capsules_extra::app_loader

Struct AppLoader

Source 
pub struct AppLoader<S: DynamicBinaryStore + 'static, L: DynamicProcessLoad + 'static> { /* private fields */ }

Implementations§

Source§

impl<S: DynamicBinaryStore + 'static, L: DynamicProcessLoad + 'static> AppLoader<S, L>

Source

pub fn new( grant: Grant<App, UpcallCount<{ upcall::COUNT }>, AllowRoCount<{ ro_allow::COUNT }>, AllowRwCount<0>>, storage_driver: &'static S, load_driver: &'static L, buffer: &'static mut [u8], ) -> AppLoader<S, L>

Trait Implementations§

Source§

impl<S: DynamicBinaryStore + 'static, L: DynamicProcessLoad + 'static> DynamicBinaryStoreClient for AppLoader<S, L>

Source§

fn setup_done(&self, result: Result<(), ErrorCode>)

Let the requesting app know we are done setting up for the new app

Source§

fn write_done( &self, result: Result<(), ErrorCode>, buffer: &'static mut [u8], length: usize, )

Let the app know we are done writing the block of data

Source§

fn finalize_done(&self, result: Result<(), ErrorCode>)

Let the app know we are done finalizing, and are ready to load

Source§

fn abort_done(&self, result: Result<(), ErrorCode>)

Let the app know we have aborted the new app writing process

Source§

impl<S: DynamicBinaryStore + 'static, L: DynamicProcessLoad + 'static> DynamicProcessLoadClient for AppLoader<S, L>

Source§

fn load_done(&self, result: Result<(), ProcessLoadError>)

Let the requesting app know we are done loading the new process

Error Type Mapping.

This method converts ProcessLoadError to ErrorCode so it can be passed to userspace.

Currently,

  1. ProcessLoadError::NotEnoughMemory <==> ErrorCode::NOMEM
  2. ProcessLoadError::MpuInvalidFlashLength <==> ErrorCode::INVAL
  3. ProcessLoadError::InternalError <==> ErrorCode::OFF
  4. All other ProcessLoadError types <==> ErrorCode::FAIL
Source§

impl<S: DynamicBinaryStore + 'static, L: DynamicProcessLoad + 'static> SyscallDriver for AppLoader<S, L>

Provide an interface for userland.

Source§

fn command( &self, command_num: usize, arg1: usize, arg2: usize, processid: ProcessId, ) -> CommandReturn

Command interface.

The driver returns ErrorCode::BUSY if:

  • The kernel has already dedicated this driver to another process.
  • The kernel is busy executing another command for this process.

Currently, this capsule is not virtualized and can only be used by one application at a time.

Commands are selected by the lowest 8 bits of the first argument.

§command_num
  • 0: Return Ok(()) if this driver is included on the platform.
  • 1: Request kernel to setup for loading app.
  • Returns appsize if the kernel has available space
  • Returns ErrorCode::FAIL if the kernel is unable to allocate space for the new app
  • 2: Request kernel to write app data to the nonvolatile_storage
  • Returns Ok(()) when write is successful
  • Returns ErrorCode::INVAL when the app is violating bounds
  • Returns ErrorCode::FAIL when the write fails
  • 3: Signal to the kernel that the writing is done.
  • Returns Ok(()) if the kernel successfully verified it and set the stage for load().
  • Returns ErrorCode::FAIL if: a. The kernel needs to write a leading padding app but is unable to. b. The command is called during setup or load phases.
  • 4: Request kernel to load app.
  • Returns Ok(()) when the process is successfully loaded
  • Returns ErrorCode::FAIL if: a. The kernel is unable to create a process object for the application
  • 5: Request kernel to abort setup/write operation.
  • Returns Ok(()) when the operation is cancelled successfully
  • Returns ErrorCode::BUSY when the abort fails (due to padding app being unable to be written, so try again)
  • Returns ErrorCode::FAIL if the driver is not dedicated to this process

The driver returns ErrorCode::INVAL if any operation is called before the preceeding operation was invoked. For example, write() cannot be called before setup(), and load() cannot be called before write() (for this implementation).

Source§

fn allocate_grant(&self, processid: ProcessId) -> Result<(), Error>

Request to allocate a capsule’s grant for a specific process. Read more
Source§

fn allow_userspace_readable( &self, app: ProcessId, which: usize, slice: ReadWriteProcessBuffer, ) -> Result<ReadWriteProcessBuffer, (ReadWriteProcessBuffer, ErrorCode)>

System call for a process to pass a buffer (a UserspaceReadableProcessBuffer) to the kernel that the kernel can either read or write. The kernel calls this method only after it checks that the entire buffer is within memory the process can both read and write. Read more

Auto Trait Implementations§

§

impl<S, L> !Freeze for AppLoader<S, L>

§

impl<S, L> !RefUnwindSafe for AppLoader<S, L>

§

impl<S, L> !Send for AppLoader<S, L>

§

impl<S, L> !Sync for AppLoader<S, L>

§

impl<S, L> Unpin for AppLoader<S, L>

§

impl<S, L> !UnwindSafe for AppLoader<S, L>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.