add a subtest for non-NULL memref of size 0 + misc. cleanup #708
Conversation
There was a problem hiding this comment.
Comments for commit "regression 1033: remove trailing whitespace":
Prefer s/whitespace/space characters/
s/opte/OP-TEE/
Remove the empty line between Link: tag and the other tags.
For the Link: tag, maybe prefer:
- [1] Linux kernel coding style §Indentation
- Link: https://www.kernel.org/doc/html/latest/process/coding-style.html#indentation
+Link: https://www.kernel.org/doc/html/latest/process/coding-style.html#indentation [1]
There was a problem hiding this comment.
Acked-by: Etienne Carriere <[email protected]> for commit
"ta: os_test: undefine TA2TA_BUF_SIZE".
There was a problem hiding this comment.
Reviewed-by: Etienne Carriere <[email protected]> for commit
"ta: os_test: do not call TEE_CloseTASession() if session is not opened".
vincent-mailhol
force-pushed
the
ta2ta-memref-size0
branch
from
4df2897 to
dcefc81
Compare
Done, except of the whitespace occurrence in the verbatim quote which I left untouched.
Replaced by |
Ok
Checkpatch would complain. It requests message lines to be 72 char max and a |
The limit used to be 72 but is now 75: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/scripts/checkpatch.pl#n3264 Yes, it will complain. But First, because I am well aware of that specific checkpatch rule, I normally use the syntax: which do not yield any warnings and allow to give extra details (some URL are not self explanatory). I stole this syntax from someone else, do not remember who, and, since then, never received any complains on the kernel mailing. You complained about this syntax. Maybe it is too verbose: fair. So I changed it to use: This syntax is popular and often used. On my local linux kernel tree: You suggested the alternate syntax: This is not conventional. If I look at Markdown footnotes, Wikipedia footnote, Latex bibtex, or any other document in my bookshelf the So here, despite of the checkpatch warning, I am just following the majority. I hope that the above is enough to justify why I purposely violated the 75 column limit in the second iteration of my patch. While at it, I did not comment on your previous request to change As you can see, "whitespace" is the norm, "space character" is marginal. Honestly, I am really surprised to receive nitpicks on some wording or formatting that are well accepted elsewhere. |
There was a problem hiding this comment.
Honestly, I am really surprised to receive nitpicks on some wording or formatting that are well accepted elsewhere.
Maybe because I may be wrong. I often am, allow me to be. Your arguments make sense (I'm sorry you felt the need for such a long explanation but I thank you for the details). There's a checkpatch CI test on optee_test P-Rs. We'll ask our dear maintainers to enable it for you P-R and see its result.
For commit "regression 1016: add a subtest for non-NULL memref of size 0":
The overall test looks good to me but for few minor issues to address, see my review comments.
For commit "regression 1033: remove trailing space characters":
Acked-by: Etienne Carriere <[email protected]>
host/xtest/regression_1000.c
Outdated
| @@ -1377,6 +1377,7 @@ static void xtest_tee_test_1016(ADBG_Case_t *c) | |||
| TEEC_Session session = { }; | |||
| TEEC_Operation op = TEEC_OPERATION_INITIALIZER; | |||
| uint32_t ret_orig = 0; | |||
| int dummy; | |||
There was a problem hiding this comment.
Right. As per Linux coding standard, not initializing it would have been fine. But I forgot that OP-TEE introduced an extra rule to force such default initialization: https://optee.readthedocs.io/en/latest/general/coding_standards.html#coding-standards.
I will pay more attention on this point.
ta/os_test/os_test.c
Outdated
| static const TEE_UUID test_uuid = TA_OS_TEST_UUID; | ||
| TEE_TASessionHandle sess = TEE_HANDLE_NULL; | ||
| uint32_t ret_orig = 0; | ||
| TEE_Result res; |
There was a problem hiding this comment.
= TEE_ERROR_GENERIC (or any TEE_xxx result value)
There was a problem hiding this comment.
TEE_ERROR_GENERIC seems best.
ta/os_test/os_test.c
Outdated
| return TEE_ERROR_GENERIC; | ||
|
|
||
| /* | ||
| * This test expects all buffer to be non-NULL but all sizes |
There was a problem hiding this comment.
s/buffer/buffer pointers/
There was a problem hiding this comment.
I changed from buffer to memory references to get closer to the global platform vocabulary.
ta/os_test/os_test.c
Outdated
| !params[2].memref.buffer) || | ||
| (params[0].memref.size || params[1].memref.size || | ||
| params[2].memref.size)) | ||
| return TEE_ERROR_GENERIC; |
There was a problem hiding this comment.
Prefer TEE_ERROR_BAD_PARAMETERS since these are not the expected input parameters.
Ditto at line 1187.
I guess you took examples from the 3 above functions. Actually they should be fixed to use TEE_ERROR_BAD_PARAMETERS also but that out of the scope of your change.
There was a problem hiding this comment.
Yes, this is a copy/paste issue. Fixed.
There was a problem hiding this comment.
that out of the scope of your change.
Well, regardless, this series already have three clean-up patches, so while at it: 35dfc81.
ta/os_test/os_test.c
Outdated
| if ((!params[0].memref.buffer || !params[1].memref.buffer || | ||
| !params[2].memref.buffer) || | ||
| (params[0].memref.size || params[1].memref.size || | ||
| params[2].memref.size)) |
There was a problem hiding this comment.
can remove inner parentheses
Allow me another nitpicking suggestion:
if (!params[0].memref.buffer || params[0].memref.size ||
!params[1].memref.buffer || params[1].memref.size ||
!params[2].memref.buffer || params[2].memref.size)
return TEE_ERROR_BAD_PARAMETERS;That's not a strong opinion of mine, keep your ordering if you rather like.
There was a problem hiding this comment.
can remove inner parentheses
Yes, the grouping was an attend to reflect the semantic of the comment above:
if (!((all memory references are non-NULL) && (all sizes are zero)))
equivalent to:
if ((!(all memory references are non-NULL)) || (!(all sizes are zero))))
I do not mind removing those extra brackets.
Allow me another nitpicking suggestion:
if (!params[0].memref.buffer || params[0].memref.size || !params[1].memref.buffer || params[1].memref.size || !params[2].memref.buffer || params[2].memref.size) return TEE_ERROR_BAD_PARAMETERS;That's not a strong opinion of mine, keep your ordering if you rather like.
Yep, I actually also thought about this syntax before submitting the patch. OK with me, suggestion applied.
ta/os_test/os_test.c
Outdated
| res = TEE_OpenTASession(&test_uuid, TEE_TIMEOUT_INFINITE, 0, NULL, | ||
| &sess, &ret_orig); | ||
| if (res != TEE_SUCCESS) { | ||
| EMSG("%s: TEE_OpenTASession failed", __func__); |
There was a problem hiding this comment.
no need for __func__ argument. EMSG() prints the function name (and the line number).
I suggest to print res value. Could be helpful: EMSG("TEE_OpenTASession failed: %#"PRIx32, res);
There was a problem hiding this comment.
Ah, I was confused by the other use of EMSG() in the file. Example in test_mem_access_right() line 537:
EMSG("test_mem_access_right: TEE_OpenTASession failed\n");thus assuming the function name was optional. Fixed.
There was a problem hiding this comment.
While at it, I added a patch to the series to fix it: e305c14
Shame on me, I was wrong again, there's no checkpatch run for optee_test CI tests. Obviously not a big issue that said. |
vincent-mailhol
force-pushed
the
ta2ta-memref-size0
branch
from
dcefc81 to
96d46f2
Compare
There was a problem hiding this comment.
For commit "ta: os_test: return TEE_ERROR_BAD_PARAMETERS for incorrect parameters":
A Reported-by: tag should be followed by a Closes: or a Link: tag. Either add
Link: https://github.com/OP-TEE/optee_test/pull/708#discussion_r1398273025 or remove the Reported-by: tag (i don't think it's really needed here).
With that addressed: Reviewed-by: Etienne Carriere <[email protected]>.
Reviewed-by: Etienne Carriere <[email protected]> for commits
"ta: os_test: do not print caller function name in EMSG()" and
"regression 1016: add a subtest for non-NULL memref of size 0".
| "res 0x%x ret_orig 0x%x\n", (unsigned int)res, | ||
| (unsigned int)ret_orig); | ||
| EMSG("TEE_InvokeTACommand: res 0x%x ret_orig 0x%x\n", | ||
| (unsigned int)res, (unsigned int)ret_orig); |
There was a problem hiding this comment.
While you're at it, maybe you can further cleanup these message traces: remove \n terminal character (here and there) and use here PRIx32 specifier instead of "x" for res and ret_orig to avoid the cast.
However, since it's also out of the scope of your initial P-R, you can discard my comment, we'll address that with another P-R.
(edited: discard this comment, there are so many of such occurrences to address, we can definitely fix them in a dedicated P-R)
There was a problem hiding this comment.
Removing the \n is something I will never do manually. Scripts are better for that. Example:
$ echo 'EMSG("test\n")' | sed -r 's/(MSG\(".*)\\n"/\1"/g'
EMSG("test")
To apply tree wide:
git ls-files -z | xargs -0 sed -i -r 's/(MSG\(".*)\\n"/\1"/g'
It will miss a few patterns, for example if the string format is on a new line, and it may break the indentation of the newline escape in multi-lines macro. But aside of that, it should be pretty robust.
I you want to apply, please do it on top of this branch, I do not want to rebase (too lazy).
For the PRIx32, I will let someone else take care of it :)
There was a problem hiding this comment.
Follow-up here.
There was a problem hiding this comment.
I you want to apply, please do it on top of this branch, I do not want to rebase (too lazy).
For the PRIx32, I will let someone else take care of it :)
Never mind, I'll take care. Thanks for the hints, they remind me unix-like shell commands are sometimes pretty or ugly depending on the viewer's eyes.
You are right, such a rule exists (ref). It is rarely enforced so I actually did not know about it. Well, I learnt something today \o/. I discarded the |
vincent-mailhol
force-pushed
the
ta2ta-memref-size0
branch
from
96d46f2 to
d4ef7d4
Compare
ta/os_test/ta_entry.c
Outdated
| @@ -92,6 +92,9 @@ TEE_Result TA_InvokeCommandEntryPoint(void *pSessionContext, | |||
| case TA_OS_TEST_CMD_TA2TA_MEMREF: | |||
| return ta_entry_ta2ta_memref(nParamTypes, pParams); | |||
|
|
|||
| case TA_OS_TEST_CMD_TA2TA_MEMREF_SIZE0: | |||
| return ta_entry_ta2ta_memref_empty(nParamTypes, pParams); | |||
There was a problem hiding this comment.
How about naming this function ta_entry_ta2ta_memref_size0() to match the TA command ID?
There was a problem hiding this comment.
Suggestion applied in 63786dc. Thanks.
vincent-mailhol
force-pushed
the
ta2ta-memref-size0
branch
from
d4ef7d4 to
63786dc
Compare
|
|
As advised by the Linux kernel coding style [1] which OP-TEE follows: [...] don't leave whitespace at the end of lines. [1] https://www.kernel.org/doc/html/latest/process/coding-style.html#indentation Signed-off-by: Vincent Mailhol <[email protected]> Acked-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
TA2TA_BUF_SIZE is used to defined some test arrays. Using a macro instead of a const int declaration is good as it forces the declared arrays not to be variable length arrays. However, TA2TA_BUF_SIZE is defined in the middle of the translation unit. Because its use is local to ta_entry_ta2ta_memref(), undefine it after the function to make the visibility of the macro scoped. Signed-off-by: Vincent Mailhol <[email protected]> Acked-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
The TEE_ERROR_BAD_PARAMETERS return code should be prefered over TEE_ERROR_GENERIC for any failed check on the parameters. Signed-off-by: Vincent Mailhol <[email protected]> Reviewed-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
EMSG() already prints the caller function name (and the line number). As such, no need to hardcode it. Remove all usage of caller function name in EMSG(). Signed-off-by: Vincent Mailhol <[email protected]> Reviewed-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
The Global Platform specification [1] tells us that the session
parameter of TEE_CloseTASession() is:
An opened session handle
The behaviour is unspecified if the session handle is not opened.
Make sure not to call TEE_CloseTASession() with an invalid session
handle when TEE_OpenTASession() fails by either:
- doing an early return
- adding an additional cleanup label
[1] TEE Internal Core API Specification – Public Release v1.3.1,
§4.9.2 "TEE_CloseTASession"
Signed-off-by: Vincent Mailhol <[email protected]>
Reviewed-by: Etienne Carriere <[email protected]>
Reviewed-by: Jens Wiklander <[email protected]>
Add a subtest to assert that the implementation allows to forward non-NULL memref from a TA to another TA. Regression 1016 already contains tests related to forwarding memref between TAs. Thus extend this existing test with the subtest described above instead of writing a new one. The Global Platform specification allows this, however, at the time of writing, optee-os will panic. A fix is proposed at [1]. [1] core: tee_svc.c: allow to pass non-NULL memref of size 0 Link: OP-TEE/optee_os#6405 Signed-off-by: Vincent Mailhol <[email protected]> Reviewed-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>
vincent-mailhol
force-pushed
the
ta2ta-memref-size0
branch
from
63786dc to
3aea377
Compare
This is a series of four patches. The first five patches:
are clean-ups (details in patch description).
The final patch:
adds a test case for OP-TEE/optee_os#6405 as requested by @jenswi-linaro.
Note that OP-TEE/optee_os#6405 is a prerequisite of this PR. Without it, the test will fail.