[PATCH 5/6] staging: vc04_services: Handle conversion from VCHIQ_SERVICE_HANDLE_T to VCHI_SERVICE_HANDLE_T

mzoran at crowfest.net mzoran at crowfest.net
Wed Oct 19 15:58:48 PDT 2016 

From: Michael Zoran <mzoran at crowfest.net>

A VCHIQ_SERVICE_HANDLE_T which is an int is stuffed into a
VCHI_SERVICE_HANDLE_T which is a pointer, passed around, then
converted back to a VCHIQ_SERVICE_HANDLE_T. Since the data is
always actually a VCHIQ_SERVICE_HANDLE_T(int), never actually a
pointer, it is safe to simply cast the two back in forth.

Note that pointers are never stuffed into an int.

Signed-off-by: Michael Zoran <mzoran at crowfest.net>
Reviewed-by: Eric Anholt <eric at anholt.net>
---
 .../vc04_services/interface/vchiq_arm/vchiq_shim.c | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_shim.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_shim.c
index 8072ff6..49f9d6a 100644
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_shim.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_shim.c
@@ -400,8 +400,16 @@ EXPORT_SYMBOL(vchi_msg_queuev);
  ***********************************************************/
 int32_t vchi_held_msg_release(VCHI_HELD_MSG_T *message)
 {
-	vchiq_release_message((VCHIQ_SERVICE_HANDLE_T)message->service,
-		(VCHIQ_HEADER_T *)message->message);
+	/*
+	 * Convert the service field pointer back to an
+	 * VCHIQ_SERVICE_HANDLE_T which is an int.
+	 * This pointer is opaque to everything except
+	 * vchi_msg_hold which simply upcasted the int
+	 * to a pointer.
+	 */
+
+	vchiq_release_message((VCHIQ_SERVICE_HANDLE_T)(long)message->service,
+			      (VCHIQ_HEADER_T *)message->message);
 
 	return 0;
 }
@@ -445,8 +453,16 @@ int32_t vchi_msg_hold(VCHI_SERVICE_HANDLE_T handle,
 	*data = header->data;
 	*msg_size = header->size;
 
+	/*
+	 * upcast the VCHIQ_SERVICE_HANDLE_T which is an int
+	 * to a pointer and stuff it in the held message.
+	 * This pointer is opaque to everything except
+	 * vchi_held_msg_release which simply downcasts it back
+	 * to an int.
+	 */
+
 	message_handle->service =
-		(struct opaque_vchi_service_t *)service->handle;
+		(struct opaque_vchi_service_t *)(long)service->handle;
 	message_handle->message = header;
 
 	return 0;
-- 
2.9.3

More information about the linux-rpi-kernel mailing list