On Fri, Jan 12, 2024 at 05:20:10PM +0800, Yong Wu wrote:
Add "struct restricted_heap_ops". For the restricted memory, totally there are two steps: a) memory_alloc: Allocate the buffer in kernel; b) memory_restrict: Restrict/Protect/Secure that buffer. The memory_alloc is mandatory while memory_restrict is optinal since it may
s/optinal/optional/
be part of memory_alloc.
Signed-off-by: Yong Wu yong.wu@mediatek.com
drivers/dma-buf/heaps/restricted_heap.c | 41 ++++++++++++++++++++++++- drivers/dma-buf/heaps/restricted_heap.h | 12 ++++++++ 2 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/drivers/dma-buf/heaps/restricted_heap.c b/drivers/dma-buf/heaps/restricted_heap.c index fd7c82abd42e..8c266a0f6192 100644 --- a/drivers/dma-buf/heaps/restricted_heap.c +++ b/drivers/dma-buf/heaps/restricted_heap.c @@ -12,10 +12,44 @@ #include "restricted_heap.h" +static int +restricted_heap_memory_allocate(struct restricted_heap *heap, struct restricted_buffer *buf) +{
- const struct restricted_heap_ops *ops = heap->ops;
- int ret;
- ret = ops->memory_alloc(heap, buf);
- if (ret)
return ret;- if (ops->memory_restrict) {
ret = ops->memory_restrict(heap, buf);if (ret)goto memory_free;- }
- return 0;
+memory_free:
- ops->memory_free(heap, buf);
- return ret;
+}
+static void +restricted_heap_memory_free(struct restricted_heap *heap, struct restricted_buffer *buf) +{
- const struct restricted_heap_ops *ops = heap->ops;
- if (ops->memory_unrestrict)
ops->memory_unrestrict(heap, buf);- ops->memory_free(heap, buf);
+}
static struct dma_buf * restricted_heap_allocate(struct dma_heap *heap, unsigned long size, unsigned long fd_flags, unsigned long heap_flags) {
- struct restricted_heap *restricted_heap = dma_heap_get_drvdata(heap); struct restricted_buffer *restricted_buf; DEFINE_DMA_BUF_EXPORT_INFO(exp_info); struct dma_buf *dmabuf;
@@ -28,6 +62,9 @@ restricted_heap_allocate(struct dma_heap *heap, unsigned long size, restricted_buf->size = ALIGN(size, PAGE_SIZE); restricted_buf->heap = heap;
- ret = restricted_heap_memory_allocate(restricted_heap, restricted_buf);
Can we guarantee that "restricted_heap" here isn't NULL (i.e., heap->priv). If not perhaps we should consider adding a check for NULL in the restricted_heap_memory_allocate() function?
- if (ret)
goto err_free_buf;@@ -36,11 +73,13 @@ restricted_heap_allocate(struct dma_heap *heap, unsigned long size, dmabuf = dma_buf_export(&exp_info); if (IS_ERR(dmabuf)) { ret = PTR_ERR(dmabuf);
goto err_free_buf;
goto err_free_restricted_mem;return dmabuf; +err_free_restricted_mem:
- restricted_heap_memory_free(restricted_heap, restricted_buf);
err_free_buf: kfree(restricted_buf); return ERR_PTR(ret); diff --git a/drivers/dma-buf/heaps/restricted_heap.h b/drivers/dma-buf/heaps/restricted_heap.h index 443028f6ba3b..ddeaf9805708 100644 --- a/drivers/dma-buf/heaps/restricted_heap.h +++ b/drivers/dma-buf/heaps/restricted_heap.h @@ -15,6 +15,18 @@ struct restricted_buffer { struct restricted_heap { const char *name;
- const struct restricted_heap_ops *ops;
+};
+struct restricted_heap_ops {
This have the same name as used for the dma_heap_ops in the file restricted_heap.c, this might be a little bit confusing, or?
- int (*heap_init)(struct restricted_heap *heap);
- int (*memory_alloc)(struct restricted_heap *heap, struct restricted_buffer *buf);
- void (*memory_free)(struct restricted_heap *heap, struct restricted_buffer *buf);
- int (*memory_restrict)(struct restricted_heap *heap, struct restricted_buffer *buf);
- void (*memory_unrestrict)(struct restricted_heap *heap, struct restricted_buffer *buf);
Is the prefix "memory_" superfluous here in these ops?
Also related to a comment on the prior patch. The name here is "heap" for restricted_heap, but below you use rstrd_heap. It's the same struct, so I would advise to use the same name to avoid confusion when reading the code. As mentioned before, I think the name "rheap" would be a good choice.
}; int restricted_heap_add(struct restricted_heap *rstrd_heap); -- 2.25.1