[06/14] crypto: Make errp the last parameter of functions

Submitted by Fam Zheng on April 21, 2017, 12:27 p.m.

Details

Message ID 20170421122710.15373-7-famz@redhat.com
State New
Headers show

Commit Message

Fam Zheng April 21, 2017, 12:27 p.m.
Move opaque to 2nd instead of the 2nd to last, so that compilers help
check with the convertion.

Signed-off-by: Fam Zheng <famz@redhat.com>
---
 block/crypto.c            | 12 ++++++------
 crypto/block-luks.c       | 21 +++++++++------------
 include/crypto/block.h    | 12 ++++++------
 tests/test-crypto-block.c | 12 ++++++------
 4 files changed, 27 insertions(+), 30 deletions(-)

Comments

Eric Blake April 21, 2017, 2:35 p.m.
On 04/21/2017 07:27 AM, Fam Zheng wrote:
> Move opaque to 2nd instead of the 2nd to last, so that compilers help
> check with the convertion.

s/convertion/conversion/

> 
> Signed-off-by: Fam Zheng <famz@redhat.com>
> ---
>  block/crypto.c            | 12 ++++++------
>  crypto/block-luks.c       | 21 +++++++++------------
>  include/crypto/block.h    | 12 ++++++------
>  tests/test-crypto-block.c | 12 ++++++------
>  4 files changed, 27 insertions(+), 30 deletions(-)
> 

crypto/block-qcow.c also refers to the changed the types, but does not
care about its parameters, so it looks like you got everything.
Daniel P. Berrange April 24, 2017, 8:28 a.m.
On Fri, Apr 21, 2017 at 08:27:02PM +0800, Fam Zheng wrote:
> Move opaque to 2nd instead of the 2nd to last, so that compilers help
> check with the convertion.

Moving 'opaque' like this should not be done.

If you want the compiler to check the fixes, it should be done in
just two stages. First move errp & move opaque to start, compile
it & verify. Then put opaque back to where it was, and compile
again. The resulting commit thus only has the errp move, not the
unrelated & uneccessary opaque move.

> 
> Signed-off-by: Fam Zheng <famz@redhat.com>
> ---
>  block/crypto.c            | 12 ++++++------
>  crypto/block-luks.c       | 21 +++++++++------------
>  include/crypto/block.h    | 12 ++++++------
>  tests/test-crypto-block.c | 12 ++++++------
>  4 files changed, 27 insertions(+), 30 deletions(-)
> 
> diff --git a/block/crypto.c b/block/crypto.c
> index 4a20388..34549b2 100644
> --- a/block/crypto.c
> +++ b/block/crypto.c
> @@ -56,11 +56,11 @@ static int block_crypto_probe_generic(QCryptoBlockFormat format,
>  
>  
>  static ssize_t block_crypto_read_func(QCryptoBlock *block,
> +                                      void *opaque,
>                                        size_t offset,
>                                        uint8_t *buf,
>                                        size_t buflen,
> -                                      Error **errp,
> -                                      void *opaque)
> +                                      Error **errp)
>  {
>      BlockDriverState *bs = opaque;
>      ssize_t ret;
> @@ -83,11 +83,11 @@ struct BlockCryptoCreateData {
>  
>  
>  static ssize_t block_crypto_write_func(QCryptoBlock *block,
> +                                       void *opaque,
>                                         size_t offset,
>                                         const uint8_t *buf,
>                                         size_t buflen,
> -                                       Error **errp,
> -                                       void *opaque)
> +                                       Error **errp)
>  {
>      struct BlockCryptoCreateData *data = opaque;
>      ssize_t ret;
> @@ -102,9 +102,9 @@ static ssize_t block_crypto_write_func(QCryptoBlock *block,
>  
>  
>  static ssize_t block_crypto_init_func(QCryptoBlock *block,
> +                                      void *opaque,
>                                        size_t headerlen,
> -                                      Error **errp,
> -                                      void *opaque)
> +                                      Error **errp)
>  {
>      struct BlockCryptoCreateData *data = opaque;
>      int ret;
> diff --git a/crypto/block-luks.c b/crypto/block-luks.c
> index 4530f82..d5a31bb 100644
> --- a/crypto/block-luks.c
> +++ b/crypto/block-luks.c
> @@ -473,10 +473,10 @@ qcrypto_block_luks_load_key(QCryptoBlock *block,
>       * then encrypted.
>       */
>      rv = readfunc(block,
> +                  opaque,
>                    slot->key_offset * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
>                    splitkey, splitkeylen,
> -                  errp,
> -                  opaque);
> +                  errp);
>      if (rv < 0) {
>          goto cleanup;
>      }
> @@ -676,11 +676,10 @@ qcrypto_block_luks_open(QCryptoBlock *block,
>  
>      /* Read the entire LUKS header, minus the key material from
>       * the underlying device */
> -    rv = readfunc(block, 0,
> +    rv = readfunc(block, opaque, 0,
>                    (uint8_t *)&luks->header,
>                    sizeof(luks->header),
> -                  errp,
> -                  opaque);
> +                  errp);
>      if (rv < 0) {
>          ret = rv;
>          goto fail;
> @@ -1246,7 +1245,7 @@ qcrypto_block_luks_create(QCryptoBlock *block,
>          QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
>  
>      /* Reserve header space to match payload offset */
> -    initfunc(block, block->payload_offset, &local_err, opaque);
> +    initfunc(block, opaque, block->payload_offset, &local_err);
>      if (local_err) {
>          error_propagate(errp, local_err);
>          goto error;
> @@ -1268,11 +1267,10 @@ qcrypto_block_luks_create(QCryptoBlock *block,
>  
>  
>      /* Write out the partition header and key slot headers */
> -    writefunc(block, 0,
> +    writefunc(block, opaque, 0,
>                (const uint8_t *)&luks->header,
>                sizeof(luks->header),
> -              &local_err,
> -              opaque);
> +              &local_err);
>  
>      /* Delay checking local_err until we've byte-swapped */
>  
> @@ -1297,12 +1295,11 @@ qcrypto_block_luks_create(QCryptoBlock *block,
>  
>      /* Write out the master key material, starting at the
>       * sector immediately following the partition header. */
> -    if (writefunc(block,
> +    if (writefunc(block, opaque,
>                    luks->header.key_slots[0].key_offset *
>                    QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
>                    splitkey, splitkeylen,
> -                  errp,
> -                  opaque) != splitkeylen) {
> +                  errp) != splitkeylen) {
>          goto error;
>      }
>  
> diff --git a/include/crypto/block.h b/include/crypto/block.h
> index b6971de..4a053a3 100644
> --- a/include/crypto/block.h
> +++ b/include/crypto/block.h
> @@ -30,23 +30,23 @@ typedef struct QCryptoBlock QCryptoBlock;
>   * and QCryptoBlockOpenOptions in qapi/crypto.json */
>  
>  typedef ssize_t (*QCryptoBlockReadFunc)(QCryptoBlock *block,
> +                                        void *opaque,
>                                          size_t offset,
>                                          uint8_t *buf,
>                                          size_t buflen,
> -                                        Error **errp,
> -                                        void *opaque);
> +                                        Error **errp);
>  
>  typedef ssize_t (*QCryptoBlockInitFunc)(QCryptoBlock *block,
> +                                        void *opaque,
>                                          size_t headerlen,
> -                                        Error **errp,
> -                                        void *opaque);
> +                                        Error **errp);
>  
>  typedef ssize_t (*QCryptoBlockWriteFunc)(QCryptoBlock *block,
> +                                         void *opaque,
>                                           size_t offset,
>                                           const uint8_t *buf,
>                                           size_t buflen,
> -                                         Error **errp,
> -                                         void *opaque);
> +                                         Error **errp);
>  
>  /**
>   * qcrypto_block_has_format:
> diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c
> index 1957a86..85e6603 100644
> --- a/tests/test-crypto-block.c
> +++ b/tests/test-crypto-block.c
> @@ -187,11 +187,11 @@ static struct QCryptoBlockTestData {
>  
>  
>  static ssize_t test_block_read_func(QCryptoBlock *block,
> +                                    void *opaque,
>                                      size_t offset,
>                                      uint8_t *buf,
>                                      size_t buflen,
> -                                    Error **errp,
> -                                    void *opaque)
> +                                    Error **errp)
>  {
>      Buffer *header = opaque;
>  
> @@ -204,9 +204,9 @@ static ssize_t test_block_read_func(QCryptoBlock *block,
>  
>  
>  static ssize_t test_block_init_func(QCryptoBlock *block,
> +                                    void *opaque,
>                                      size_t headerlen,
> -                                    Error **errp,
> -                                    void *opaque)
> +                                    Error **errp)
>  {
>      Buffer *header = opaque;
>  
> @@ -219,11 +219,11 @@ static ssize_t test_block_init_func(QCryptoBlock *block,
>  
>  
>  static ssize_t test_block_write_func(QCryptoBlock *block,
> +                                     void *opaque,
>                                       size_t offset,
>                                       const uint8_t *buf,
>                                       size_t buflen,
> -                                     Error **errp,
> -                                     void *opaque)
> +                                     Error **errp)
>  {
>      Buffer *header = opaque;
>  
> -- 
> 2.9.3
> 
> 

Regards,
Daniel
Fam Zheng April 24, 2017, 8:43 a.m.
On Mon, 04/24 09:28, Daniel P. Berrange wrote:
> On Fri, Apr 21, 2017 at 08:27:02PM +0800, Fam Zheng wrote:
> > Move opaque to 2nd instead of the 2nd to last, so that compilers help
> > check with the convertion.
> 
> Moving 'opaque' like this should not be done.
> 
> If you want the compiler to check the fixes, it should be done in
> just two stages. First move errp & move opaque to start, compile
> it & verify. Then put opaque back to where it was, and compile
> again. The resulting commit thus only has the errp move, not the
> unrelated & uneccessary opaque move.

The idea is to let everyone's compiler verifies this patch, and also to avoid
possible bugs introduced in backporting/rebasing/merging - for example if a
patch in another tree addes one more implementation that uses the old order, we
can notice.

If you don't like this, we can be careful and don't move opaque; or after a
short while, move opaque back in a separate commit (since Markus already sent a
pull request).

Fam
Markus Armbruster April 24, 2017, 9:24 a.m.
Fam Zheng <famz@redhat.com> writes:

> On Mon, 04/24 09:28, Daniel P. Berrange wrote:
>> On Fri, Apr 21, 2017 at 08:27:02PM +0800, Fam Zheng wrote:
>> > Move opaque to 2nd instead of the 2nd to last, so that compilers help
>> > check with the convertion.
>> 
>> Moving 'opaque' like this should not be done.
>> 
>> If you want the compiler to check the fixes, it should be done in
>> just two stages. First move errp & move opaque to start, compile
>> it & verify. Then put opaque back to where it was, and compile
>> again. The resulting commit thus only has the errp move, not the
>> unrelated & uneccessary opaque move.
>
> The idea is to let everyone's compiler verifies this patch, and also to avoid
> possible bugs introduced in backporting/rebasing/merging - for example if a
> patch in another tree addes one more implementation that uses the old order, we
> can notice.
>
> If you don't like this, we can be careful and don't move opaque; or after a
> short while, move opaque back in a separate commit (since Markus already sent a
> pull request).

I'm prepared to NAK my pull request if we think we need more time to
discuss the patches.
Daniel P. Berrange April 24, 2017, 9:27 a.m.
On Mon, Apr 24, 2017 at 11:24:31AM +0200, Markus Armbruster wrote:
> Fam Zheng <famz@redhat.com> writes:
> 
> > On Mon, 04/24 09:28, Daniel P. Berrange wrote:
> >> On Fri, Apr 21, 2017 at 08:27:02PM +0800, Fam Zheng wrote:
> >> > Move opaque to 2nd instead of the 2nd to last, so that compilers help
> >> > check with the convertion.
> >> 
> >> Moving 'opaque' like this should not be done.
> >> 
> >> If you want the compiler to check the fixes, it should be done in
> >> just two stages. First move errp & move opaque to start, compile
> >> it & verify. Then put opaque back to where it was, and compile
> >> again. The resulting commit thus only has the errp move, not the
> >> unrelated & uneccessary opaque move.
> >
> > The idea is to let everyone's compiler verifies this patch, and also to avoid
> > possible bugs introduced in backporting/rebasing/merging - for example if a
> > patch in another tree addes one more implementation that uses the old order, we
> > can notice.

That is true in general, but in reality this particular function is not
widely used and so chance of there being another out of tree impl is
essentially zero.

> >
> > If you don't like this, we can be careful and don't move opaque; or after a
> > short while, move opaque back in a separate commit (since Markus already sent a
> > pull request).
> 
> I'm prepared to NAK my pull request if we think we need more time to
> discuss the patches.

It isn't a big deal either way. I can just send a follow up patch if needed

Regards,
Daniel

Patch hide | download patch | download mbox

diff --git a/block/crypto.c b/block/crypto.c
index 4a20388..34549b2 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -56,11 +56,11 @@  static int block_crypto_probe_generic(QCryptoBlockFormat format,
 
 
 static ssize_t block_crypto_read_func(QCryptoBlock *block,
+                                      void *opaque,
                                       size_t offset,
                                       uint8_t *buf,
                                       size_t buflen,
-                                      Error **errp,
-                                      void *opaque)
+                                      Error **errp)
 {
     BlockDriverState *bs = opaque;
     ssize_t ret;
@@ -83,11 +83,11 @@  struct BlockCryptoCreateData {
 
 
 static ssize_t block_crypto_write_func(QCryptoBlock *block,
+                                       void *opaque,
                                        size_t offset,
                                        const uint8_t *buf,
                                        size_t buflen,
-                                       Error **errp,
-                                       void *opaque)
+                                       Error **errp)
 {
     struct BlockCryptoCreateData *data = opaque;
     ssize_t ret;
@@ -102,9 +102,9 @@  static ssize_t block_crypto_write_func(QCryptoBlock *block,
 
 
 static ssize_t block_crypto_init_func(QCryptoBlock *block,
+                                      void *opaque,
                                       size_t headerlen,
-                                      Error **errp,
-                                      void *opaque)
+                                      Error **errp)
 {
     struct BlockCryptoCreateData *data = opaque;
     int ret;
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 4530f82..d5a31bb 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -473,10 +473,10 @@  qcrypto_block_luks_load_key(QCryptoBlock *block,
      * then encrypted.
      */
     rv = readfunc(block,
+                  opaque,
                   slot->key_offset * QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
                   splitkey, splitkeylen,
-                  errp,
-                  opaque);
+                  errp);
     if (rv < 0) {
         goto cleanup;
     }
@@ -676,11 +676,10 @@  qcrypto_block_luks_open(QCryptoBlock *block,
 
     /* Read the entire LUKS header, minus the key material from
      * the underlying device */
-    rv = readfunc(block, 0,
+    rv = readfunc(block, opaque, 0,
                   (uint8_t *)&luks->header,
                   sizeof(luks->header),
-                  errp,
-                  opaque);
+                  errp);
     if (rv < 0) {
         ret = rv;
         goto fail;
@@ -1246,7 +1245,7 @@  qcrypto_block_luks_create(QCryptoBlock *block,
         QCRYPTO_BLOCK_LUKS_SECTOR_SIZE;
 
     /* Reserve header space to match payload offset */
-    initfunc(block, block->payload_offset, &local_err, opaque);
+    initfunc(block, opaque, block->payload_offset, &local_err);
     if (local_err) {
         error_propagate(errp, local_err);
         goto error;
@@ -1268,11 +1267,10 @@  qcrypto_block_luks_create(QCryptoBlock *block,
 
 
     /* Write out the partition header and key slot headers */
-    writefunc(block, 0,
+    writefunc(block, opaque, 0,
               (const uint8_t *)&luks->header,
               sizeof(luks->header),
-              &local_err,
-              opaque);
+              &local_err);
 
     /* Delay checking local_err until we've byte-swapped */
 
@@ -1297,12 +1295,11 @@  qcrypto_block_luks_create(QCryptoBlock *block,
 
     /* Write out the master key material, starting at the
      * sector immediately following the partition header. */
-    if (writefunc(block,
+    if (writefunc(block, opaque,
                   luks->header.key_slots[0].key_offset *
                   QCRYPTO_BLOCK_LUKS_SECTOR_SIZE,
                   splitkey, splitkeylen,
-                  errp,
-                  opaque) != splitkeylen) {
+                  errp) != splitkeylen) {
         goto error;
     }
 
diff --git a/include/crypto/block.h b/include/crypto/block.h
index b6971de..4a053a3 100644
--- a/include/crypto/block.h
+++ b/include/crypto/block.h
@@ -30,23 +30,23 @@  typedef struct QCryptoBlock QCryptoBlock;
  * and QCryptoBlockOpenOptions in qapi/crypto.json */
 
 typedef ssize_t (*QCryptoBlockReadFunc)(QCryptoBlock *block,
+                                        void *opaque,
                                         size_t offset,
                                         uint8_t *buf,
                                         size_t buflen,
-                                        Error **errp,
-                                        void *opaque);
+                                        Error **errp);
 
 typedef ssize_t (*QCryptoBlockInitFunc)(QCryptoBlock *block,
+                                        void *opaque,
                                         size_t headerlen,
-                                        Error **errp,
-                                        void *opaque);
+                                        Error **errp);
 
 typedef ssize_t (*QCryptoBlockWriteFunc)(QCryptoBlock *block,
+                                         void *opaque,
                                          size_t offset,
                                          const uint8_t *buf,
                                          size_t buflen,
-                                         Error **errp,
-                                         void *opaque);
+                                         Error **errp);
 
 /**
  * qcrypto_block_has_format:
diff --git a/tests/test-crypto-block.c b/tests/test-crypto-block.c
index 1957a86..85e6603 100644
--- a/tests/test-crypto-block.c
+++ b/tests/test-crypto-block.c
@@ -187,11 +187,11 @@  static struct QCryptoBlockTestData {
 
 
 static ssize_t test_block_read_func(QCryptoBlock *block,
+                                    void *opaque,
                                     size_t offset,
                                     uint8_t *buf,
                                     size_t buflen,
-                                    Error **errp,
-                                    void *opaque)
+                                    Error **errp)
 {
     Buffer *header = opaque;
 
@@ -204,9 +204,9 @@  static ssize_t test_block_read_func(QCryptoBlock *block,
 
 
 static ssize_t test_block_init_func(QCryptoBlock *block,
+                                    void *opaque,
                                     size_t headerlen,
-                                    Error **errp,
-                                    void *opaque)
+                                    Error **errp)
 {
     Buffer *header = opaque;
 
@@ -219,11 +219,11 @@  static ssize_t test_block_init_func(QCryptoBlock *block,
 
 
 static ssize_t test_block_write_func(QCryptoBlock *block,
+                                     void *opaque,
                                      size_t offset,
                                      const uint8_t *buf,
                                      size_t buflen,
-                                     Error **errp,
-                                     void *opaque)
+                                     Error **errp)
 {
     Buffer *header = opaque;