On Wed, Jun 20, 2018 at 08:02:09PM -0600, Simon Glass wrote:
kOn 18 June 2018 at 09:23, Alexander Graf agraf@suse.de wrote:
The fs_read() and fs_write() functions are internal interfaces that naturally want to get pointers as arguments. Most users so far even have pointers and explicitly cast them into integers just to be able to pass them into the function.
Convert them over to instead take a pointer argument for the buffer. That way any sandbox mapping gets greatly simplified and users of the API intuitively know what to do.
Signed-off-by: Alexander Graf agraf@suse.de
board/BuR/common/common.c | 2 +- board/gdsys/p1022/controlcenterd-id.c | 10 +++++----- cmd/mvebu/bubt.c | 4 ++-- common/splash_source.c | 4 +++- drivers/bootcount/bootcount_ext.c | 12 ++++++------ drivers/fpga/zynqpl.c | 8 +++++--- fs/fs.c | 20 ++++++++++---------- include/fs.h | 12 ++++++------ lib/efi_loader/efi_file.c | 6 ++---- 9 files changed, 40 insertions(+), 38 deletions(-)
As mentioned before, we should not change this API. There is no need - U-Boot uses addresses, and this just expands the scope of the sandbox private address.
What we have, in either case, is imperfect. We're basically hiding some funky details for sandbox support inside of fs_read/fs_write. That with this patch we're moving more of the sandbox wrappers around is something I don't see as a positive change. We also don't drop all casts in the callers. Some go away, some get changed, at least one gets added. In the end, I don't think this patch is a win. Thanks!