8000 Allowed Process Slice Buffered API by alexandruradovici · Pull Request #4023 · tock/tock · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Allowed Process Slice Buffered API #4023

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 8 commits into from
Closed

Allowed Process Slice Buffered API #4023

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d79e214
first iteration of a ringbuffer api
alexandruradovici Jun 6, 2024
7b2c829
Update kernel/src/processbuffer.rs
alexandruradovici Jun 9, 2024
ce6d6d1
updates
alexandruradovici Jun 11, 2024
080bdf5
use a seperate structure and rename the buffer
alexandruradovici Sep 23, 2024
ea53b0f
format doc
alexandruradovici Sep 23, 2024
27f578c
make clippy happy
alexandruradovici Sep 24, 2024
ecc265f
use constant
alexandruradovici Sep 24, 2024
dd553c3
use inspect_err
alexandruradovici Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 16 additions & 34 deletions capsules/extra/src/can.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ use core::mem::size_of;

use kernel::grant::{AllowRoCount, AllowRwCount, Grant, UpcallCount};
use kernel::hil::can;
use kernel::processbuffer::{ReadableProcessBuffer, WriteableProcessBuffer};
use kernel::processbuffer::{ProcessSliceBuffer, ReadableProcessBuffer, WriteableProcessBuffer};
use kernel::syscall::{CommandReturn, SyscallDriver};
use kernel::utilities::cells::{OptionalCell, TakeCell};
use kernel::ErrorCode;
Expand Down Expand Up @@ -115,7 +115,6 @@ pub struct CanCapsule<'a, Can: can::Can> {

#[derive(Default)]
pub struct App {
receive_index: usize,
lost_messages: u32,
}

Expand Down Expand Up @@ -443,7 +442,7 @@ impl<'a, Can: can::Can> can::ReceiveClient<{ can::STANDARD_CAN_PACKET_SIZE }>
&self,
id: can::Id,
buffer: &mut [u8; can::STANDARD_CAN_PACKET_SIZE],
len: usize,
_len: usize,
status: Result<(), can::Error>,
) {
let mut new_buffer = false;
Expand All @@ -459,38 +458,21 @@ impl<'a, Can: can::Can> can::ReceiveClient<{ can::STANDARD_CAN_PACKET_SIZE }>
|err| err.into(),
|buffer_ref| {
buffer_ref
.mut_enter(|user_buffer| {
shared_len = user_buffer.len();
// For now, the first 4 bytes (the size of u32) represent the number
// of messages that the user has not read yet, represented as Little Endian.
// When the userspace reads the buffer, the counter will be set
// to 0 so that the capsule knows. This will be changed after
// https://github.com/tock/tock/pull/3252 and
// https://github.com/tock/tock/pull/3258 are merged.
let mut tmp_buf: [u8; size_of::<u32>()] =
[0; size_of::<u32>()];
user_buffer[0..size_of::<u32>()]
.copy_to_slice(&mut tmp_buf);
let contor = u32::from_le_bytes(tmp_buf);
if contor == 0 {
new_buffer = true;
app_data.receive_index = size_of::<u32>();
}
user_buffer[0..size_of::<u32>()]
.copy_from_slice(&(contor + 1).to_le_bytes());
if app_data.receive_index + len > user_buffer.len()
{
app_data.lost_messages += 1;
Err(ErrorCode::SIZE)
} else {
let r = user_buffer[app_data.receive_index
..app_data.receive_index + len]
.copy_from_slice_or_err(&buffer[0..len]);
if r.is_ok() {
app_data.receive_index += len;
.mut_enter(|user_slice| {
let user_buffer =
ProcessSliceBuffer::new(user_slice);
shared_len = user_buffer.len()?;
// This uses the ringbuffer interpretation of the
// ProcessBufferSlice
new_buffer = match user_buffer.len() {
Err(ErrorCode::INVAL) => {
user_buffer.reset().map(|()| 0)
}
r
}
value => value,
}? == 0;
user_buffer.append(buffer).inspect_err(|_err| {
app_data.lost_messages += 1;
})
})
.unwrap_or_else(|err| err.into())
},
Expand Down
96 changes: 96 additions & 0 deletions kernel/src/processbuffer.rs
View file
Open in desktop
< 8000 tr data-hunk="40b2c48288db88a17fa5a79006cd775f0e05c08da22df80aad135d968b673590" class="show-top-border">
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,18 @@

use core::cell::Cell;
use core::marker::PhantomData;
use core::mem::size_of;
use core::ops::{Deref, Index, Range, RangeFrom, RangeTo};

use crate::capabilities;
use crate::process::{self, ProcessId};
use crate::ErrorCode;

// the offset where the buffer data starts
// - skip the flags field (1 byte)
// - skip the len field (size_of::<u32>() bytes)
const BUFFER_OFFSET: usize = 1 + size_of::<u32>();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this into the impl ala https://github.com/tock/tock/blob/master/kernel/src/process_standard.rs#L1300?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm working on a small refactor that includes this change.


/// Convert a process buffer's internal representation to a
/// [`ReadableProcessSlice`].
///
Expand Down Expand Up @@ -886,6 +892,96 @@ pub struct WriteableProcessSlice {
slice: [Cell<u8>],
}

#[repr(transparent)]
pub struct ProcessSliceBuffer<'a> {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need comment.

slice: &'a WriteableProcessSlice,
}

impl<'a> ProcessSliceBuffer<'a> {
pub fn new(slice: &'a WriteableProcessSlice) -> ProcessSliceBuffer {
ProcessSliceBuffer { slice }
}

/// Checks if the process buffer respects the buffer contract
///
/// The buffer data format is described below:
/// ```text,ignore
/// 0 1 2 3 4
/// +----------+----------+----------+----------+-------------------...
/// | flags | buffer length | slice
/// +----------+----------+----------+----------+-------------------...
/// | 00000000 | 32 bits little endian | data
/// ```
///
/// - the first byte is reserved to store flags, for this version of the buffer
/// the value has to be 0
/// - the next 4 bytes store the used space in a 32 bit little endian format
///
/// This function fails with
/// - `INVALID` if the flags field is not set to 0
/// - `SIZE` if the underlying slice is not large enough top fit the
/// flags field and the len field (5 bytes)
pub fn len(&self) -> Result<usize, ErrorCode> {
// check if the slice can actually hold a buffer
// - the slice has to be able to fit the flags (1 byte) and the size (4 bytes)
if self.slice.len() >= BUFFER_OFFSET {
if self.slice[0].get() == 0 {
let len = self.slice[1].get() as u32
| (self.slice[2].get() as u32 >> 8)
| (self.slice[3].get() as u32 >> 16)
| (self.slice[4].get() as u32 >> 24);
Ok(len as usize)
} else {
Err(ErrorCode::INVAL)
}
} else {
Err(ErrorCode::SIZE)
}
}

fn set_len(&self, len: usize) -> Result<(), ErrorCode> {
if self.slice.len() >= len + BUFFER_OFFSET {
// set the flags
self.slice[0].set(0);

// set the length
self.slice[1].set((len & 0xff) as u8);
self.slice[2].set(((len << 8) & 0xff) as u8);
self.slice[3].set(((len << 16) & 0xff) as u8);
self.slice[4].set(((len << 24) & 0xff) as u8);
Ok(())
} else {
Err(ErrorCode::SIZE)
}
}

/// Append a slice of data to the buffer
///
/// This function fails with:
/// - `INVALID` - if the buffer's flags field is not set to 0
/// - `SIZE` - if the data slice is too large to fit into the buffer
pub fn append(&self, data: &[u8]) -> Result<(), ErrorCode> {
let len = self.len()?;
if data.len() + len <= self.slice.len() - BUFFER_OFFSET {
self.slice[BUFFER_OFFSET + len..BUFFER_OFFSET + len + data.len()].copy_from_slice(data);
self.set_len(len + data.len())?;
Ok(())
} else {
Err(ErrorCode::SIZE)
}
}

/// Resets the buffer's length t0 and flags to 0
///
/// This function fails with
/// - `SIZE` - if the slice underneeths the buffer is too small to fit
/// the flags field and tyhe len field (a total of 5 bytes)
#[inline(always)]
pub fn reset(&self) -> Result<(), ErrorCode> {
self.set_len(0)
}
}

fn cast_cell_slice_to_process_slice(cell_slice: &[Cell<u8>]) -> &WriteableProcessSlice {
// # Safety
//
Expand Down
Loading
0