @@ -701,6 +704,10 @@ int main(int argc, char *argv[]) | |||
| int e = 0; | |||
| int long_index = 0; | |||
| int opt = 0; | |||
| char *test_ta_prefix_multipath = NULL; | |||
| char *ta_prefix_multipath = NULL; | |||
There was a problem hiding this comment.
The purpose of the variables is a bit hard to figure out from their names IMO.
CFG_TEE_CLIENT_LOAD_PATH can have multiple paths separated by :