pub struct Kernel { /* private fields */ }Expand description
Main object for the kernel. Each board will need to create one.
Implementations
sourceimpl Kernel
impl Kernel
pub fn new(processes: &'static [Option<&'static dyn Process>]) -> Kernel
sourcepub fn process_map_or_external<F, R>(
&self,
default: R,
processid: ProcessId,
closure: F,
_capability: &dyn ProcessManagementCapability
) -> Rwhere
F: FnOnce(&dyn Process) -> R,
pub fn process_map_or_external<F, R>(
&self,
default: R,
processid: ProcessId,
closure: F,
_capability: &dyn ProcessManagementCapability
) -> Rwhere
F: FnOnce(&dyn Process) -> R,
Run a closure on a specific process if it exists. If the process with a
matching ProcessId does not exist at the index specified within the
ProcessId, then default will be returned.
A match will not be found if the process was removed (and there is a
None in the process array), if the process changed its identifier
(likely after being restarted), or if the process was moved to a
different index in the processes array. Note that a match will be
found if the process still exists in the correct location in the array
but is in any “stopped” state.
This is functionally the same as process_map_or(), but this method is
available outside the kernel crate and requires a
ProcessManagementCapability to use.
sourcepub fn process_each_capability<F>(
&'static self,
_capability: &dyn ProcessManagementCapability,
closure: F
)where
F: FnMut(&dyn Process),
pub fn process_each_capability<F>(
&'static self,
_capability: &dyn ProcessManagementCapability,
closure: F
)where
F: FnMut(&dyn Process),
Run a closure on every valid process. This will iterate the array of processes and call the closure on every process that exists.
This is functionally the same as process_each(), but this method is
available outside the kernel crate and requires a
ProcessManagementCapability to use.
sourcepub fn create_grant<T: Default, Upcalls: UpcallSize, AllowROs: AllowRoSize, AllowRWs: AllowRwSize>(
&'static self,
driver_num: usize,
_capability: &dyn MemoryAllocationCapability
) -> Grant<T, Upcalls, AllowROs, AllowRWs>
pub fn create_grant<T: Default, Upcalls: UpcallSize, AllowROs: AllowRoSize, AllowRWs: AllowRwSize>(
&'static self,
driver_num: usize,
_capability: &dyn MemoryAllocationCapability
) -> Grant<T, Upcalls, AllowROs, AllowRWs>
Create a new grant. This is used in board initialization to setup grants that capsules use to interact with processes.
Grants must only be created before processes are initialized. Processes use the number of grants that have been allocated to correctly initialize the process’s memory with a pointer for each grant. If a grant is created after processes are initialized this will panic.
Calling this function is restricted to only certain users, and to
enforce this calling this function requires the
MemoryAllocationCapability capability.
sourcepub fn get_grant_count_and_finalize_external(
&self,
_capability: &dyn ExternalProcessCapability
) -> usize
pub fn get_grant_count_and_finalize_external(
&self,
_capability: &dyn ExternalProcessCapability
) -> usize
Returns the number of grants that have been setup in the system and marks the grants as “finalized”. This means that no more grants can be created because data structures have been setup based on the number of grants when this function is called.
In practice, this is called when processes are created, and the process memory is setup based on the number of current grants.
This is exposed publicly, but restricted with a capability. The intent
is that external implementations of Process need to be able to
retrieve the final number of grants.
sourcepub fn hardfault_all_apps<C: ProcessManagementCapability>(&self, _c: &C)
pub fn hardfault_all_apps<C: ProcessManagementCapability>(&self, _c: &C)
Cause all apps to fault.
This will call set_fault_state() on each app, causing the app to enter
the state as if it had crashed (for example with an MPU violation). If
the process is configured to be restarted it will be.
Only callers with the ProcessManagementCapability can call this
function. This restricts general capsules from being able to call this
function, since capsules should not be able to arbitrarily restart all
apps.
sourcepub fn kernel_loop_operation<KR: KernelResources<C>, C: Chip, const NUM_PROCS: u8>(
&self,
resources: &KR,
chip: &C,
ipc: Option<&IPC<NUM_PROCS>>,
no_sleep: bool,
_capability: &dyn MainLoopCapability
)
pub fn kernel_loop_operation<KR: KernelResources<C>, C: Chip, const NUM_PROCS: u8>(
&self,
resources: &KR,
chip: &C,
ipc: Option<&IPC<NUM_PROCS>>,
no_sleep: bool,
_capability: &dyn MainLoopCapability
)
Perform one iteration of the core Tock kernel loop.
This function is responsible for three main operations:
- Check if the kernel itself has any work to be done and if the scheduler wants to complete that work now. If so, it allows the kernel to run.
- Check if any processes have any work to be done, and if so if the scheduler wants to allow any processes to run now, and if so which one.
- After ensuring the scheduler does not want to complete any kernel or process work (or there is no work to be done), are there are no outstanding interrupts to handle, put the chip to sleep.
This function has one configuration option: no_sleep. If that argument
is set to true, the kernel will never attempt to put the chip to sleep,
and this function can be called again immediately.
sourcepub fn kernel_loop<KR: KernelResources<C>, C: Chip, const NUM_PROCS: u8>(
&self,
resources: &KR,
chip: &C,
ipc: Option<&IPC<NUM_PROCS>>,
capability: &dyn MainLoopCapability
) -> !
pub fn kernel_loop<KR: KernelResources<C>, C: Chip, const NUM_PROCS: u8>(
&self,
resources: &KR,
chip: &C,
ipc: Option<&IPC<NUM_PROCS>>,
capability: &dyn MainLoopCapability
) -> !
Main loop of the OS.
Most of the behavior of this loop is controlled by the Scheduler
implementation in use.