From 5683ba6e20ce2250044ba626bc37a592dac3f237 Mon Sep 17 00:00:00 2001 From: Sam Leffler Date: Mon, 5 Sep 2022 00:26:27 +0000 Subject: [PATCH] kata-os-cspace-slot: multiple api changes - copy_to now take rights - add dup_to that does a copy with all-rights preserved - add mint_to - add mutate_to - change release to return any assigned slot - fixup callers Change-Id: I747c01d426906042e76ba00c19513eae3fa3b03c GitOrigin-RevId: 7270785dc92ee5ef6b56d330b0076d57dc9374f8 --- .../kata-proc-manager/src/sel4bundle/mod.rs | 2 +- .../src/fakeimpl/mod.rs | 4 +- .../kata-os-common/src/cspace-slot/src/lib.rs | 76 +++++++++++++++++-- 3 files changed, 72 insertions(+), 10 deletions(-) diff --git a/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs b/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs index bf46e49..453121c 100644 --- a/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs +++ b/apps/system/components/ProcessManager/kata-proc-manager/src/sel4bundle/mod.rs @@ -595,7 +595,7 @@ impl seL4BundleImpl { .move_objects_from_toplevel(self.cspace_root.objs[0].cptr, self.cspace_root_depth)?; // Keep a dup of the TCB in the top-level CNode for suspend/resume. // We do this after the bulk move to insure there's a free slot. - self.cap_tcb.copy_to( + self.cap_tcb.dup_to( self.dynamic_objs.cnode, self.dynamic_objs.objs[TCB_SLOT].cptr, self.dynamic_objs.depth, diff --git a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs index 4499bd8..aced15d 100644 --- a/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs +++ b/apps/system/components/SecurityCoordinator/kata-security-coordinator/src/fakeimpl/mod.rs @@ -124,10 +124,10 @@ fn deep_copy(src: &ObjDescBundle) -> Result { for (src_cptr, dest_cptr) in src.cptr_iter().zip(dest.cptr_iter()) { // Map src & dest frames and copy data. src_slot - .copy_to(src.cnode, src_cptr, src.depth) + .dup_to(src.cnode, src_cptr, src.depth) .and_then(|_| src_region.map(src_slot.slot))?; dest_slot - .copy_to(dest.cnode, dest_cptr, dest.depth) + .dup_to(dest.cnode, dest_cptr, dest.depth) .and_then(|_| dest_region.map(dest_slot.slot))?; unsafe { diff --git a/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs b/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs index eeb895e..de8f4ff 100644 --- a/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs +++ b/apps/system/components/kata-os-common/src/cspace-slot/src/lib.rs @@ -21,11 +21,14 @@ use slot_allocator::KATA_CSPACE_SLOTS; use sel4_sys::seL4_CNode_Copy; use sel4_sys::seL4_CNode_Delete; +use sel4_sys::seL4_CNode_Mint; use sel4_sys::seL4_CNode_Move; +use sel4_sys::seL4_CNode_Mutate; use sel4_sys::seL4_CPtr; use sel4_sys::seL4_CapRights; use sel4_sys::seL4_Result; use sel4_sys::seL4_SetCapReceivePath; +use sel4_sys::seL4_Word; use sel4_sys::seL4_WordBits; extern "C" { @@ -43,8 +46,12 @@ impl CSpaceSlot { } // Release ownership of the slot; this inhibits the normal cleanup - // done by drop. - pub fn release(&mut self) { self.slot = seL4_CPtr::MAX; } + // done by drop. The slot that was being managed is returned. + pub fn release(&mut self) -> seL4_CPtr { + let slot = self.slot; + self.slot = seL4_CPtr::MAX; + slot + } // Returns the (root, index, depth) seL4 path for the slot. pub fn get_path(&self) -> (seL4_CPtr, seL4_CPtr, u8) { @@ -58,10 +65,13 @@ impl CSpaceSlot { } // Copies the specified path to our slot. - pub fn copy_to(&self, src_root: seL4_CPtr, src_index: seL4_CPtr, src_depth: u8) -> seL4_Result { - let seL4_AllRights = seL4_CapRights::new( - /*grant_reply=*/ 1, /*grant=*/ 1, /*read=*/ 1, /*write=*/ 1, - ); + pub fn copy_to( + &self, + src_root: seL4_CPtr, + src_index: seL4_CPtr, + src_depth: u8, + rights: seL4_CapRights, + ) -> seL4_Result { unsafe { seL4_CNode_Copy( /*dest_root=*/ SELF_CNODE, @@ -70,7 +80,38 @@ impl CSpaceSlot { src_root, src_index, src_depth, - seL4_AllRights, + rights, + ) + } + } + + // Copies the specified path to our slot. + pub fn dup_to(&self, src_root: seL4_CPtr, src_index: seL4_CPtr, src_depth: u8) -> seL4_Result { + let seL4_AllRights = seL4_CapRights::new( + /*grant_reply=*/ 1, /*grant=*/ 1, /*read=*/ 1, /*write=*/ 1, + ); + self.copy_to(src_root, src_index, src_depth, seL4_AllRights) + } + + // Mints the specified path to our slot. + pub fn mint_to( + &self, + src_root: seL4_CPtr, + src_slot: seL4_CPtr, + src_depth: u8, + rights: seL4_CapRights, + badge: seL4_Word, + ) -> seL4_Result { + unsafe { + seL4_CNode_Mint( + /*dest_root=*/ SELF_CNODE, + /*dest_index= */ self.slot, + /*dest_depth=*/ seL4_WordBits as u8, + src_root, + src_slot, + src_depth, + rights, + badge, ) } } @@ -108,6 +149,27 @@ impl CSpaceSlot { } } + // Mutates the specified path to our slot. + pub fn mutate_to( + &self, + src_root: seL4_CPtr, + src_slot: seL4_CPtr, + src_depth: u8, + badge: seL4_Word, + ) -> seL4_Result { + unsafe { + seL4_CNode_Mutate( + /*dest_root=*/ SELF_CNODE, + /*dest_index= */ self.slot, + /*dest_depth=*/ seL4_WordBits as u8, + src_root, + src_slot, + src_depth, + badge, + ) + } + } + // Delete any cap in our slot. // NB: deleting an empty slot is a noop to seL4 pub fn delete(&self) -> seL4_Result {