kata-os-cspace-slot: multiple api changes

- copy_to now take rights - add dup_to that does a copy with all-rights preserved - add mint_to - add mutate_to - change release to return any assigned slot - fixup callers Change-Id: I747c01d426906042e76ba00c19513eae3fa3b03c GitOrigin-RevId: 7270785dc92ee5ef6b56d330b0076d57dc9374f8
2025-04-27 18:35:32 +00:00 · 2022-09-05 00:26:27 +00:00 · 2022-09-05 00:26:27 +00:00 · 5683ba6e20
commit 5683ba6e20
parent bbe49faf65
3 changed files with 72 additions and 10 deletions
--- a/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs
+++ b/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs
@ -595,7 +595,7 @@ impl seL4BundleImpl {
            .move_objects_from_toplevel(self.cspace_root.objs[0].cptr, self.cspace_root_depth)?;
        // Keep a dup of the TCB in the top-level CNode for suspend/resume.
        // We do this after the bulk move to insure there's a free slot.
-        self.cap_tcb.copy_to(
+        self.cap_tcb.dup_to(
            self.dynamic_objs.cnode,
            self.dynamic_objs.objs[TCB_SLOT].cptr,
            self.dynamic_objs.depth,
--- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs
+++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs
@ -124,10 +124,10 @@ fn deep_copy(src: &ObjDescBundle) -> Result<ObjDescBundle, seL4_Error> {
    for (src_cptr, dest_cptr) in src.cptr_iter().zip(dest.cptr_iter()) {
        // Map src & dest frames and copy data.
        src_slot
-            .copy_to(src.cnode, src_cptr, src.depth)
+            .dup_to(src.cnode, src_cptr, src.depth)
            .and_then(|_| src_region.map(src_slot.slot))?;
        dest_slot
-            .copy_to(dest.cnode, dest_cptr, dest.depth)
+            .dup_to(dest.cnode, dest_cptr, dest.depth)
            .and_then(|_| dest_region.map(dest_slot.slot))?;

        unsafe {
--- a/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs
+++ b/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs
@ -21,11 +21,14 @@ use slot_allocator::KATA_CSPACE_SLOTS;

 use sel4_sys::seL4_CNode_Copy;
 use sel4_sys::seL4_CNode_Delete;
+use sel4_sys::seL4_CNode_Mint;
 use sel4_sys::seL4_CNode_Move;
+use sel4_sys::seL4_CNode_Mutate;
 use sel4_sys::seL4_CPtr;
 use sel4_sys::seL4_CapRights;
 use sel4_sys::seL4_Result;
 use sel4_sys::seL4_SetCapReceivePath;
+use sel4_sys::seL4_Word;
 use sel4_sys::seL4_WordBits;

 extern "C" {
@ -43,8 +46,12 @@ impl CSpaceSlot {
    }

    // Release ownership of the slot; this inhibits the normal cleanup
-    // done by drop.
-    pub fn release(&mut self) { self.slot = seL4_CPtr::MAX; }
+    // done by drop. The slot that was being managed is returned.
+    pub fn release(&mut self) -> seL4_CPtr {
+        let slot = self.slot;
+        self.slot = seL4_CPtr::MAX;
+        slot
+    }

    // Returns the (root, index, depth) seL4 path for the slot.
    pub fn get_path(&self) -> (seL4_CPtr, seL4_CPtr, u8) {
@ -58,10 +65,13 @@ impl CSpaceSlot {
    }

    // Copies the specified path to our slot.
-    pub fn copy_to(&self, src_root: seL4_CPtr, src_index: seL4_CPtr, src_depth: u8) -> seL4_Result {
-        let seL4_AllRights = seL4_CapRights::new(
-            /*grant_reply=*/ 1, /*grant=*/ 1, /*read=*/ 1, /*write=*/ 1,
-        );
+    pub fn copy_to(
+        &self,
+        src_root: seL4_CPtr,
+        src_index: seL4_CPtr,
+        src_depth: u8,
+        rights: seL4_CapRights,
+    ) -> seL4_Result {
        unsafe {
            seL4_CNode_Copy(
                /*dest_root=*/ SELF_CNODE,
@ -70,7 +80,38 @@ impl CSpaceSlot {
                src_root,
                src_index,
                src_depth,
-                seL4_AllRights,
+                rights,
+            )
+        }
+    }
+
+    // Copies the specified path to our slot.
+    pub fn dup_to(&self, src_root: seL4_CPtr, src_index: seL4_CPtr, src_depth: u8) -> seL4_Result {
+        let seL4_AllRights = seL4_CapRights::new(
+            /*grant_reply=*/ 1, /*grant=*/ 1, /*read=*/ 1, /*write=*/ 1,
+        );
+        self.copy_to(src_root, src_index, src_depth, seL4_AllRights)
+    }
+
+    // Mints the specified path to our slot.
+    pub fn mint_to(
+        &self,
+        src_root: seL4_CPtr,
+        src_slot: seL4_CPtr,
+        src_depth: u8,
+        rights: seL4_CapRights,
+        badge: seL4_Word,
+    ) -> seL4_Result {
+        unsafe {
+            seL4_CNode_Mint(
+                /*dest_root=*/ SELF_CNODE,
+                /*dest_index= */ self.slot,
+                /*dest_depth=*/ seL4_WordBits as u8,
+                src_root,
+                src_slot,
+                src_depth,
+                rights,
+                badge,
            )
        }
    }
@ -108,6 +149,27 @@ impl CSpaceSlot {
        }
    }

+    // Mutates the specified path to our slot.
+    pub fn mutate_to(
+        &self,
+        src_root: seL4_CPtr,
+        src_slot: seL4_CPtr,
+        src_depth: u8,
+        badge: seL4_Word,
+    ) -> seL4_Result {
+        unsafe {
+            seL4_CNode_Mutate(
+                /*dest_root=*/ SELF_CNODE,
+                /*dest_index= */ self.slot,
+                /*dest_depth=*/ seL4_WordBits as u8,
+                src_root,
+                src_slot,
+                src_depth,
+                badge,
+            )
+        }
+    }
+
    // Delete any cap in our slot.
    // NB: deleting an empty slot is a noop to seL4
    pub fn delete(&self) -> seL4_Result {