Re: [PR] fix!: introduce access api and VolatileBuf to safely interact with volatile ParamMemref buffers [teaclave-trustzone-sdk]

Mon, 09 Feb 2026 05:57:47 -0800 


DemesneGH commented on code in PR #278:
URL: 
https://github.com/apache/teaclave-trustzone-sdk/pull/278#discussion_r2782740885


##########
examples/serde-rs/ta/src/main.rs:
##########
@@ -68,16 +68,17 @@ fn invoke_command(cmd_id: u32, params: &mut Parameters) -> 
Result<()> {
 
             // Ensure the buffer is large enough to hold the serialized data.
             let len = bytes.len();
-            if len > buffer.len() {
+            if len > buffer.capacity() {
                 trace_println!("Buffer too small, cannot copy all bytes");
+                p.request_more_capacity(len).expect("infallible");
                 return Err(ErrorKind::BadParameters.into());
             }
 
             // Copy the serialized JSON string into the buffer.
-            buffer[..len].copy_from_slice(bytes);
+            buffer.copy_from(bytes);

Review Comment:
   Suggest to handle the result of `copy_from()`



##########
examples/serde-rs/ta/src/main.rs:
##########
@@ -68,16 +68,17 @@ fn invoke_command(cmd_id: u32, params: &mut Parameters) -> 
Result<()> {
 
             // Ensure the buffer is large enough to hold the serialized data.
             let len = bytes.len();
-            if len > buffer.len() {
+            if len > buffer.capacity() {
                 trace_println!("Buffer too small, cannot copy all bytes");
+                p.request_more_capacity(len).expect("infallible");

Review Comment:
   We should avoid panic in TAs, could you revise the interface for better 
error handling?
   Same in line81.



##########
examples/serde-rs/ta/src/main.rs:
##########
@@ -54,8 +54,8 @@ fn invoke_command(cmd_id: u32, params: &mut Parameters) -> 
Result<()> {
     trace_println!("[+] TA invoke command");
     match Command::from(cmd_id) {
         Command::DefaultOp => {
-            let mut p = unsafe { params.0.as_memref()? };
-            let buffer = p.buffer();
+            let mut p = unsafe { params.0.as_memref()? }.output()?;
+            let mut buffer = 
p.buffer().ok_or(TeeError::new(ErrorKind::ShortBuffer))?;

Review Comment:
   Seems we always need to cast the option to error, how about buffer() 
directly returns Result?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to