Remove steal_storage
This commit is contained in:
Julien Cretin
35
src/env/tock/mod.rs
vendored
35
src/env/tock/mod.rs
vendored
@@ -1,4 +1,4 @@
|
||||
use self::storage::{SyscallStorage, SyscallUpgradeStorage};
|
||||
pub use self::storage::{TockStorage, TockUpgradeStorage};
|
||||
use crate::ctap::hid::{ChannelID, CtapHid, CtapHidCommand, KeepaliveStatus, ProcessedPacket};
|
||||
use crate::ctap::status_code::Ctap2StatusCode;
|
||||
use crate::env::{Env, UserPresence};
|
||||
@@ -20,8 +20,8 @@ mod storage;
|
||||
|
||||
pub struct TockEnv {
|
||||
rng: TockRng256,
|
||||
store: Store<SyscallStorage>,
|
||||
upgrade_storage: Option<SyscallUpgradeStorage>,
|
||||
store: Store<TockStorage>,
|
||||
upgrade_storage: Option<TockUpgradeStorage>,
|
||||
}
|
||||
|
||||
impl TockEnv {
|
||||
@@ -31,12 +31,10 @@ impl TockEnv {
|
||||
///
|
||||
/// - If called a second time.
|
||||
pub fn new() -> Self {
|
||||
// Make sure the environment was not already taken.
|
||||
static TAKEN: AtomicBool = AtomicBool::new(false);
|
||||
assert!(!TAKEN.fetch_or(true, Ordering::SeqCst));
|
||||
let storage = unsafe { steal_storage() }.unwrap();
|
||||
// We rely on `take_storage` to ensure that this function is called only once.
|
||||
let storage = take_storage().unwrap();
|
||||
let store = Store::new(storage).ok().unwrap();
|
||||
let upgrade_storage = SyscallUpgradeStorage::new().ok();
|
||||
let upgrade_storage = TockUpgradeStorage::new().ok();
|
||||
TockEnv {
|
||||
rng: TockRng256 {},
|
||||
store,
|
||||
@@ -45,17 +43,16 @@ impl TockEnv {
|
||||
}
|
||||
}
|
||||
|
||||
/// Creates a new storage instance.
|
||||
/// Returns the unique storage instance.
|
||||
///
|
||||
/// # Safety
|
||||
/// # Panics
|
||||
///
|
||||
/// It is probably technically memory-safe to have multiple storage instances at the same time, but
|
||||
/// for extra precaution we mark the function as unsafe. To ensure correct usage, this function
|
||||
/// should only be called if the previous storage instance was dropped.
|
||||
// This function is exposed to example binaries testing the hardware. This could probably be cleaned
|
||||
// up by having the persistent store return its storage.
|
||||
pub unsafe fn steal_storage() -> StorageResult<SyscallStorage> {
|
||||
SyscallStorage::new()
|
||||
/// - If called a second time.
|
||||
pub fn take_storage() -> StorageResult<TockStorage> {
|
||||
// Make sure the storage was not already taken.
|
||||
static TAKEN: AtomicBool = AtomicBool::new(false);
|
||||
assert!(!TAKEN.fetch_or(true, Ordering::SeqCst));
|
||||
TockStorage::new()
|
||||
}
|
||||
|
||||
impl UserPresence for TockEnv {
|
||||
@@ -67,8 +64,8 @@ impl UserPresence for TockEnv {
|
||||
impl Env for TockEnv {
|
||||
type Rng = TockRng256;
|
||||
type UserPresence = Self;
|
||||
type Storage = SyscallStorage;
|
||||
type UpgradeStorage = SyscallUpgradeStorage;
|
||||
type Storage = TockStorage;
|
||||
type UpgradeStorage = TockUpgradeStorage;
|
||||
|
||||
fn rng(&mut self) -> &mut Self::Rng {
|
||||
&mut self.rng
|
||||
|
||||
20
src/env/tock/storage.rs
vendored
20
src/env/tock/storage.rs
vendored
@@ -115,7 +115,7 @@ fn erase_page(ptr: usize, page_length: usize) -> StorageResult<()> {
|
||||
block_command(DRIVER_NUMBER, command_nr::ERASE_PAGE, ptr, page_length)
|
||||
}
|
||||
|
||||
pub struct SyscallStorage {
|
||||
pub struct TockStorage {
|
||||
word_size: usize,
|
||||
page_size: usize,
|
||||
num_pages: usize,
|
||||
@@ -124,7 +124,7 @@ pub struct SyscallStorage {
|
||||
storage_locations: Vec<&'static [u8]>,
|
||||
}
|
||||
|
||||
impl SyscallStorage {
|
||||
impl TockStorage {
|
||||
/// Provides access to the embedded flash if available.
|
||||
///
|
||||
/// # Errors
|
||||
@@ -134,8 +134,8 @@ impl SyscallStorage {
|
||||
/// - The page size is a power of two.
|
||||
/// - The page size is a multiple of the word size.
|
||||
/// - The storage is page-aligned.
|
||||
pub fn new() -> StorageResult<SyscallStorage> {
|
||||
let mut syscall = SyscallStorage {
|
||||
pub fn new() -> StorageResult<TockStorage> {
|
||||
let mut syscall = TockStorage {
|
||||
word_size: get_info(command_nr::get_info_nr::WORD_SIZE, 0)?,
|
||||
page_size: get_info(command_nr::get_info_nr::PAGE_SIZE, 0)?,
|
||||
num_pages: 0,
|
||||
@@ -175,7 +175,7 @@ impl SyscallStorage {
|
||||
}
|
||||
}
|
||||
|
||||
impl Storage for SyscallStorage {
|
||||
impl Storage for TockStorage {
|
||||
fn word_size(&self) -> usize {
|
||||
self.word_size
|
||||
}
|
||||
@@ -217,13 +217,13 @@ impl Storage for SyscallStorage {
|
||||
}
|
||||
}
|
||||
|
||||
pub struct SyscallUpgradeStorage {
|
||||
pub struct TockUpgradeStorage {
|
||||
page_size: usize,
|
||||
partition: ModRange,
|
||||
metadata: ModRange,
|
||||
}
|
||||
|
||||
impl SyscallUpgradeStorage {
|
||||
impl TockUpgradeStorage {
|
||||
/// Provides access to the other upgrade partition and metadata if available.
|
||||
///
|
||||
/// The implementation assumes that storage locations returned by the kernel through
|
||||
@@ -238,8 +238,8 @@ impl SyscallUpgradeStorage {
|
||||
/// Returns a `NotAligned` error if partitions or metadata ranges are
|
||||
/// - not exclusive or,
|
||||
/// - not consecutive.
|
||||
pub fn new() -> StorageResult<SyscallUpgradeStorage> {
|
||||
let mut locations = SyscallUpgradeStorage {
|
||||
pub fn new() -> StorageResult<TockUpgradeStorage> {
|
||||
let mut locations = TockUpgradeStorage {
|
||||
page_size: get_info(command_nr::get_info_nr::PAGE_SIZE, 0)?,
|
||||
partition: ModRange::new_empty(),
|
||||
metadata: ModRange::new_empty(),
|
||||
@@ -287,7 +287,7 @@ impl SyscallUpgradeStorage {
|
||||
}
|
||||
}
|
||||
|
||||
impl UpgradeStorage for SyscallUpgradeStorage {
|
||||
impl UpgradeStorage for TockUpgradeStorage {
|
||||
fn read_partition(&self, offset: usize, length: usize) -> StorageResult<&[u8]> {
|
||||
if length == 0 {
|
||||
return Err(StorageError::OutOfBounds);
|
||||
|
||||
Reference in New Issue
Block a user