All of lore.kernel.org
 help / color / mirror / Atom feed
From: Masami Hiramatsu <masami.hiramatsu@linaro.org>
To: Sughosh Ganu <sughosh.ganu@linaro.org>
Cc: u-boot@lists.denx.de, Heinrich Schuchardt <xypron.glpk@gmx.de>,
	 Patrick Delaunay <patrick.delaunay@foss.st.com>,
	 Patrice Chotard <patrice.chotard@foss.st.com>,
	Alexander Graf <agraf@csgraf.de>,
	AKASHI Takahiro <takahiro.akashi@linaro.org>,
	Simon Glass <sjg@chromium.org>,  Bin Meng <bmeng.cn@gmail.com>,
	Ilias Apalodimas <ilias.apalodimas@linaro.org>,
	 Jose Marinho <jose.marinho@arm.com>,
	Grant Likely <grant.likely@arm.com>,
	 Tom Rini <trini@konsulko.com>,
	Etienne Carriere <etienne.carriere@linaro.org>
Subject: Re: [PATCH v4 01/11] FWU: Add FWU metadata structure and driver for accessing metadata
Date: Tue, 8 Feb 2022 18:33:51 +0900	[thread overview]
Message-ID: <CAA93ih00GT3hYEJ0s-t238qKtjeVaiGgmPcXJEitoFh5wBNcsg@mail.gmail.com> (raw)
In-Reply-To: <20220207182001.31270-2-sughosh.ganu@linaro.org>

Hi Sughosh,

Thanks for updating the series. I have some comment on this patch.

2022年2月8日(火) 3:21 Sughosh Ganu <sughosh.ganu@linaro.org>:
[snip]
> +
> +/**
> + * fwu_get_active_index() - Get active_index from the FWU metadata
> + * @active_idx: active_index value to be read
> + *
> + * Read the active_index field from the FWU metadata and place it in
> + * the variable pointed to be the function argument.
> + *
> + * Return: 0 if OK, -ve on error
> + *
> + */
> +int fwu_get_active_index(u32 *active_idx)
> +{
> +       int ret;
> +       struct fwu_mdata *mdata = NULL;
> +
> +       ret = fwu_get_mdata(&mdata);
> +       if (ret < 0) {
> +               log_err("Unable to get valid FWU metadata\n");
> +               goto out;

Again, as we discussed previous series, please don't return unused
allocated memory if the function returns an error.
That is something like putting a burden on the callers. They always
needs to initialize the pointer before call and free it even if the
function is failed.

> +       }
> +
> +       /*
> +        * Found the FWU metadata partition, now read the active_index
> +        * value
> +        */
> +       *active_idx = mdata->active_index;
> +       if (*active_idx > CONFIG_FWU_NUM_BANKS - 1) {
> +               log_err("Active index value read is incorrect\n");
> +               ret = -EINVAL;
> +       }
> +
> +out:
> +       free(mdata);
> +
> +       return ret;
> +}
> +
> +/**
> + * fwu_update_active_index() - Update active_index from the FWU metadata
> + * @active_idx: active_index value to be updated
> + *
> + * Update the active_index field in the FWU metadata
> + *
> + * Return: 0 if OK, -ve on error
> + *
> + */
> +int fwu_update_active_index(u32 active_idx)
> +{
> +       int ret;
> +       void *buf;
> +       struct fwu_mdata *mdata = NULL;
> +
> +       if (active_idx > CONFIG_FWU_NUM_BANKS - 1) {
> +               log_err("Active index value to be updated is incorrect\n");
> +               return -1;
> +       }
> +
> +       ret = fwu_get_mdata(&mdata);
> +       if (ret < 0) {
> +               log_err("Unable to get valid FWU metadata\n");
> +               goto out;
> +       }
> +
> +       /*
> +        * Update the active index and previous_active_index fields
> +        * in the FWU metadata
> +        */
> +       mdata->previous_active_index = mdata->active_index;
> +       mdata->active_index = active_idx;
> +
> +       /*
> +        * Calculate the crc32 for the updated FWU metadata
> +        * and put the updated value in the FWU metadata crc32
> +        * field
> +        */
> +       buf = &mdata->version;
> +       mdata->crc32 = crc32(0, buf, sizeof(*mdata) - sizeof(u32));

I would like to suggest moving this crc32 calculation in the fwu_update_mdata().
If the crc32 is for detecting a broken metadata on the "storage
media", I think it should be calculated in the fwu_update_mdata() to
simplify the code and avoid unexpected bugs from mistakes. If the
crc32 is calculated right before updating metadata, we can ensure that
the crc32 is always sane except for someone breaking it on the storage
media.

Thank you,



-- 
Masami Hiramatsu

  reply	other threads:[~2022-02-08  9:34 UTC|newest]

Thread overview: 64+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-07 18:19 [PATCH v4 00/11] FWU: Add support for FWU Multi Bank Update feature Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 01/11] FWU: Add FWU metadata structure and driver for accessing metadata Sughosh Ganu
2022-02-08  9:33   ` Masami Hiramatsu [this message]
2022-02-08 10:24     ` Sughosh Ganu
2022-02-08 11:23       ` Masami Hiramatsu
2022-02-08 10:56   ` Michal Simek
2022-02-08 11:35     ` Sughosh Ganu
2022-02-08 11:39       ` Michal Simek
2022-02-08 13:36       ` Masami Hiramatsu
2022-02-08 13:45         ` Michal Simek
2022-02-08 14:14           ` Masami Hiramatsu
2022-02-08 14:27             ` Michal Simek
2022-02-08 23:39               ` Masami Hiramatsu
2022-02-09  7:21                 ` Michal Simek
2022-02-08 11:31   ` Michal Simek
2022-02-08 11:38     ` Sughosh Ganu
2022-02-08 11:44       ` Michal Simek
2022-02-08 11:54         ` Sughosh Ganu
2022-02-08 11:59           ` Michal Simek
2022-02-08 12:07             ` Sughosh Ganu
2022-02-08 12:14               ` Michal Simek
2022-02-08 12:49                 ` Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 02/11] FWU: Add FWU metadata access driver for GPT partitioned block devices Sughosh Ganu
2022-02-09  4:56   ` Masami Hiramatsu
2022-02-09  9:03     ` Sughosh Ganu
2022-02-09 11:47       ` Masami Hiramatsu
2022-02-09 18:40         ` Sughosh Ganu
2022-02-10  1:43           ` Masami Hiramatsu
2022-02-10  3:14             ` Masami Hiramatsu
2022-02-10 12:25               ` Sughosh Ganu
2022-02-11  1:58                 ` Masami Hiramatsu
2022-02-07 18:19 ` [PATCH v4 03/11] FWU: stm32mp1: Add helper functions for accessing FWU metadata Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 04/11] FWU: STM32MP1: Add support to read boot index from backup register Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 05/11] EFI: FMP: Add provision to update image's ImageTypeId in image descriptor Sughosh Ganu
2022-02-10  2:48   ` AKASHI Takahiro
2022-02-10  7:18     ` Sughosh Ganu
2022-02-10  7:58       ` AKASHI Takahiro
2022-02-10 10:10         ` Sughosh Ganu
2022-02-14  3:24           ` AKASHI Takahiro
2022-02-14  5:42             ` Sughosh Ganu
2022-02-15  1:51               ` AKASHI Takahiro
2022-02-15  6:38                 ` Sughosh Ganu
2022-02-15 14:40                   ` Ilias Apalodimas
2022-02-15 17:19                     ` Sughosh Ganu
2022-02-17  8:22                       ` Ilias Apalodimas
2022-02-17 10:10                         ` Sughosh Ganu
2022-02-26  6:54                           ` Heinrich Schuchardt
2022-02-26  9:54                             ` Sughosh Ganu
2022-03-08 13:13                               ` AKASHI Takahiro
2022-03-09  8:31                                 ` Ilias Apalodimas
2022-02-07 18:19 ` [PATCH v4 06/11] stm32mp1: Populate ImageTypeId values in EFI_FIRMWARE_IMAGE_DESCRIPTOR array Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 07/11] FWU: Add boot time checks as highlighted by the FWU specification Sughosh Ganu
2022-02-08 10:53   ` Michal Simek
2022-02-11 10:46     ` Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 08/11] FWU: Add support for FWU Multi Bank Update feature Sughosh Ganu
2022-02-07 18:19 ` [PATCH v4 09/11] FWU: cmd: Add a command to read FWU metadata Sughosh Ganu
2022-02-07 18:20 ` [PATCH v4 10/11] mkeficapsule: Add support for generating empty capsules Sughosh Ganu
2022-02-09  3:05   ` AKASHI Takahiro
2022-02-10  1:27     ` AKASHI Takahiro
2022-02-11 13:27       ` Sughosh Ganu
2022-02-11 13:25     ` Sughosh Ganu
2022-02-07 18:20 ` [PATCH v4 11/11] FWU: doc: Add documentation for the FWU feature Sughosh Ganu
2022-02-08 11:05 ` [PATCH v4 00/11] FWU: Add support for FWU Multi Bank Update feature Michal Simek
2022-02-08 12:09   ` Sughosh Ganu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAA93ih00GT3hYEJ0s-t238qKtjeVaiGgmPcXJEitoFh5wBNcsg@mail.gmail.com \
    --to=masami.hiramatsu@linaro.org \
    --cc=agraf@csgraf.de \
    --cc=bmeng.cn@gmail.com \
    --cc=etienne.carriere@linaro.org \
    --cc=grant.likely@arm.com \
    --cc=ilias.apalodimas@linaro.org \
    --cc=jose.marinho@arm.com \
    --cc=patrice.chotard@foss.st.com \
    --cc=patrick.delaunay@foss.st.com \
    --cc=sjg@chromium.org \
    --cc=sughosh.ganu@linaro.org \
    --cc=takahiro.akashi@linaro.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    --cc=xypron.glpk@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.