On Fri, Jan 12, 2024 at 05:20:10PM +0800, Yong Wu wrote: > Add "struct restricted_heap_ops". For the restricted memory, totally there > are two steps: > a) memory_alloc: Allocate the buffer in kernel; > b) memory_restrict: Restrict/Protect/Secure that buffer. > The memory_alloc is mandatory while memory_restrict is optinal since it may > s/optinal/optional/ > be part of memory_alloc. > > Signed-off-by: Yong Wu <yong.wu@xxxxxxxxxxxx> > --- > drivers/dma-buf/heaps/restricted_heap.c | 41 ++++++++++++++++++++++++- > drivers/dma-buf/heaps/restricted_heap.h | 12 ++++++++ > 2 files changed, 52 insertions(+), 1 deletion(-) > > diff --git a/drivers/dma-buf/heaps/restricted_heap.c b/drivers/dma-buf/heaps/restricted_heap.c > index fd7c82abd42e..8c266a0f6192 100644 > --- a/drivers/dma-buf/heaps/restricted_heap.c > +++ b/drivers/dma-buf/heaps/restricted_heap.c > @@ -12,10 +12,44 @@ > > #include "restricted_heap.h" > > +static int > +restricted_heap_memory_allocate(struct restricted_heap *heap, struct restricted_buffer *buf) > +{ > + const struct restricted_heap_ops *ops = heap->ops; > + int ret; > + > + ret = ops->memory_alloc(heap, buf); > + if (ret) > + return ret; > + > + if (ops->memory_restrict) { > + ret = ops->memory_restrict(heap, buf); > + if (ret) > + goto memory_free; > + } > + return 0; > + > +memory_free: > + ops->memory_free(heap, buf); > + return ret; > +} > + > +static void > +restricted_heap_memory_free(struct restricted_heap *heap, struct restricted_buffer *buf) > +{ > + const struct restricted_heap_ops *ops = heap->ops; > + > + if (ops->memory_unrestrict) > + ops->memory_unrestrict(heap, buf); > + > + ops->memory_free(heap, buf); > +} > + > static struct dma_buf * > restricted_heap_allocate(struct dma_heap *heap, unsigned long size, > unsigned long fd_flags, unsigned long heap_flags) > { > + struct restricted_heap *restricted_heap = dma_heap_get_drvdata(heap); > struct restricted_buffer *restricted_buf; > DEFINE_DMA_BUF_EXPORT_INFO(exp_info); > struct dma_buf *dmabuf; > @@ -28,6 +62,9 @@ restricted_heap_allocate(struct dma_heap *heap, unsigned long size, > restricted_buf->size = ALIGN(size, PAGE_SIZE); > restricted_buf->heap = heap; > > + ret = restricted_heap_memory_allocate(restricted_heap, restricted_buf); > Can we guarantee that "restricted_heap" here isn't NULL (i.e., heap->priv). If not perhaps we should consider adding a check for NULL in the restricted_heap_memory_allocate() function? > + if (ret) > + goto err_free_buf; > exp_info.exp_name = dma_heap_get_name(heap); > exp_info.size = restricted_buf->size; > exp_info.flags = fd_flags; > @@ -36,11 +73,13 @@ restricted_heap_allocate(struct dma_heap *heap, unsigned long size, > dmabuf = dma_buf_export(&exp_info); > if (IS_ERR(dmabuf)) { > ret = PTR_ERR(dmabuf); > - goto err_free_buf; > + goto err_free_restricted_mem; > } > > return dmabuf; > > +err_free_restricted_mem: > + restricted_heap_memory_free(restricted_heap, restricted_buf); > err_free_buf: > kfree(restricted_buf); > return ERR_PTR(ret); > diff --git a/drivers/dma-buf/heaps/restricted_heap.h b/drivers/dma-buf/heaps/restricted_heap.h > index 443028f6ba3b..ddeaf9805708 100644 > --- a/drivers/dma-buf/heaps/restricted_heap.h > +++ b/drivers/dma-buf/heaps/restricted_heap.h > @@ -15,6 +15,18 @@ struct restricted_buffer { > > struct restricted_heap { > const char *name; > + > + const struct restricted_heap_ops *ops; > +}; > + > +struct restricted_heap_ops { > This have the same name as used for the dma_heap_ops in the file restricted_heap.c, this might be a little bit confusing, or? > + int (*heap_init)(struct restricted_heap *heap); > + > + int (*memory_alloc)(struct restricted_heap *heap, struct restricted_buffer *buf); > + void (*memory_free)(struct restricted_heap *heap, struct restricted_buffer *buf); > + > + int (*memory_restrict)(struct restricted_heap *heap, struct restricted_buffer *buf); > + void (*memory_unrestrict)(struct restricted_heap *heap, struct restricted_buffer *buf); > Is the prefix "memory_" superfluous here in these ops? Also related to a comment on the prior patch. The name here is "heap" for restricted_heap, but below you use rstrd_heap. It's the same struct, so I would advise to use the same name to avoid confusion when reading the code. As mentioned before, I think the name "rheap" would be a good choice. > }; > > int restricted_heap_add(struct restricted_heap *rstrd_heap); > -- > 2.25.1 > -- // Regards Joakim