Archives
/
rust-raspberrypi-OS-tutorials
mirror of https://github.com/rust-embedded/rust-raspberrypi-OS-tutorials
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Refactor tutorial 13

Browse Source
pull/51/head
Andre Richter 4 years ago
parent c758875bbe
commit 1496e003d8
No known key found for this signature in database
GPG Key ID: 2116C1AB102F615E
50 changed files with 1310 additions and 2012 deletions
Show Stats Download Patch File Download Diff File

2
13_integrated_testing/Cargo.toml
Unescape Escape View File

@ -44,5 +44,5 @@ name = "00_interface_sanity_console"
harness = false
[[test]]
name = "02_arch_exception_handling"
name = "02_arch_exception_handling_sync_page_fault"
harness = false

7
13_integrated_testing/Makefile
Unescape Escape View File

@ -22,7 +22,7 @@ ifeq ($(BSP),rpi3)
QEMU_TEST_ARGS = $(QEMU_RELEASE_ARGS) -semihosting
OPENOCD_ARG = -f /openocd/tcl/interface/ftdi/olimex-arm-usb-tiny-h.cfg -f /openocd/rpi3.cfg
JTAG_BOOT_IMAGE = jtag_boot_rpi3.img
LINKER_FILE = src/bsp/rpi/link.ld
LINKER_FILE = src/bsp/raspberrypi/link.ld
RUSTC_MISC_ARGS = -C target-cpu=cortex-a53
else ifeq ($(BSP),rpi4)
TARGET = aarch64-unknown-none-softfloat
@ -33,7 +33,7 @@ else ifeq ($(BSP),rpi4)
# QEMU_TEST_ARGS = $(QEMU_RELEASE_ARGS) -semihosting
OPENOCD_ARG = -f /openocd/tcl/interface/ftdi/olimex-arm-usb-tiny-h.cfg -f /openocd/rpi4.cfg
JTAG_BOOT_IMAGE = jtag_boot_rpi4.img
LINKER_FILE = src/bsp/rpi/link.ld
LINKER_FILE = src/bsp/raspberrypi/link.ld
RUSTC_MISC_ARGS = -C target-cpu=cortex-a72
endif
@ -89,8 +89,7 @@ $(OUTPUT): $(CARGO_OUTPUT)
$(OBJCOPY_CMD) $< $(OUTPUT)
doc:
cargo xdoc --target=$(TARGET) --features bsp_$(BSP) --document-private-items
xdg-open target/$(TARGET)/doc/libkernel/index.html
cargo xdoc --target=$(TARGET) --features bsp_$(BSP) --document-private-items --open
ifeq ($(QEMU_MACHINE_TYPE),)
qemu:

1258
13_integrated_testing/README.md
View File

File diff suppressed because it is too large Load Diff

BIN
13_integrated_testing/kernel
View File

Binary file not shown.

BIN
13_integrated_testing/kernel8.img
View File

Binary file not shown.

100
13_integrated_testing/src/arch/aarch64.rs → 13_integrated_testing/src/_arch/aarch64/cpu.rs
Unescape Escape View File

@ -2,16 +2,15 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! AArch64.
//! Architectural processor code.
mod exception;
mod mmu;
pub mod sync;
mod time;
use crate::{bsp, interface};
use crate::{bsp, cpu};
use cortex_a::{asm, regs::*};
//--------------------------------------------------------------------------------------------------
// Boot Code
//--------------------------------------------------------------------------------------------------
/// The entry of the `kernel` binary.
///
/// The function must be named `_start`, because the linker is looking for this exact name.
@ -19,12 +18,11 @@ use cortex_a::{asm, regs::*};
/// # Safety
///
/// - Linker script must ensure to place this function at `0x80_000`.
#[naked]
#[no_mangle]
pub unsafe extern "C" fn _start() -> ! {
const CORE_MASK: u64 = 0x3;
// Expect the boot core to start in EL2.
if (bsp::BOOT_CORE_ID == MPIDR_EL1.get() & CORE_MASK)
if (bsp::cpu::BOOT_CORE_ID == cpu::smp::core_id())
&& (CurrentEL.get() == CurrentEL::EL::EL2.value)
{
el2_to_el1_transition()
@ -39,9 +37,12 @@ pub unsafe extern "C" fn _start() -> ! {
/// # Safety
///
/// - The HW state of EL1 must be prepared in a sound way.
/// - Exception return from EL2 must must continue execution in EL1 with ´runtime_init::init()`.
/// - Exception return from EL2 must must continue execution in EL1 with
/// `runtime_init::runtime_init()`.
#[inline(always)]
unsafe fn el2_to_el1_transition() -> ! {
use crate::runtime_init;
// Enable timer counter registers for EL1.
CNTHCTL_EL2.write(CNTHCTL_EL2::EL1PCEN::SET + CNTHCTL_EL2::EL1PCTEN::SET);
@ -53,7 +54,7 @@ unsafe fn el2_to_el1_transition() -> ! {
// Set up a simulated exception return.
//
// First, fake a saved program status, where all interrupts were masked and SP_EL1 was used as a
// First, fake a saved program status where all interrupts were masked and SP_EL1 was used as a
// stack pointer.
SPSR_EL2.write(
SPSR_EL2::D::Masked
@ -63,42 +64,31 @@ unsafe fn el2_to_el1_transition() -> ! {
+ SPSR_EL2::M::EL1h,
);
// Second, let the link register point to init().
ELR_EL2.set(crate::runtime_init::runtime_init as *const () as u64);
// Second, let the link register point to runtime_init().
ELR_EL2.set(runtime_init::runtime_init as *const () as u64);
// Set up SP_EL1 (stack pointer), which will be used by EL1 once we "return" to it.
SP_EL1.set(bsp::BOOT_CORE_STACK_START);
SP_EL1.set(bsp::cpu::BOOT_CORE_STACK_START);
// Use `eret` to "return" to EL1. This will result in execution of `reset()` in EL1.
// Use `eret` to "return" to EL1. This results in execution of runtime_init() in EL1.
asm::eret()
}
//--------------------------------------------------------------------------------------------------
// Global instances
//--------------------------------------------------------------------------------------------------
static TIMER: time::Timer = time::Timer;
static MMU: mmu::MMU = mmu::MMU;
//--------------------------------------------------------------------------------------------------
// Implementation of the kernel's architecture abstraction code
// Public Code
//--------------------------------------------------------------------------------------------------
pub use asm::nop;
/// Spin for `n` cycles.
#[inline(always)]
pub fn spin_for_cycles(n: usize) {
for _ in 0..n {
asm::nop();
}
}
/// Return a reference to a `interface::time::TimeKeeper` implementation.
pub fn timer() -> &'static impl interface::time::Timer {
&TIMER
}
/// Pause execution on the calling CPU core.
/// Pause execution on the core.
#[inline(always)]
pub fn wait_forever() -> ! {
loop {
@ -106,56 +96,6 @@ pub fn wait_forever() -> ! {
}
}
/// Enable exception handling.
///
/// # Safety
///
/// - Changes the HW state of the processing element.
pub unsafe fn enable_exception_handling() {
exception::set_vbar_el1();
}
/// Return a reference to an `interface::mm::MMU` implementation.
pub fn mmu() -> &'static impl interface::mm::MMU {
&MMU
}
/// Information about the HW state.
pub mod state {
use crate::arch::PrivilegeLevel;
use cortex_a::regs::*;
/// The processing element's current privilege level.
pub fn current_privilege_level() -> (PrivilegeLevel, &'static str) {
let el = CurrentEL.read_as_enum(CurrentEL::EL);
match el {
Some(CurrentEL::EL::Value::EL2) => (PrivilegeLevel::Hypervisor, "EL2"),
Some(CurrentEL::EL::Value::EL1) => (PrivilegeLevel::Kernel, "EL1"),
Some(CurrentEL::EL::Value::EL0) => (PrivilegeLevel::User, "EL0"),
_ => (PrivilegeLevel::Unknown, "Unknown"),
}
}
/// Print the AArch64 exceptions status.
#[rustfmt::skip]
pub fn print_exception_state() {
use super::{
exception,
exception::{Debug, SError, FIQ, IRQ},
};
use crate::info;
let to_mask_str = |x| -> _ {
if x { "Masked" } else { "Unmasked" }
};
info!(" Debug: {}", to_mask_str(exception::is_masked::<Debug>()));
info!(" SError: {}", to_mask_str(exception::is_masked::<SError>()));
info!(" IRQ: {}", to_mask_str(exception::is_masked::<IRQ>()));
info!(" FIQ: {}", to_mask_str(exception::is_masked::<FIQ>()));
}
}
//--------------------------------------------------------------------------------------------------
// Testing
//--------------------------------------------------------------------------------------------------

22
13_integrated_testing/src/_arch/aarch64/cpu/smp.rs
Unescape Escape View File

@ -0,0 +1,22 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Architectural symmetric multiprocessing.
use cortex_a::regs::*;
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Return the executing core's id.
#[inline(always)]
pub fn core_id<T>() -> T
where
T: From<u8>,
{
const CORE_MASK: u64 = 0b11;
T::from((MPIDR_EL1.get() & CORE_MASK) as u8)
}

17
13_integrated_testing/src/arch/aarch64/exception.S → 13_integrated_testing/src/_arch/aarch64/exception.S
Unescape Escape View File

@ -2,8 +2,8 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
/// Call the function provided by parameter `\handler` after saving exception context. Provide the
/// context as the first parameter to '\handler'.
/// Call the function provided by parameter `\handler` after saving the exception context. Provide
/// the context as the first parameter to '\handler'.
.macro CALL_WITH_CONTEXT handler
// Make room on the stack for the exception context.
sub sp, sp, #16 * 17
@ -52,16 +52,19 @@
//--------------------------------------------------------------------------------------------------
.section .exception_vectors, "ax", @progbits
// Align by 2^11 bytes, as demanded by the AArch64 spec. Same as ALIGN(2048) in an ld script.
// Align by 2^11 bytes, as demanded by ARMv8-A. Same as ALIGN(2048) in an ld script.
.align 11
// Export a symbol for the Rust code to use.
__exception_vector_start:
// Current exception level with SP_EL0.
//
// .org sets the offset relative to section start.
//
// It must be ensured that `CALL_WITH_CONTEXT` <= 0x80 bytes.
// # Safety
//
// - It must be ensured that `CALL_WITH_CONTEXT` <= 0x80 bytes.
.org 0x000
CALL_WITH_CONTEXT current_el0_synchronous
.org 0x080
@ -81,7 +84,7 @@ __exception_vector_start:
.org 0x380
CALL_WITH_CONTEXT current_elx_serror
// Lower exception level, aarch64
// Lower exception level, AArch64
.org 0x400
CALL_WITH_CONTEXT lower_aarch64_synchronous
.org 0x480
@ -91,7 +94,7 @@ __exception_vector_start:
.org 0x580
CALL_WITH_CONTEXT lower_aarch64_serror
// Lower exception level, aarch32
// Lower exception level, AArch32
.org 0x600
CALL_WITH_CONTEXT lower_aarch32_synchronous
.org 0x680
@ -105,6 +108,8 @@ __exception_vector_start:
//--------------------------------------------------------------------------------------------------
// Helper functions
//--------------------------------------------------------------------------------------------------
.section .text
__exception_restore_context:
ldr w19, [sp, #16 * 16]
ldp lr, x20, [sp, #16 * 15]

99
13_integrated_testing/src/arch/aarch64/exception.rs → 13_integrated_testing/src/_arch/aarch64/exception.rs
Unescape Escape View File

@ -2,7 +2,7 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Exception handling.
//! Architectural synchronous and asynchronous exception handling.
use core::fmt;
use cortex_a::{barrier, regs::*};
@ -11,6 +11,10 @@ use register::InMemoryRegister;
// Assembly counterpart to this file.
global_asm!(include_str!("exception.S"));
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
/// Wrapper struct for memory copy of SPSR_EL1.
#[repr(transparent)]
struct SpsrEL1(InMemoryRegister<u32, SPSR_EL1::Register>);
@ -18,13 +22,16 @@ struct SpsrEL1(InMemoryRegister<u32, SPSR_EL1::Register>);
/// The exception context as it is stored on the stack on exception entry.
#[repr(C)]
struct ExceptionContext {
// General Purpose Registers.
/// General Purpose Registers.
gpr: [u64; 30],
// The link register, aka x30.
/// The link register, aka x30.
lr: u64,
// Exception link register. The program counter at the time the exception happened.
/// Exception link register. The program counter at the time the exception happened.
elr_el1: u64,
// Saved program status.
/// Saved program status.
spsr_el1: SpsrEL1,
}
@ -32,7 +39,7 @@ struct ExceptionContext {
struct EsrEL1;
//--------------------------------------------------------------------------------------------------
// Exception vector implementation
// Private Code
//--------------------------------------------------------------------------------------------------
/// Print verbose information about the exception and the panic.
@ -48,9 +55,9 @@ fn default_exception_handler(e: &ExceptionContext) {
);
}
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// Current, EL0
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
#[no_mangle]
unsafe extern "C" fn current_el0_synchronous(e: &mut ExceptionContext) {
@ -67,11 +74,10 @@ unsafe extern "C" fn current_el0_serror(e: &mut ExceptionContext) {
default_exception_handler(e);
}
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// Current, ELx
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
/// Asynchronous exception taken from the current EL, using SP of the current EL.
#[no_mangle]
unsafe extern "C" fn current_elx_synchronous(e: &mut ExceptionContext) {
default_exception_handler(e);
@ -87,9 +93,9 @@ unsafe extern "C" fn current_elx_serror(e: &mut ExceptionContext) {
default_exception_handler(e);
}
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// Lower, AArch64
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
#[no_mangle]
unsafe extern "C" fn lower_aarch64_synchronous(e: &mut ExceptionContext) {
@ -106,9 +112,9 @@ unsafe extern "C" fn lower_aarch64_serror(e: &mut ExceptionContext) {
default_exception_handler(e);
}
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// Lower, AArch32
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
#[no_mangle]
unsafe extern "C" fn lower_aarch32_synchronous(e: &mut ExceptionContext) {
@ -125,9 +131,9 @@ unsafe extern "C" fn lower_aarch32_serror(e: &mut ExceptionContext) {
default_exception_handler(e);
}
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// Pretty printing
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
/// Human readable ESR_EL1.
#[rustfmt::skip]
@ -214,16 +220,30 @@ impl fmt::Display for ExceptionContext {
}
//--------------------------------------------------------------------------------------------------
// Arch-public
// Public Code
//--------------------------------------------------------------------------------------------------
use crate::exception::PrivilegeLevel;
/// The processing element's current privilege level.
pub fn current_privilege_level() -> (PrivilegeLevel, &'static str) {
let el = CurrentEL.read_as_enum(CurrentEL::EL);
match el {
Some(CurrentEL::EL::Value::EL2) => (PrivilegeLevel::Hypervisor, "EL2"),
Some(CurrentEL::EL::Value::EL1) => (PrivilegeLevel::Kernel, "EL1"),
Some(CurrentEL::EL::Value::EL0) => (PrivilegeLevel::User, "EL0"),
_ => (PrivilegeLevel::Unknown, "Unknown"),
}
}
/// Set the exception vector base address register.
/// Init exception handling by setting the exception vector base address register.
///
/// # Safety
///
/// - Changes the HW state of the executing core.
/// - The vector table and the symbol `__exception_vector_table_start` from the linker script must
/// adhere to the alignment and size constraints demanded by the AArch64 spec.
pub unsafe fn set_vbar_el1() {
/// adhere to the alignment and size constraints demanded by the ARMv8-A Architecture Reference
/// Manual.
pub unsafe fn handling_init() {
// Provided by exception.S.
extern "C" {
static mut __exception_vector_start: u64;
@ -235,40 +255,3 @@ pub unsafe fn set_vbar_el1() {
// Force VBAR update to complete before next instruction.
barrier::isb(barrier::SY);
}
pub trait DaifField {
fn daif_field() -> register::Field<u32, DAIF::Register>;
}
pub struct Debug;
pub struct SError;
pub struct IRQ;
pub struct FIQ;
impl DaifField for Debug {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::D
}
}
impl DaifField for SError {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::A
}
}
impl DaifField for IRQ {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::I
}
}
impl DaifField for FIQ {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::F
}
}
pub fn is_masked<T: DaifField>() -> bool {
DAIF.is_set(T::daif_field())
}

71
13_integrated_testing/src/_arch/aarch64/exception/asynchronous.rs
Unescape Escape View File

@ -0,0 +1,71 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Architectural asynchronous exception handling.
use cortex_a::regs::*;
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
trait DaifField {
fn daif_field() -> register::Field<u32, DAIF::Register>;
}
struct Debug;
struct SError;
struct IRQ;
struct FIQ;
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
impl DaifField for Debug {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::D
}
}
impl DaifField for SError {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::A
}
}
impl DaifField for IRQ {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::I
}
}
impl DaifField for FIQ {
fn daif_field() -> register::Field<u32, DAIF::Register> {
DAIF::F
}
}
fn is_masked<T: DaifField>() -> bool {
DAIF.is_set(T::daif_field())
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Print the AArch64 exceptions status.
#[rustfmt::skip]
pub fn print_state() {
use crate::info;
let to_mask_str = |x| -> _ {
if x { "Masked" } else { "Unmasked" }
};
info!(" Debug: {}", to_mask_str(is_masked::<Debug>()));
info!(" SError: {}", to_mask_str(is_masked::<SError>()));
info!(" IRQ: {}", to_mask_str(is_masked::<IRQ>()));
info!(" FIQ: {}", to_mask_str(is_masked::<FIQ>()));
}

79
13_integrated_testing/src/arch/aarch64/mmu.rs → 13_integrated_testing/src/_arch/aarch64/memory/mmu.rs
Unescape Escape View File

@ -2,19 +2,21 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Memory Management Unit.
//! Memory Management Unit Driver.
//!
//! Static page tables, compiled on boot; Everything 64 KiB granule.
use crate::{
bsp, interface,
memory::{AccessPermissions, AttributeFields, MemAttributes},
};
use super::{AccessPermissions, AttributeFields, MemAttributes};
use crate::{bsp, memory};
use core::convert;
use cortex_a::{barrier, regs::*};
use register::register_bitfields;
// A table descriptor, as per AArch64 Reference Manual Figure D4-15.
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
// A table descriptor, as per ARMv8-A Architecture Reference Manual Figure D4-15.
register_bitfields! {u64,
STAGE1_TABLE_DESCRIPTOR [
/// Physical address of the next page table.
@ -32,7 +34,7 @@ register_bitfields! {u64,
]
}
// A level 3 page descriptor, as per AArch64 Reference Manual Figure D4-17.
// A level 3 page descriptor, as per ARMv8-A Architecture Reference Manual Figure D4-17.
register_bitfields! {u64,
STAGE1_PAGE_DESCRIPTOR [
/// Privileged execute-never.
@ -101,18 +103,21 @@ struct PageDescriptor(u64);
#[repr(C)]
#[repr(align(65536))]
struct PageTables<const N: usize> {
// Page descriptors, covering 64 KiB windows per entry.
/// Page descriptors, covering 64 KiB windows per entry.
lvl3: [[PageDescriptor; 8192]; N],
// Table descriptors, covering 512 MiB windows.
/// Table descriptors, covering 512 MiB windows.
lvl2: [TableDescriptor; N],
}
/// Usually evaluates to 1 GiB for RPi3 and 4 GiB for RPi 4.
const ENTRIES_512_MIB: usize = bsp::addr_space_size() >> FIVETWELVE_MIB_SHIFT;
const ENTRIES_512_MIB: usize = bsp::memory::mmu::addr_space_size() >> FIVETWELVE_MIB_SHIFT;
/// The page tables.
///
/// Supposed to land in `.bss`. Therefore, ensure that they boil down to all "0" entries.
/// # Safety
///
/// - Supposed to land in `.bss`. Therefore, ensure that they boil down to all "0" entries.
static mut TABLES: PageTables<{ ENTRIES_512_MIB }> = PageTables {
lvl3: [[PageDescriptor(0); 8192]; ENTRIES_512_MIB],
lvl2: [TableDescriptor(0); ENTRIES_512_MIB],
@ -123,6 +128,30 @@ trait BaseAddr {
fn base_addr_usize(&self) -> usize;
}
/// Constants for indexing the MAIR_EL1.
#[allow(dead_code)]
mod mair {
pub const DEVICE: u64 = 0;
pub const NORMAL: u64 = 1;
}
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Memory Management Unit type.
pub struct MemoryManagementUnit;
//--------------------------------------------------------------------------------------------------
// Global instances
//--------------------------------------------------------------------------------------------------
static MMU: MemoryManagementUnit = MemoryManagementUnit;
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
impl<T, const N: usize> BaseAddr for [T; N] {
fn base_addr_u64(&self) -> u64 {
self as *const T as u64
@ -180,7 +209,7 @@ impl convert::From<AttributeFields>
}
impl PageDescriptor {
fn new(output_addr: usize, attribute_fields: AttributeFields) -> PageDescriptor {
fn new(output_addr: usize, attribute_fields: AttributeFields) -> Self {
let shifted = output_addr >> SIXTYFOUR_KIB_SHIFT;
let val = (STAGE1_PAGE_DESCRIPTOR::VALID::True
+ STAGE1_PAGE_DESCRIPTOR::AF::True
@ -189,17 +218,10 @@ impl PageDescriptor {
+ STAGE1_PAGE_DESCRIPTOR::OUTPUT_ADDR_64KiB.val(shifted as u64))
.value;
PageDescriptor(val)
Self(val)
}
}
/// Constants for indexing the MAIR_EL1.
#[allow(dead_code)]
mod mair {
pub const DEVICE: u64 = 0;
pub const NORMAL: u64 = 1;
}
/// Setup function for the MAIR_EL1 register.
fn set_up_mair() {
// Define the memory types being mapped.
@ -227,7 +249,7 @@ unsafe fn populate_pt_entries() -> Result<(), &'static str> {
let virt_addr = (l2_nr << FIVETWELVE_MIB_SHIFT) + (l3_nr << SIXTYFOUR_KIB_SHIFT);
let (output_addr, attribute_fields) =
bsp::virt_mem_layout().get_virt_addr_properties(virt_addr)?;
bsp::memory::mmu::virt_mem_layout().get_virt_addr_properties(virt_addr)?;
*l3_entry = PageDescriptor::new(output_addr, attribute_fields);
}
@ -252,16 +274,19 @@ fn configure_translation_control() {
}
//--------------------------------------------------------------------------------------------------
// Arch-public
// Public Code
//--------------------------------------------------------------------------------------------------
pub struct MMU;
/// Return a reference to the MMU.
pub fn mmu() -> &'static impl memory::mmu::interface::MMU {
&MMU
}
//--------------------------------------------------------------------------------------------------
// OS interface implementations
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
impl interface::mm::MMU for MMU {
impl memory::mmu::interface::MMU for MemoryManagementUnit {
unsafe fn init(&self) -> Result<(), &'static str> {
// Fail early if translation granule is not supported. Both RPis support it, though.
if !ID_AA64MMFR0_EL1.matches_all(ID_AA64MMFR0_EL1::TGran64::Supported) {

32
13_integrated_testing/src/arch/aarch64/time.rs → 13_integrated_testing/src/_arch/aarch64/time.rs
Unescape Escape View File

@ -2,25 +2,45 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Timer primitives.
//! Architectural timer primitives.
use crate::{interface, warn};
use crate::{time, warn};
use core::time::Duration;
use cortex_a::regs::*;
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
const NS_PER_S: u64 = 1_000_000_000;
//--------------------------------------------------------------------------------------------------
// Arch-public
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// ARMv8 Generic Timer.
pub struct GenericTimer;
//--------------------------------------------------------------------------------------------------
// Global instances
//--------------------------------------------------------------------------------------------------
pub struct Timer;
static TIME_MANAGER: GenericTimer = GenericTimer;
//--------------------------------------------------------------------------------------------------
// OS interface implementations
// Public Code
//--------------------------------------------------------------------------------------------------
impl interface::time::Timer for Timer {
/// Return a reference to the time manager.
pub fn time_manager() -> &'static impl time::interface::TimeManager {
&TIME_MANAGER
}
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
impl time::interface::TimeManager for GenericTimer {
fn resolution(&self) -> Duration {
Duration::from_nanos(NS_PER_S / (CNTFRQ_EL0.get() as u64))
}

53
13_integrated_testing/src/arch/aarch64/sync.rs
Unescape Escape View File

@ -1,53 +0,0 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Synchronization primitives.
use crate::interface;
use core::cell::UnsafeCell;
//--------------------------------------------------------------------------------------------------
// Arch-public
//--------------------------------------------------------------------------------------------------
/// A pseudo-lock for teaching purposes.
///
/// Used to introduce [interior mutability].
///
/// In contrast to a real Mutex implementation, does not protect against concurrent access to the
/// contained data. This part is preserved for later lessons.
///
/// The lock will only be used as long as it is safe to do so, i.e. as long as the kernel is
/// executing single-threaded, aka only running on a single core with interrupts disabled.
///
/// [interior mutability]: https://doc.rust-lang.org/std/cell/index.html
pub struct NullLock<T: ?Sized> {
data: UnsafeCell<T>,
}
unsafe impl<T: ?Sized + Send> Send for NullLock<T> {}
unsafe impl<T: ?Sized + Send> Sync for NullLock<T> {}
impl<T> NullLock<T> {
/// Wraps `data` into a new `NullLock`.
pub const fn new(data: T) -> NullLock<T> {
NullLock {
data: UnsafeCell::new(data),
}
}
}
//--------------------------------------------------------------------------------------------------
// OS interface implementations
//--------------------------------------------------------------------------------------------------
impl<T> interface::sync::Mutex for &NullLock<T> {
type Data = T;
fn lock<R>(&mut self, f: impl FnOnce(&mut Self::Data) -> R) -> R {
// In a real lock, there would be code encapsulating this line that ensures that this
// mutable reference will ever only be given out once at a time.
f(unsafe { &mut *self.data.get() })
}
}

10
13_integrated_testing/src/bsp.rs
Unescape Escape View File

@ -2,15 +2,15 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Conditional exporting of Board Support Packages.
//! Conditional re-exporting of Board Support Packages.
mod driver;
mod device_driver;
#[cfg(any(feature = "bsp_rpi3", feature = "bsp_rpi4"))]
mod rpi;
mod raspberrypi;
#[cfg(any(feature = "bsp_rpi3", feature = "bsp_rpi4"))]
pub use rpi::*;
pub use raspberrypi::*;
//--------------------------------------------------------------------------------------------------
// Testing
@ -24,7 +24,7 @@ mod tests {
/// Ensure the kernel's virtual memory layout is free of overlaps.
#[kernel_test]
fn virt_mem_layout_has_no_overlaps() {
let layout = virt_mem_layout().inner();
let layout = memory::mmu::virt_mem_layout().inner();
for (i, first) in layout.iter().enumerate() {
for second in layout.iter().skip(i + 1) {

2
13_integrated_testing/src/bsp/driver.rs → 13_integrated_testing/src/bsp/device_driver.rs
Unescape Escape View File

@ -2,7 +2,7 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Drivers.
//! Device driver.
#[cfg(any(feature = "bsp_rpi3", feature = "bsp_rpi4"))]
mod bcm;

4
13_integrated_testing/src/bsp/driver/bcm.rs → 13_integrated_testing/src/bsp/device_driver/bcm.rs
Unescape Escape View File

@ -7,5 +7,5 @@
mod bcm2xxx_gpio;
mod bcm2xxx_pl011_uart;
pub use bcm2xxx_gpio::GPIO;
pub use bcm2xxx_pl011_uart::{PL011Uart, PanicUart};
pub use bcm2xxx_gpio::*;
pub use bcm2xxx_pl011_uart::*;

61
13_integrated_testing/src/bsp/driver/bcm/bcm2xxx_gpio.rs → 13_integrated_testing/src/bsp/device_driver/bcm/bcm2xxx_gpio.rs
Unescape Escape View File

@ -2,12 +2,16 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! GPIO driver.
//! GPIO Driver.
use crate::{arch, arch::sync::NullLock, interface};
use crate::{cpu, driver, synchronization, synchronization::NullLock};
use core::ops;
use register::{mmio::*, register_bitfields, register_structs};
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
// GPIO registers.
//
// Descriptions taken from
@ -66,12 +70,23 @@ register_structs! {
}
}
/// The driver's private data.
struct GPIOInner {
base_addr: usize,
}
/// Deref to RegisterBlock.
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Representation of the GPIO HW.
pub struct GPIO {
inner: NullLock<GPIOInner>,
}
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
impl ops::Deref for GPIOInner {
type Target = RegisterBlock;
@ -81,29 +96,28 @@ impl ops::Deref for GPIOInner {
}
impl GPIOInner {
const fn new(base_addr: usize) -> GPIOInner {
GPIOInner { base_addr }
const fn new(base_addr: usize) -> Self {
Self { base_addr }
}
/// Return a pointer to the register block.
/// Return a pointer to the associated MMIO register block.
fn ptr(&self) -> *const RegisterBlock {
self.base_addr as *const _
}
}
//--------------------------------------------------------------------------------------------------
// BSP-public
// Public Code
//--------------------------------------------------------------------------------------------------
use interface::sync::Mutex;
/// The driver's main struct.
pub struct GPIO {
inner: NullLock<GPIOInner>,
}
impl GPIO {
pub const unsafe fn new(base_addr: usize) -> GPIO {
GPIO {
/// Create an instance.
///
/// # Safety
///
/// - The user must ensure to provide the correct `base_addr`.
pub const unsafe fn new(base_addr: usize) -> Self {
Self {
inner: NullLock::new(GPIOInner::new(base_addr)),
}
}
@ -122,24 +136,25 @@ impl GPIO {
// Enable pins 14 and 15.
inner.GPPUD.set(0);
arch::spin_for_cycles(150);
cpu::spin_for_cycles(150);
inner
.GPPUDCLK0
.write(GPPUDCLK0::PUDCLK14::AssertClock + GPPUDCLK0::PUDCLK15::AssertClock);
arch::spin_for_cycles(150);
cpu::spin_for_cycles(150);
inner.GPPUDCLK0.set(0);
})
}
}
//--------------------------------------------------------------------------------------------------
// OS interface implementations
//--------------------------------------------------------------------------------------------------
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
use synchronization::interface::Mutex;
impl interface::driver::DeviceDriver for GPIO {
impl driver::interface::DeviceDriver for GPIO {
fn compatible(&self) -> &str {
"GPIO"
"BCM GPIO"
}
}

82
13_integrated_testing/src/bsp/driver/bcm/bcm2xxx_pl011_uart.rs → 13_integrated_testing/src/bsp/device_driver/bcm/bcm2xxx_pl011_uart.rs
Unescape Escape View File

@ -4,10 +4,14 @@
//! PL011 UART driver.
use crate::{arch, arch::sync::NullLock, interface};
use crate::{console, cpu, driver, synchronization, synchronization::NullLock};
use core::{fmt, ops};
use register::{mmio::*, register_bitfields, register_structs};
//--------------------------------------------------------------------------------------------------
// Private Definitions
//--------------------------------------------------------------------------------------------------
// PL011 UART registers.
//
// Descriptions taken from
@ -109,6 +113,10 @@ register_bitfields! {
]
}
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
register_structs! {
#[allow(non_snake_case)]
pub RegisterBlock {
@ -126,13 +134,24 @@ register_structs! {
}
}
/// The driver's mutex protected part.
pub struct PL011UartInner {
base_addr: usize,
chars_written: usize,
chars_read: usize,
}
// Export the inner struct so that BSPs can use it for the panic handler.
pub use PL011UartInner as PanicUart;
/// Representation of the UART.
pub struct PL011Uart {
inner: NullLock<PL011UartInner>,
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Deref to RegisterBlock.
///
/// Allows writing
@ -152,8 +171,13 @@ impl ops::Deref for PL011UartInner {
}
impl PL011UartInner {
pub const unsafe fn new(base_addr: usize) -> PL011UartInner {
PL011UartInner {
/// Create an instance.
///
/// # Safety
///
/// - The user must ensure to provide the correct `base_addr`.
pub const unsafe fn new(base_addr: usize) -> Self {
Self {
base_addr,
chars_written: 0,
chars_read: 0,
@ -164,7 +188,7 @@ impl PL011UartInner {
///
/// Results in 8N1 and 230400 baud (if the clk has been previously set to 48 MHz by the
/// firmware).
pub fn init(&self) {
pub fn init(&mut self) {
// Turn it off temporarily.
self.CR.set(0);
@ -186,7 +210,7 @@ impl PL011UartInner {
fn write_char(&mut self, c: char) {
// Spin while TX FIFO full is set, waiting for an empty slot.
while self.FR.matches_all(FR::TXFF::SET) {
arch::nop();
cpu::nop();
}
// Write the character to the buffer.
@ -215,42 +239,28 @@ impl fmt::Write for PL011UartInner {
}
}
//--------------------------------------------------------------------------------------------------
// Export the inner struct so that BSPs can use it for the panic handler
//--------------------------------------------------------------------------------------------------
pub use PL011UartInner as PanicUart;
//--------------------------------------------------------------------------------------------------
// BSP-public
//--------------------------------------------------------------------------------------------------
/// The driver's main struct.
pub struct PL011Uart {
inner: NullLock<PL011UartInner>,
}
impl PL011Uart {
/// # Safety
///
/// The user must ensure to provide the correct `base_addr`.
pub const unsafe fn new(base_addr: usize) -> PL011Uart {
PL011Uart {
/// - The user must ensure to provide the correct `base_addr`.
pub const unsafe fn new(base_addr: usize) -> Self {
Self {
inner: NullLock::new(PL011UartInner::new(base_addr)),
}
}
}
//--------------------------------------------------------------------------------------------------
// OS interface implementations
//--------------------------------------------------------------------------------------------------
use interface::sync::Mutex;
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
use synchronization::interface::Mutex;
impl interface::driver::DeviceDriver for PL011Uart {
impl driver::interface::DeviceDriver for PL011Uart {
fn compatible(&self) -> &str {
"PL011Uart"
"BCM PL011 UART"
}
fn init(&self) -> interface::driver::Result {
fn init(&self) -> Result<(), ()> {
let mut r = &self.inner;
r.lock(|inner| inner.init());
@ -258,7 +268,7 @@ impl interface::driver::DeviceDriver for PL011Uart {
}
}
impl interface::console::Write for PL011Uart {
impl console::interface::Write for PL011Uart {
/// Passthrough of `args` to the `core::fmt::Write` implementation, but guarded by a Mutex to
/// serialize access.
fn write_char(&self, c: char) {
@ -274,23 +284,23 @@ impl interface::console::Write for PL011Uart {
}
fn flush(&self) {
let mut r = &self.inner;
// Spin until TX FIFO empty is set.
let mut r = &self.inner;
r.lock(|inner| {
while !inner.FR.matches_all(FR::TXFE::SET) {
arch::nop();
cpu::nop();
}
});
}
}
impl interface::console::Read for PL011Uart {
impl console::interface::Read for PL011Uart {
fn read_char(&self) -> char {
let mut r = &self.inner;
r.lock(|inner| {
// Spin while RX FIFO empty is set.
while inner.FR.matches_all(FR::RXFE::SET) {
arch::nop();
cpu::nop();
}
// Read one character.
@ -319,7 +329,7 @@ impl interface::console::Read for PL011Uart {
}
}
impl interface::console::Statistics for PL011Uart {
impl console::interface::Statistics for PL011Uart {
fn chars_written(&self) -> usize {
let mut r = &self.inner;
r.lock(|inner| inner.chars_written)

38
13_integrated_testing/src/bsp/raspberrypi.rs
Unescape Escape View File

@ -0,0 +1,38 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Top-level BSP file for the Raspberry Pi 3 and 4.
pub mod console;
pub mod cpu;
pub mod driver;
pub mod memory;
//--------------------------------------------------------------------------------------------------
// Global instances
//--------------------------------------------------------------------------------------------------
use super::device_driver;
static GPIO: device_driver::GPIO =
unsafe { device_driver::GPIO::new(memory::map::mmio::GPIO_BASE) };
static PL011_UART: device_driver::PL011Uart =
unsafe { device_driver::PL011Uart::new(memory::map::mmio::PL011_UART_BASE) };
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Board identification.
pub fn board_name() -> &'static str {
#[cfg(feature = "bsp_rpi3")]
{
"Raspberry Pi 3"
}
#[cfg(feature = "bsp_rpi4")]
{
"Raspberry Pi 4"
}
}

40
13_integrated_testing/src/bsp/raspberrypi/console.rs
Unescape Escape View File

@ -0,0 +1,40 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! BSP console facilities.
use super::{super::device_driver, memory::map};
use crate::console;
use core::fmt;
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// In case of a panic, the panic handler uses this function to take a last shot at printing
/// something before the system is halted.
///
/// # Safety
///
/// - Use only for printing during a panic.
pub unsafe fn panic_console_out() -> impl fmt::Write {
let mut uart = device_driver::PanicUart::new(map::mmio::PL011_UART_BASE);
uart.init();
uart
}
/// Return a reference to the console.
pub fn console() -> &'static impl console::interface::All {
&super::PL011_UART
}
//--------------------------------------------------------------------------------------------------
// Testing
//--------------------------------------------------------------------------------------------------
/// Minimal code needed to bring up the console in QEMU (for testing only). This is often less steps
/// than on real hardware due to QEMU's abstractions.
///
/// For the RPi, nothing needs to be done.
pub fn qemu_bring_up_console() {}

15
13_integrated_testing/src/bsp/raspberrypi/cpu.rs
Unescape Escape View File

@ -0,0 +1,15 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! BSP Processor code.
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Used by `arch` code to find the early boot core.
pub const BOOT_CORE_ID: usize = 0;
/// The early boot core's stack address.
pub const BOOT_CORE_STACK_START: u64 = 0x80_000;

49
13_integrated_testing/src/bsp/raspberrypi/driver.rs
Unescape Escape View File

@ -0,0 +1,49 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! BSP driver support.
use crate::driver;
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Device Driver Manager type.
pub struct BSPDriverManager {
device_drivers: [&'static (dyn DeviceDriver + Sync); 2],
}
//--------------------------------------------------------------------------------------------------
// Global instances
//--------------------------------------------------------------------------------------------------
static BSP_DRIVER_MANAGER: BSPDriverManager = BSPDriverManager {
device_drivers: [&super::GPIO, &super::PL011_UART],
};
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Return a reference to the driver manager.
pub fn driver_manager() -> &'static impl driver::interface::DriverManager {
&BSP_DRIVER_MANAGER
}
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
use driver::interface::DeviceDriver;
impl driver::interface::DriverManager for BSPDriverManager {
fn all_device_drivers(&self) -> &[&'static (dyn DeviceDriver + Sync)] {
&self.device_drivers[..]
}
fn post_device_driver_init(&self) {
// Configure PL011Uart's output pins.
super::GPIO.map_pl011_uart();
}
}

0
13_integrated_testing/src/bsp/rpi/link.ld → 13_integrated_testing/src/bsp/raspberrypi/link.ld
Unescape Escape View File

42
13_integrated_testing/src/bsp/raspberrypi/memory.rs
Unescape Escape View File

@ -0,0 +1,42 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! BSP Memory Management.
pub mod mmu;
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// The board's memory map.
#[rustfmt::skip]
pub(super) mod map {
pub const END_INCLUSIVE: usize = 0xFFFF_FFFF;
pub const GPIO_OFFSET: usize = 0x0020_0000;
pub const UART_OFFSET: usize = 0x0020_1000;
/// Physical devices.
#[cfg(feature = "bsp_rpi3")]
pub mod mmio {
use super::*;
pub const BASE: usize = 0x3F00_0000;
pub const GPIO_BASE: usize = BASE + GPIO_OFFSET;
pub const PL011_UART_BASE: usize = BASE + UART_OFFSET;
pub const END_INCLUSIVE: usize = 0x4000_FFFF;
}
/// Physical devices.
#[cfg(feature = "bsp_rpi4")]
pub mod mmio {
use super::*;
pub const BASE: usize = 0xFE00_0000;
pub const GPIO_BASE: usize = BASE + GPIO_OFFSET;
pub const PL011_UART_BASE: usize = BASE + UART_OFFSET;
pub const END_INCLUSIVE: usize = 0xFF84_FFFF;
}
}

35
13_integrated_testing/src/bsp/rpi/virt_mem_layout.rs → 13_integrated_testing/src/bsp/raspberrypi/memory/mmu.rs
Unescape Escape View File

@ -2,23 +2,24 @@
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! The virtual memory layout.
//!
//! The layout must contain only special ranges, aka anything that is _not_ normal cacheable DRAM.
//! It is agnostic of the paging granularity that the architecture's MMU will use.
//! BSP Memory Management Unit.
use super::memory_map;
use crate::memory::*;
use super::super::memory;
use crate::memory::mmu::*;
use core::ops::RangeInclusive;
//--------------------------------------------------------------------------------------------------
// BSP-public
// Public Definitions
//--------------------------------------------------------------------------------------------------
pub const NUM_MEM_RANGES: usize = 2;
const NUM_MEM_RANGES: usize = 2;
/// The virtual memory layout.
///
/// The layout must contain only special ranges, aka anything that is _not_ normal cacheable DRAM.
/// It is agnostic of the paging granularity that the architecture's MMU will use.
pub static LAYOUT: KernelVirtualLayout<{ NUM_MEM_RANGES }> = KernelVirtualLayout::new(
memory_map::END_INCLUSIVE,
memory::map::END_INCLUSIVE,
[
RangeDescriptor {
name: "Kernel code and RO data",
@ -56,7 +57,7 @@ pub static LAYOUT: KernelVirtualLayout<{ NUM_MEM_RANGES }> = KernelVirtualLayout
RangeDescriptor {
name: "Device MMIO",
virtual_range: || {
RangeInclusive::new(memory_map::mmio::BASE, memory_map::mmio::END_INCLUSIVE)
RangeInclusive::new(memory::map::mmio::BASE, memory::map::mmio::END_INCLUSIVE)
},
translation: Translation::Identity,
attribute_fields: AttributeFields {
@ -68,6 +69,20 @@ pub static LAYOUT: KernelVirtualLayout<{ NUM_MEM_RANGES }> = KernelVirtualLayout
],
);
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Return the address space size in bytes.
pub const fn addr_space_size() -> usize {
memory::map::END_INCLUSIVE + 1
}
/// Return a reference to the virtual memory layout.
pub fn virt_mem_layout() -> &'static KernelVirtualLayout<{ NUM_MEM_RANGES }> {
&LAYOUT
}
//--------------------------------------------------------------------------------------------------
// Testing
//--------------------------------------------------------------------------------------------------

95
13_integrated_testing/src/bsp/rpi.rs
Unescape Escape View File

@ -1,95 +0,0 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Board Support Package for the Raspberry Pi.
mod memory_map;
mod virt_mem_layout;
use super::driver;
use crate::{interface, memory::KernelVirtualLayout};
use core::fmt;
/// Used by `arch` code to find the early boot core.
pub const BOOT_CORE_ID: u64 = 0;
/// The early boot core's stack address.
pub const BOOT_CORE_STACK_START: u64 = 0x80_000;
//--------------------------------------------------------------------------------------------------
// Global BSP driver instances
//--------------------------------------------------------------------------------------------------
static GPIO: driver::GPIO = unsafe { driver::GPIO::new(memory_map::mmio::GPIO_BASE) };
static PL011_UART: driver::PL011Uart =
unsafe { driver::PL011Uart::new(memory_map::mmio::PL011_UART_BASE) };
//--------------------------------------------------------------------------------------------------
// Implementation of the kernel's BSP calls
//--------------------------------------------------------------------------------------------------
/// Board identification.
pub fn board_name() -> &'static str {
#[cfg(feature = "bsp_rpi3")]
{
"Raspberry Pi 3"
}
#[cfg(feature = "bsp_rpi4")]
{
"Raspberry Pi 4"
}
}
/// Return a reference to a `console::All` implementation.
pub fn console() -> &'static impl interface::console::All {
&PL011_UART
}
/// In case of a panic, the panic handler uses this function to take a last shot at printing
/// something before the system is halted.
///
/// # Safety
///
/// - Use only for printing during a panic.
pub unsafe fn panic_console_out() -> impl fmt::Write {
let uart = driver::PanicUart::new(memory_map::mmio::PL011_UART_BASE);
uart.init();
uart
}
/// Return an array of references to all `DeviceDriver` compatible `BSP` drivers.
///
/// # Safety
///
/// The order of devices is the order in which `DeviceDriver::init()` is called.
pub fn device_drivers() -> [&'static dyn interface::driver::DeviceDriver; 2] {
[&GPIO, &PL011_UART]
}
/// BSP initialization code that runs after driver init.
pub fn post_driver_init() {
// Configure PL011Uart's output pins.
GPIO.map_pl011_uart();
}
/// Return the address space size in bytes.
pub const fn addr_space_size() -> usize {
memory_map::END_INCLUSIVE + 1
}
/// Return a reference to the virtual memory layout.
pub fn virt_mem_layout() -> &'static KernelVirtualLayout<{ virt_mem_layout::NUM_MEM_RANGES }> {
&virt_mem_layout::LAYOUT
}
//--------------------------------------------------------------------------------------------------
// Testing
//--------------------------------------------------------------------------------------------------
/// Minimal code needed to bring up the console in QEMU (for testing only). This is often less steps
/// than on real hardware due to QEMU's abstractions.
///
/// For the RPi, nothing needs to be done.
pub fn qemu_bring_up_console() {}

27
13_integrated_testing/src/bsp/rpi/memory_map.rs
Unescape Escape View File

@ -1,27 +0,0 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! The board's memory map.
#[cfg(feature = "bsp_rpi3")]
#[rustfmt::skip]
pub const END_INCLUSIVE: usize = 0x3FFF_FFFF;
#[cfg(feature = "bsp_rpi4")]
#[rustfmt::skip]
pub const END_INCLUSIVE: usize = 0xFFFF_FFFF;
/// Physical devices.
#[rustfmt::skip]
pub mod mmio {
#[cfg(feature = "bsp_rpi3")]
pub const BASE: usize = 0x3F00_0000;
#[cfg(feature = "bsp_rpi4")]
pub const BASE: usize = 0xFE00_0000;
pub const GPIO_BASE: usize = BASE + 0x0020_0000;
pub const PL011_UART_BASE: usize = BASE + 0x0020_1000;
pub const END_INCLUSIVE: usize = super::END_INCLUSIVE;
}

54
13_integrated_testing/src/console.rs
Unescape Escape View File

@ -0,0 +1,54 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! System console.
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Console interfaces.
pub mod interface {
use core::fmt;
/// Console write functions.
pub trait Write {
/// Write a single character.
fn write_char(&self, c: char);
/// Write a Rust format string.
fn write_fmt(&self, args: fmt::Arguments) -> fmt::Result;
/// Block execution until the last character has been physically put on the TX wire
/// (draining TX buffers/FIFOs, if any).
fn flush(&self);
}
/// Console read functions.
pub trait Read {
/// Read a single character.
fn read_char(&self) -> char {
' '
}
/// Clear RX buffers, if any.
fn clear(&self);
}
/// Console statistics.
pub trait Statistics {
/// Return the number of characters written.
fn chars_written(&self) -> usize {
0
}
/// Return the number of characters read.
fn chars_read(&self) -> usize {
0
}
}
/// Trait alias for a full-fledged console.
pub trait All = Write + Read + Statistics;
}

12
13_integrated_testing/src/cpu.rs
Unescape Escape View File

@ -0,0 +1,12 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Processor code.
#[cfg(target_arch = "aarch64")]
#[path = "_arch/aarch64/cpu.rs"]
mod arch_cpu;
pub use arch_cpu::*;
pub mod smp;

10
13_integrated_testing/src/cpu/smp.rs
Unescape Escape View File

@ -0,0 +1,10 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Symmetric multiprocessing.
#[cfg(target_arch = "aarch64")]
#[path = "../_arch/aarch64/cpu/smp.rs"]
mod arch_cpu_smp;
pub use arch_cpu_smp::*;

41
13_integrated_testing/src/driver.rs
Unescape Escape View File

@ -0,0 +1,41 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Driver support.
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Driver interfaces.
pub mod interface {
/// Device Driver functions.
pub trait DeviceDriver {
/// Return a compatibility string for identifying the driver.
fn compatible(&self) -> &str;
/// Called by the kernel to bring up the device.
fn init(&self) -> Result<(), ()> {
Ok(())
}
}
/// Device driver management functions.
///
/// The `BSP` is supposed to supply one global instance.
pub trait DriverManager {
/// Return a slice of references to all `BSP`-instantiated drivers.
///
/// # Safety
///
/// - The order of devices is the order in which `DeviceDriver::init()` is called.
fn all_device_drivers(&self) -> &[&'static (dyn DeviceDriver + Sync)];
/// Initialization code that runs after driver init.
///
/// For example, device driver code that depends on other drivers already being online.
fn post_device_driver_init(&self);
}
}

21
13_integrated_testing/src/arch.rs → 13_integrated_testing/src/exception.rs
Unescape Escape View File

@ -1,16 +1,21 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Conditional exporting of processor architecture code.
//! Synchronous and asynchronous exception handling.
#[cfg(any(feature = "bsp_rpi3", feature = "bsp_rpi4"))]
mod aarch64;
#[cfg(target_arch = "aarch64")]
#[path = "_arch/aarch64/exception.rs"]
mod arch_exception;
pub use arch_exception::*;
#[cfg(any(feature = "bsp_rpi3", feature = "bsp_rpi4"))]
pub use aarch64::*;
pub mod asynchronous;
/// Architectural privilege level.
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Kernel privilege levels.
#[allow(missing_docs)]
#[derive(PartialEq)]
pub enum PrivilegeLevel {
@ -32,7 +37,7 @@ mod tests {
/// Libkernel unit tests must execute in kernel mode.
#[kernel_test]
fn test_runner_executes_in_kernel_mode() {
let (level, _) = state::current_privilege_level();
let (level, _) = current_privilege_level();
assert!(level == PrivilegeLevel::Kernel)
}

10
13_integrated_testing/src/exception/asynchronous.rs
Unescape Escape View File

@ -0,0 +1,10 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Asynchronous exception handling.
#[cfg(target_arch = "aarch64")]
#[path = "../_arch/aarch64/exception/asynchronous.rs"]
mod arch_exception_async;
pub use arch_exception_async::*;

147
13_integrated_testing/src/interface.rs
Unescape Escape View File

@ -1,147 +0,0 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2018-2020 Andre Richter <andre.o.richter@gmail.com>
//! Trait definitions for coupling `kernel` and `BSP` code.
//!
//! ```
//! +-------------------+
//! | Interface (Trait) |
//! | |
//! +--+-------------+--+
//! ^ ^
//! | |
//! | |
//! +----------+--+ +--+----------+
//! | Kernel code | | BSP Code |
//! | | | |
//! +-------------+ +-------------+
//! ```
/// System console operations.
pub mod console {
use core::fmt;
/// Console write functions.
pub trait Write {
/// Write a single character.
fn write_char(&self, c: char);
/// Write a Rust format string.
fn write_fmt(&self, args: fmt::Arguments) -> fmt::Result;
/// Block execution until the last character has been physically put on the TX wire
/// (draining TX buffers/FIFOs, if any).
fn flush(&self);
}
/// Console read functions.
pub trait Read {
/// Read a single character.
fn read_char(&self) -> char {
' '
}
/// Clear RX buffers, if any.
fn clear(&self);
}
/// Console statistics.
pub trait Statistics {
/// Return the number of characters written.
fn chars_written(&self) -> usize {
0
}
/// Return the number of characters read.
fn chars_read(&self) -> usize {
0
}
}
/// Trait alias for a full-fledged console.
pub trait All = Write + Read + Statistics;
}
/// Synchronization primitives.
pub mod sync {
/// Any object implementing this trait guarantees exclusive access to the data contained within
/// the mutex for the duration of the lock.
///
/// The trait follows the [Rust embedded WG's
/// proposal](https://github.com/korken89/wg/blob/master/rfcs/0377-mutex-trait.md) and therefore
/// provides some goodness such as [deadlock
/// prevention](https://github.com/korken89/wg/blob/master/rfcs/0377-mutex-trait.md#design-decisions-and-compatibility).
///
/// # Example
///
/// Since the lock function takes an `&mut self` to enable deadlock-prevention, the trait is
/// best implemented **for a reference to a container struct**, and has a usage pattern that
/// might feel strange at first:
///
/// ```
/// static MUT: Mutex<RefCell<i32>> = Mutex::new(RefCell::new(0));
///
/// fn foo() {
/// let mut r = &MUT; // Note that r is mutable
/// r.lock(|data| *data += 1);
/// }
/// ```
pub trait Mutex {
/// Type of data encapsulated by the mutex.
type Data;
/// Creates a critical section and grants temporary mutable access to the encapsulated data.
fn lock<R>(&mut self, f: impl FnOnce(&mut Self::Data) -> R) -> R;
}
}
/// Driver interfaces.
pub mod driver {
/// Driver result type, e.g. for indicating successful driver init.
pub type Result = core::result::Result<(), ()>;
/// Device Driver functions.
pub trait DeviceDriver {
/// Return a compatibility string for identifying the driver.
fn compatible(&self) -> &str;
/// Called by the kernel to bring up the device.
fn init(&self) -> Result {
Ok(())
}
}
}
/// Timekeeping interfaces.
pub mod time {
use core::time::Duration;
/// Timer functions.
pub trait Timer {
/// The timer's resolution.
fn resolution(&self) -> Duration;
/// The uptime since power-on of the device.
///
/// This includes time consumed by firmware and bootloaders.
fn uptime(&self) -> Duration;
/// Spin for a given duration.
fn spin_for(&self, duration: Duration);
}
}
/// Memory Management interfaces.
pub mod mm {
/// MMU functions.
pub trait MMU {
/// Called by the kernel during early init. Supposed to take the page tables from the
/// `BSP`-supplied `virt_mem_layout()` and install/activate them for the respective MMU.
///
/// # Safety
///
/// - Changes the HW's global state.
unsafe fn init(&self) -> Result<(), &'static str>;
}
}

122
13_integrated_testing/src/lib.rs
Unescape Escape View File

@ -8,12 +8,111 @@
//! The `kernel` library.
//!
//! Used by `main.rs` to compose the final kernel binary.
//!
//! # TL;DR - Overview of important Kernel entities
//!
//! - [`bsp::console::console()`] - Returns a reference to the kernel's [console interface].
//! - [`bsp::driver::driver_manager()`] - Returns a reference to the kernel's [driver interface].
//! - [`memory::mmu::mmu()`] - Returns a reference to the kernel's [MMU interface].
//! - [`time::time_manager()`] - Returns a reference to the kernel's [timer interface].
//!
//! [console interface]: ../libkernel/console/interface/index.html
//! [driver interface]: ../libkernel/driver/interface/trait.DriverManager.html
//! [MMU interface]: ../libkernel/memory/mmu/interface/trait.MMU.html
//! [timer interface]: ../libkernel/time/interface/trait.TimeManager.html
//!
//! # Code organization and architecture
//!
//! The code is divided into different *modules*, each representing a typical **subsystem** of the
//! `kernel`. Top-level module files of subsystems reside directly in the `src` folder. For example,
//! `src/memory.rs` contains code that is concerned with all things memory management.
//!
//! ## Visibility of processor architecture code
//!
//! Some of the `kernel`'s subsystems depend on low-level code that is specific to the target
//! processor architecture. For each supported processor architecture, there exists a subfolder in
//! `src/_arch`, for example, `src/_arch/aarch64`.
//!
//! The architecture folders mirror the subsystem modules laid out in `src`. For example,
//! architectural code that belongs to the `kernel`'s memory subsystem (`src/memory.rs`) would go
//! into `src/_arch/aarch64/memory.rs`. The latter file is directly included and re-exported in
//! `src/memory.rs`, so that the architectural code parts are transparent with respect to the code's
//! module organization. That means a public function `foo()` defined in
//! `src/_arch/aarch64/memory.rs` would be reachable as `crate::memory::foo()` only.
//!
//! The `_` in `_arch` denotes that this folder is not part of the standard module hierarchy.
//! Rather, it's contents are conditionally pulled into respective files using the `#[path =
//! "_arch/xxx/yyy.rs"]` attribute.
//!
//! ## BSP code
//!
//! `BSP` stands for Board Support Package. `BSP` code is organized under `src/bsp.rs` and contains
//! target board specific definitions and functions. These are things such as the board's memory map
//! or instances of drivers for devices that are featured on the respective board.
//!
//! Just like processor architecture code, the `BSP` code's module structure tries to mirror the
//! `kernel`'s subsystem modules, but there is no transparent re-exporting this time. That means
//! whatever is provided must be called starting from the `bsp` namespace, e.g.
//! `bsp::driver::driver_manager()`.
//!
//! ## Kernel interfaces
//!
//! Both `arch` and `bsp` contain code that is conditionally compiled depending on the actual target
//! and board for which the kernel is compiled. For example, the `interrupt controller` hardware of
//! the `Raspberry Pi 3` and the `Raspberry Pi 4` is different, but we want the rest of the `kernel`
//! code to play nicely with any of the two without much hassle.
//!
//! In order to provide a clean abstraction between `arch`, `bsp` and `generic kernel code`,
//! `interface` traits are provided *whenever possible* and *where it makes sense*. They are defined
//! in the respective subsystem module and help to enforce the idiom of *program to an interface,
//! not an implementation*. For example, there will be a common IRQ handling interface which the two
//! different interrupt controller `drivers` of both Raspberrys will implement, and only export the
//! interface to the rest of the `kernel`.
//!
//! ```
//! +-------------------+
//! | Interface (Trait) |
//! | |
//! +--+-------------+--+
//! ^ ^
//! | |
//! | |
//! +----------+--+ +--+----------+
//! | kernel code | | bsp code |
//! | | | arch code |
//! +-------------+ +-------------+
//! ```
//!
//! # Summary
//!
//! For a logical `kernel` subsystem, corresponding code can be distributed over several physical
//! locations. Here is an example for the **memory** subsystem:
//!
//! - `src/memory.rs` and `src/memory/**/*`
//! - Common code that is agnostic of target processor architecture and `BSP` characteristics.
//! - Example: A function to zero a chunk of memory.
//! - Interfaces for the memory subsystem that are implemented by `arch` or `BSP` code.
//! - Example: An `MMU` interface that defines `MMU` function prototypes.
//! - `src/bsp/__board_name__/memory.rs` and `src/bsp/__board_name__/memory/**/*`
//! - `BSP` specific code.
//! - Example: The board's memory map (physical addresses of DRAM and MMIO devices).
//! - `src/_arch/__arch_name__/memory.rs` and `src/_arch/__arch_name__/memory/**/*`
//! - Processor architecture specific code.
//! - Example: Implementation of the `MMU` interface for the `__arch_name__` processor
//! architecture.
//!
//! From a namespace perspective, **memory** subsystem code lives in:
//!
//! - `crate::memory::*`
//! - `crate::bsp::memory::*`
#![allow(incomplete_features)]
#![feature(const_generics)]
#![feature(custom_inner_attributes)]
#![feature(format_args_nl)]
#![feature(global_asm)]
#![feature(linkage)]
#![feature(naked_functions)]
#![feature(panic_info_message)]
#![feature(slice_ptr_range)]
#![feature(trait_alias)]
@ -24,20 +123,21 @@
#![reexport_test_harness_main = "test_main"]
#![test_runner(crate::test_runner)]
// Conditionally includes the selected `architecture` code, which provides the `_start()` function,
// the first function to run.
pub mod arch;
// `mod cpu` provides the `_start()` function, the first function to run. `_start()` then calls
// `runtime_init()`, which jumps to `kernel_init()` (defined in `main.rs`).
// `_start()` then calls `runtime_init()`, which on completion, jumps to `kernel_init()`.
mod panic_wait;
mod runtime_init;
mod synchronization;
// Conditionally includes the selected `BSP` code.
pub mod bsp;
pub mod interface;
mod memory;
mod panic_wait;
pub mod console;
pub mod cpu;
pub mod driver;
pub mod exception;
pub mod memory;
pub mod print;
pub mod time;
//--------------------------------------------------------------------------------------------------
// Testing
@ -62,9 +162,9 @@ pub fn test_runner(tests: &[&test_types::UnitTest]) {
#[cfg(test)]
#[no_mangle]
unsafe fn kernel_init() -> ! {
bsp::qemu_bring_up_console();
bsp::console::qemu_bring_up_console();
test_main();
arch::qemu_exit_success()
cpu::qemu_exit_success()
}

50
13_integrated_testing/src/main.rs
Unescape Escape View File

@ -6,29 +6,15 @@
#![doc(html_logo_url = "https://git.io/JeGIp")]
//! The `kernel` binary.
//!
//! The `kernel` is composed by glueing together code from
//!
//! - [Hardware-specific Board Support Packages] (`BSPs`).
//! - [Architecture-specific code].
//! - HW- and architecture-agnostic `kernel` code.
//!
//! using the [`kernel::interface`] traits.
//!
//! [Hardware-specific Board Support Packages]: bsp/index.html
//! [Architecture-specific code]: arch/index.html
//! [`kernel::interface`]: interface/index.html
#![feature(format_args_nl)]
#![no_main]
#![no_std]
use libkernel::{arch, bsp, info, interface};
use libkernel::{bsp, console, driver, exception, info, memory, time};
/// Early init code.
///
/// Concerned with with initializing `BSP` and `arch` parts.
///
/// # Safety
///
/// - Only a single core must be active and running this function.
@ -39,20 +25,21 @@ use libkernel::{arch, bsp, info, interface};
/// the RPi SoCs.
#[no_mangle]
unsafe fn kernel_init() -> ! {
use interface::mm::MMU;
use driver::interface::DriverManager;
use memory::mmu::interface::MMU;
arch::enable_exception_handling();
exception::handling_init();
if let Err(string) = arch::mmu().init() {
if let Err(string) = memory::mmu::mmu().init() {
panic!("MMU: {}", string);
}
for i in bsp::device_drivers().iter() {
if let Err(()) = i.init() {
for i in bsp::driver::driver_manager().all_device_drivers().iter() {
if i.init().is_err() {
panic!("Error loading driver: {}", i.compatible())
}
}
bsp::post_driver_init();
bsp::driver::driver_manager().post_device_driver_init();
// println! is usable from here on.
// Transition from unsafe to safe.
@ -61,32 +48,37 @@ unsafe fn kernel_init() -> ! {
/// The main function running after the early init.
fn kernel_main() -> ! {
use interface::console::All;
use console::interface::All;
use driver::interface::DriverManager;
info!("Booting on: {}", bsp::board_name());
info!("MMU online. Special regions:");
bsp::virt_mem_layout().print_layout();
bsp::memory::mmu::virt_mem_layout().print_layout();
let (_, privilege_level) = arch::state::current_privilege_level();
let (_, privilege_level) = exception::current_privilege_level();
info!("Current privilege level: {}", privilege_level);
info!("Exception handling state:");
arch::state::print_exception_state();
exception::asynchronous::print_state();
info!(
"Architectural timer resolution: {} ns",
arch::timer().resolution().as_nanos()
time::time_manager().resolution().as_nanos()
);
info!("Drivers loaded:");
for (i, driver) in bsp::device_drivers().iter().enumerate() {
for (i, driver) in bsp::driver::driver_manager()
.all_device_drivers()
.iter()
.enumerate()
{
info!(" {}. {}", i + 1, driver.compatible());
}
info!("Echoing input now");
loop {
let c = bsp::console().read_char();
bsp::console().write_char(c);
let c = bsp::console::console().read_char();
bsp::console::console().write_char(c);
}
}

156
13_integrated_testing/src/memory.rs
Unescape Escape View File

@ -4,10 +4,13 @@
//! Memory Management.
use core::{
fmt,
ops::{Range, RangeInclusive},
};
pub mod mmu;
use core::ops::Range;
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Zero out a memory region.
///
@ -27,151 +30,6 @@ where
}
}
#[derive(Copy, Clone)]
pub enum Translation {
Identity,
Offset(usize),
}
#[derive(Copy, Clone)]
pub enum MemAttributes {
CacheableDRAM,
Device,
}
#[derive(Copy, Clone)]
pub enum AccessPermissions {
ReadOnly,
ReadWrite,
}
#[derive(Copy, Clone)]
pub struct AttributeFields {
pub mem_attributes: MemAttributes,
pub acc_perms: AccessPermissions,
pub execute_never: bool,
}
impl Default for AttributeFields {
fn default() -> AttributeFields {
AttributeFields {
mem_attributes: MemAttributes::CacheableDRAM,
acc_perms: AccessPermissions::ReadWrite,
execute_never: true,
}
}
}
/// An architecture agnostic descriptor for a memory range.
pub struct RangeDescriptor {
pub name: &'static str,
pub virtual_range: fn() -> RangeInclusive<usize>,
pub translation: Translation,
pub attribute_fields: AttributeFields,
}
/// Human-readable output of a RangeDescriptor.
impl fmt::Display for RangeDescriptor {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
// Call the function to which self.range points, and dereference the result, which causes
// Rust to copy the value.
let start = *(self.virtual_range)().start();
let end = *(self.virtual_range)().end();
let size = end - start + 1;
// log2(1024).
const KIB_RSHIFT: u32 = 10;
// log2(1024 * 1024).
const MIB_RSHIFT: u32 = 20;
let (size, unit) = if (size >> MIB_RSHIFT) > 0 {
(size >> MIB_RSHIFT, "MiB")
} else if (size >> KIB_RSHIFT) > 0 {
(size >> KIB_RSHIFT, "KiB")
} else {
(size, "Byte")
};
let attr = match self.attribute_fields.mem_attributes {
MemAttributes::CacheableDRAM => "C",
MemAttributes::Device => "Dev",
};
let acc_p = match self.attribute_fields.acc_perms {
AccessPermissions::ReadOnly => "RO",
AccessPermissions::ReadWrite => "RW",
};
let xn = if self.attribute_fields.execute_never {
"PXN"
} else {
"PX"
};
write!(
f,
" {:#010x} - {:#010x} | {: >3} {} | {: <3} {} {: <3} | {}",
start, end, size, unit, attr, acc_p, xn, self.name
)
}
}
/// Type for expressing the kernel's virtual memory layout.
pub struct KernelVirtualLayout<const NUM_SPECIAL_RANGES: usize> {
max_virt_addr_inclusive: usize,
inner: [RangeDescriptor; NUM_SPECIAL_RANGES],
}
impl<const NUM_SPECIAL_RANGES: usize> KernelVirtualLayout<{ NUM_SPECIAL_RANGES }> {
pub const fn new(max: usize, layout: [RangeDescriptor; NUM_SPECIAL_RANGES]) -> Self {
Self {
max_virt_addr_inclusive: max,
inner: layout,
}
}
/// For a virtual address, find and return the output address and corresponding attributes.
///
/// If the address is not found in `inner`, return an identity mapped default with normal
/// cacheable DRAM attributes.
pub fn get_virt_addr_properties(
&self,
virt_addr: usize,
) -> Result<(usize, AttributeFields), &'static str> {
if virt_addr > self.max_virt_addr_inclusive {
return Err("Address out of range");
}
for i in self.inner.iter() {
if (i.virtual_range)().contains(&virt_addr) {
let output_addr = match i.translation {
Translation::Identity => virt_addr,
Translation::Offset(a) => a + (virt_addr - (i.virtual_range)().start()),
};
return Ok((output_addr, i.attribute_fields));
}
}
Ok((virt_addr, AttributeFields::default()))
}
/// Print the memory layout.
pub fn print_layout(&self) {
use crate::info;
for i in self.inner.iter() {
info!("{}", i);
}
}
#[cfg(test)]
pub fn inner(&self) -> &[RangeDescriptor; NUM_SPECIAL_RANGES] {
&self.inner
}
}
//--------------------------------------------------------------------------------------------------
// Testing
//--------------------------------------------------------------------------------------------------

203
13_integrated_testing/src/memory/mmu.rs
Unescape Escape View File

@ -0,0 +1,203 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Memory Management Unit.
//!
//! In order to decouple `BSP` and `arch` parts of the MMU code (to keep them pluggable), this file
//! provides types for composing an architecture-agnostic description of the kernel 's virtual
//! memory layout.
//!
//! The `BSP` provides such a description through the `bsp::memory::mmu::virt_mem_layout()`
//! function.
//!
//! The `MMU` driver of the `arch` code uses `bsp::memory::mmu::virt_mem_layout()` to compile and
//! install respective page tables.
#[cfg(target_arch = "aarch64")]
#[path = "../_arch/aarch64/memory/mmu.rs"]
mod arch_mmu;
pub use arch_mmu::*;
use core::{fmt, ops::RangeInclusive};
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Memory Management interfaces.
pub mod interface {
/// MMU functions.
pub trait MMU {
/// Called by the kernel during early init. Supposed to take the page tables from the
/// `BSP`-supplied `virt_mem_layout()` and install/activate them for the respective MMU.
///
/// # Safety
///
/// - Changes the HW's global state.
unsafe fn init(&self) -> Result<(), &'static str>;
}
}
/// Architecture agnostic translation types.
#[allow(missing_docs)]
#[derive(Copy, Clone)]
pub enum Translation {
Identity,
Offset(usize),
}
/// Architecture agnostic memory attributes.
#[allow(missing_docs)]
#[derive(Copy, Clone)]
pub enum MemAttributes {
CacheableDRAM,
Device,
}
/// Architecture agnostic access permissions.
#[allow(missing_docs)]
#[derive(Copy, Clone)]
pub enum AccessPermissions {
ReadOnly,
ReadWrite,
}
/// Collection of memory attributes.
#[allow(missing_docs)]
#[derive(Copy, Clone)]
pub struct AttributeFields {
pub mem_attributes: MemAttributes,
pub acc_perms: AccessPermissions,
pub execute_never: bool,
}
/// Architecture agnostic descriptor for a memory range.
#[allow(missing_docs)]
pub struct RangeDescriptor {
pub name: &'static str,
pub virtual_range: fn() -> RangeInclusive<usize>,
pub translation: Translation,
pub attribute_fields: AttributeFields,
}
/// Type for expressing the kernel's virtual memory layout.
pub struct KernelVirtualLayout<const NUM_SPECIAL_RANGES: usize> {
/// The last (inclusive) address of the address space.
max_virt_addr_inclusive: usize,
/// Array of descriptors for non-standard (normal cacheable DRAM) memory regions.
inner: [RangeDescriptor; NUM_SPECIAL_RANGES],
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
impl Default for AttributeFields {
fn default() -> AttributeFields {
AttributeFields {
mem_attributes: MemAttributes::CacheableDRAM,
acc_perms: AccessPermissions::ReadWrite,
execute_never: true,
}
}
}
/// Human-readable output of a RangeDescriptor.
impl fmt::Display for RangeDescriptor {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
// Call the function to which self.range points, and dereference the result, which causes
// Rust to copy the value.
let start = *(self.virtual_range)().start();
let end = *(self.virtual_range)().end();
let size = end - start + 1;
// log2(1024).
const KIB_RSHIFT: u32 = 10;
// log2(1024 * 1024).
const MIB_RSHIFT: u32 = 20;
let (size, unit) = if (size >> MIB_RSHIFT) > 0 {
(size >> MIB_RSHIFT, "MiB")
} else if (size >> KIB_RSHIFT) > 0 {
(size >> KIB_RSHIFT, "KiB")
} else {
(size, "Byte")
};
let attr = match self.attribute_fields.mem_attributes {
MemAttributes::CacheableDRAM => "C",
MemAttributes::Device => "Dev",
};
let acc_p = match self.attribute_fields.acc_perms {
AccessPermissions::ReadOnly => "RO",
AccessPermissions::ReadWrite => "RW",
};
let xn = if self.attribute_fields.execute_never {
"PXN"
} else {
"PX"
};
write!(
f,
" {:#010x} - {:#010x} | {: >3} {} | {: <3} {} {: <3} | {}",
start, end, size, unit, attr, acc_p, xn, self.name
)
}
}
impl<const NUM_SPECIAL_RANGES: usize> KernelVirtualLayout<{ NUM_SPECIAL_RANGES }> {
/// Create a new instance.
pub const fn new(max: usize, layout: [RangeDescriptor; NUM_SPECIAL_RANGES]) -> Self {
Self {
max_virt_addr_inclusive: max,
inner: layout,
}
}
/// For a virtual address, find and return the output address and corresponding attributes.
///
/// If the address is not found in `inner`, return an identity mapped default with normal
/// cacheable DRAM attributes.
pub fn get_virt_addr_properties(
&self,
virt_addr: usize,
) -> Result<(usize, AttributeFields), &'static str> {
if virt_addr > self.max_virt_addr_inclusive {
return Err("Address out of range");
}
for i in self.inner.iter() {
if (i.virtual_range)().contains(&virt_addr) {
let output_addr = match i.translation {
Translation::Identity => virt_addr,
Translation::Offset(a) => a + (virt_addr - (i.virtual_range)().start()),
};
return Ok((output_addr, i.attribute_fields));
}
}
Ok((virt_addr, AttributeFields::default()))
}
/// Print the memory layout.
pub fn print_layout(&self) {
use crate::info;
for i in self.inner.iter() {
info!("{}", i);
}
}
#[cfg(test)]
pub fn inner(&self) -> &[RangeDescriptor; NUM_SPECIAL_RANGES] {
&self.inner
}
}

36
13_integrated_testing/src/panic_wait.rs
Unescape Escape View File

@ -4,23 +4,17 @@
//! A panic handler that infinitely waits.
use crate::{arch, bsp};
use crate::{bsp, cpu};
use core::{fmt, panic::PanicInfo};
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
fn _panic_print(args: fmt::Arguments) {
use fmt::Write;
unsafe { bsp::panic_console_out().write_fmt(args).unwrap() };
}
/// Prints with a newline - only use from the panic handler.
///
/// Carbon copy from https://doc.rust-lang.org/src/std/macros.rs.html
#[macro_export]
macro_rules! panic_println {
($($arg:tt)*) => ({
_panic_print(format_args_nl!($($arg)*));
})
unsafe { bsp::console::panic_console_out().write_fmt(args).unwrap() };
}
/// The point of exit for the "standard" (non-testing) `libkernel`.
@ -31,13 +25,23 @@ macro_rules! panic_println {
///
/// This is one possible approach to solve the problem that `cargo` can not know who the consumer of
/// the library will be:
/// - The release kernel binary that should safely park the paniced core,
/// - or an `integration test` that is executed in QEMU, which should just exit QEMU.
/// - The release kernel binary that should safely park the paniced core,
/// - or an `integration test` that is executed in QEMU, which should just exit QEMU.
#[cfg(not(test))]
#[linkage = "weak"]
#[no_mangle]
fn _panic_exit() -> ! {
arch::wait_forever()
cpu::wait_forever()
}
/// Prints with a newline - only use from the panic handler.
///
/// Carbon copy from https://doc.rust-lang.org/src/std/macros.rs.html
#[macro_export]
macro_rules! panic_println {
($($arg:tt)*) => ({
_panic_print(format_args_nl!($($arg)*));
})
}
#[panic_handler]
@ -59,5 +63,5 @@ fn panic(info: &PanicInfo) -> ! {
#[cfg(test)]
#[no_mangle]
fn _panic_exit() -> ! {
arch::qemu_exit_failure()
cpu::qemu_exit_failure()
}

34
13_integrated_testing/src/print.rs
Unescape Escape View File

@ -4,16 +4,24 @@
//! Printing facilities.
use crate::{bsp, interface};
use crate::{bsp, console};
use core::fmt;
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
#[doc(hidden)]
pub fn _print(args: fmt::Arguments) {
use interface::console::Write;
use console::interface::Write;
bsp::console().write_fmt(args).unwrap();
bsp::console::console().write_fmt(args).unwrap();
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Prints without a newline.
///
/// Carbon copy from https://doc.rust-lang.org/src/std/macros.rs.html
@ -33,14 +41,14 @@ macro_rules! println {
})
}
/// Prints an info, with newline.
/// Prints an info, with a newline.
#[macro_export]
macro_rules! info {
($string:expr) => ({
#[allow(unused_imports)]
use crate::interface::time::Timer;
use crate::time::interface::TimeManager;
let timestamp = $crate::arch::timer().uptime();
let timestamp = $crate::time::time_manager().uptime();
let timestamp_subsec_us = timestamp.subsec_micros();
$crate::print::_print(format_args_nl!(
@ -52,9 +60,9 @@ macro_rules! info {
});
($format_string:expr, $($arg:tt)*) => ({
#[allow(unused_imports)]
use crate::interface::time::Timer;
use crate::time::interface::TimeManager;
let timestamp = $crate::arch::timer().uptime();
let timestamp = $crate::time::time_manager().uptime();
let timestamp_subsec_us = timestamp.subsec_micros();
$crate::print::_print(format_args_nl!(
@ -67,14 +75,14 @@ macro_rules! info {
})
}
/// Prints a warning, with newline.
/// Prints a warning, with a newline.
#[macro_export]
macro_rules! warn {
($string:expr) => ({
#[allow(unused_imports)]
use crate::interface::time::Timer;
use crate::time::interface::TimeManager;
let timestamp = $crate::arch::timer().uptime();
let timestamp = $crate::time::time_manager().uptime();
let timestamp_subsec_us = timestamp.subsec_micros();
$crate::print::_print(format_args_nl!(
@ -86,9 +94,9 @@ macro_rules! warn {
});
($format_string:expr, $($arg:tt)*) => ({
#[allow(unused_imports)]
use crate::interface::time::Timer;
use crate::time::interface::TimeManager;
let timestamp = $crate::arch::timer().uptime();
let timestamp = $crate::time::time_manager().uptime();
let timestamp_subsec_us = timestamp.subsec_micros();
$crate::print::_print(format_args_nl!(

9
13_integrated_testing/src/runtime_init.rs
Unescape Escape View File

@ -7,6 +7,10 @@
use crate::memory;
use core::ops::Range;
//--------------------------------------------------------------------------------------------------
// Private Code
//--------------------------------------------------------------------------------------------------
/// Return the range spanning the .bss section.
///
/// # Safety
@ -36,6 +40,10 @@ unsafe fn zero_bss() {
memory::zero_volatile(bss_range());
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
/// Equivalent to `crt0` or `c0` code in C/C++ world. Clears the `bss` section, then jumps to kernel
/// init code.
///
@ -48,7 +56,6 @@ pub unsafe fn runtime_init() -> ! {
}
zero_bss();
kernel_init()
}

91
13_integrated_testing/src/synchronization.rs
Unescape Escape View File

@ -0,0 +1,91 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Synchronization primitives.
use core::cell::UnsafeCell;
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Synchronization interfaces.
pub mod interface {
/// Any object implementing this trait guarantees exclusive access to the data contained within
/// the Mutex for the duration of the provided closure.
///
/// The trait follows the [Rust embedded WG's
/// proposal](https://github.com/korken89/wg/blob/master/rfcs/0377-mutex-trait.md) and therefore
/// provides some goodness such as [deadlock
/// prevention](https://github.com/korken89/wg/blob/master/rfcs/0377-mutex-trait.md#design-decisions-and-compatibility).
///
/// # Example
///
/// Since the lock function takes an `&mut self` to enable deadlock-prevention, the trait is
/// best implemented **for a reference to a container struct**, and has a usage pattern that
/// might feel strange at first:
///
/// ```
/// static MUT: Mutex<RefCell<i32>> = Mutex::new(RefCell::new(0));
///
/// fn foo() {
/// let mut r = &MUT; // Note that r is mutable
/// r.lock(|data| *data += 1);
/// }
/// ```
pub trait Mutex {
/// The type of encapsulated data.
type Data;
/// Creates a critical section and grants temporary mutable access to the encapsulated data.
fn lock<R>(&mut self, f: impl FnOnce(&mut Self::Data) -> R) -> R;
}
}
/// A pseudo-lock for teaching purposes.
///
/// Used to introduce [interior mutability].
///
/// In contrast to a real Mutex implementation, does not protect against concurrent access from
/// other cores to the contained data. This part is preserved for later lessons.
///
/// The lock will only be used as long as it is safe to do so, i.e. as long as the kernel is
/// executing single-threaded, aka only running on a single core with interrupts disabled.
///
/// [interior mutability]: https://doc.rust-lang.org/std/cell/index.html
pub struct NullLock<T: ?Sized> {
data: UnsafeCell<T>,
}
//--------------------------------------------------------------------------------------------------
// Public Code
//--------------------------------------------------------------------------------------------------
unsafe impl<T: ?Sized> Sync for NullLock<T> {}
impl<T> NullLock<T> {
/// Wraps `data` into a new `NullLock`.
pub const fn new(data: T) -> Self {
Self {
data: UnsafeCell::new(data),
}
}
}
//------------------------------------------------------------------------------
// OS Interface Code
//------------------------------------------------------------------------------
impl<T> interface::Mutex for &NullLock<T> {
type Data = T;
fn lock<R>(&mut self, f: impl FnOnce(&mut Self::Data) -> R) -> R {
// In a real lock, there would be code encapsulating this line that ensures that this
// mutable reference will ever only be given out once at a time.
let data = unsafe { &mut *self.data.get() };
f(data)
}
}

35
13_integrated_testing/src/time.rs
Unescape Escape View File

@ -0,0 +1,35 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
//
// Copyright (c) 2020 Andre Richter <andre.o.richter@gmail.com>
//! Timer primitives.
#[cfg(target_arch = "aarch64")]
#[path = "_arch/aarch64/time.rs"]
mod arch_time;
pub use arch_time::*;
//--------------------------------------------------------------------------------------------------
// Public Definitions
//--------------------------------------------------------------------------------------------------
/// Timekeeping interfaces.
pub mod interface {
use core::time::Duration;
/// Time management functions.
///
/// The `BSP` is supposed to supply one global instance.
pub trait TimeManager {
/// The timer's resolution.
fn resolution(&self) -> Duration;
/// The uptime since power-on of the device.
///
/// This includes time consumed by firmware and bootloaders.
fn uptime(&self) -> Duration;
/// Spin for a given duration.
fn spin_for(&self, duration: Duration);
}
}

17
13_integrated_testing/tests/00_interface_sanity_console.rs
Unescape Escape View File

@ -10,23 +10,26 @@
mod panic_exit_failure;
use libkernel::{bsp, interface::console::*, print};
use libkernel::{bsp, console, print};
#[no_mangle]
unsafe fn kernel_init() -> ! {
bsp::qemu_bring_up_console();
use bsp::console::{console, qemu_bring_up_console};
use console::interface::*;
qemu_bring_up_console();
// Handshake
assert_eq!(bsp::console().read_char(), 'A');
assert_eq!(bsp::console().read_char(), 'B');
assert_eq!(bsp::console().read_char(), 'C');
assert_eq!(console().read_char(), 'A');
assert_eq!(console().read_char(), 'B');
assert_eq!(console().read_char(), 'C');
print!("OK1234");
// 6
print!("{}", bsp::console().chars_written());
print!("{}", console().chars_written());
// 3
print!("{}", bsp::console().chars_read());
print!("{}", console().chars_read());
// The QEMU process running this test will be closed by the I/O test harness.
loop {}

16
13_integrated_testing/tests/01_interface_sanity_timer.rs
Unescape Escape View File

@ -13,38 +13,38 @@
mod panic_exit_failure;
use core::time::Duration;
use libkernel::{arch, arch::timer, bsp, interface::time::Timer};
use libkernel::{bsp, cpu, time, time::interface::TimeManager};
use test_macros::kernel_test;
#[no_mangle]
unsafe fn kernel_init() -> ! {
bsp::qemu_bring_up_console();
bsp::console::qemu_bring_up_console();
// Depending on CPU arch, some timer bring-up code could go here. Not needed for the RPi.
test_main();
arch::qemu_exit_success()
cpu::qemu_exit_success()
}
/// Simple check that the timer is running.
#[kernel_test]
fn timer_is_counting() {
assert!(timer().uptime().as_nanos() > 0)
assert!(time::time_manager().uptime().as_nanos() > 0)
}
/// Timer resolution must be sufficient.
#[kernel_test]
fn timer_resolution_is_sufficient() {
assert!(timer().resolution().as_nanos() < 100)
assert!(time::time_manager().resolution().as_nanos() < 100)
}
/// Sanity check spin_for() implementation.
#[kernel_test]
fn spin_accuracy_check_1_second() {
let t1 = timer().uptime();
timer().spin_for(Duration::from_secs(1));
let t2 = timer().uptime();
let t1 = time::time_manager().uptime();
time::time_manager().spin_for(Duration::from_secs(1));
let t2 = time::time_manager().uptime();
assert_eq!((t2 - t1).as_secs(), 1)
}

14
13_integrated_testing/tests/02_arch_exception_handling.rs → 13_integrated_testing/tests/02_arch_exception_handling_sync_page_fault.rs
Unescape Escape View File

@ -17,20 +17,22 @@
/// or indirectly.
mod panic_exit_success;
use libkernel::{arch, bsp, interface::mm::MMU, println};
use libkernel::{bsp, cpu, exception, memory, println};
#[no_mangle]
unsafe fn kernel_init() -> ! {
bsp::qemu_bring_up_console();
use memory::mmu::interface::MMU;
bsp::console::qemu_bring_up_console();
println!("Testing synchronous exception handling by causing a page fault");
println!("-------------------------------------------------------------------\n");
arch::enable_exception_handling();
exception::handling_init();
if let Err(string) = arch::mmu().init() {
if let Err(string) = memory::mmu::mmu().init() {
println!("MMU: {}", string);
arch::qemu_exit_failure()
cpu::qemu_exit_failure()
}
println!("Writing beyond mapped area to address 9 GiB...");
@ -38,5 +40,5 @@ unsafe fn kernel_init() -> ! {
core::ptr::read_volatile(big_addr as *mut u64);
// If execution reaches here, the memory access above did not cause a page fault exception.
arch::qemu_exit_failure()
cpu::qemu_exit_failure()
}

2
13_integrated_testing/tests/panic_exit_failure/mod.rs
Unescape Escape View File

@ -5,5 +5,5 @@
/// Overwrites libkernel's `panic_wait::_panic_exit()` with the QEMU-exit version.
#[no_mangle]
fn _panic_exit() -> ! {
libkernel::arch::qemu_exit_failure()
libkernel::cpu::qemu_exit_failure()
}

2
13_integrated_testing/tests/panic_exit_success/mod.rs
Unescape Escape View File

@ -5,5 +5,5 @@
/// Overwrites libkernel's `panic_wait::_panic_exit()` with the QEMU-exit version.
#[no_mangle]
fn _panic_exit() -> ! {
libkernel::arch::qemu_exit_success()
libkernel::cpu::qemu_exit_success()
}

BIN
doc/13_demo.gif
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 369 KiB

BIN
doc/testing_demo.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 311 KiB

Write Preview
Loading…
Cancel
Save