rv32i::pmp::simple

Struct SimplePMP

Source 
pub struct SimplePMP<const AVAILABLE_ENTRIES: usize>;
Expand description

A “simple” RISC-V PMP implementation.

The SimplePMP does not support locked regions, kernel memory protection, or any ePMP features (using the mseccfg CSR). It is generic over the number of hardware PMP regions available. AVAILABLE_ENTRIES is expected to be set to the number of available entries.

SimplePMP implements TORUserPMP to expose all of its regions as “top of range” (TOR) regions (each taking up two physical PMP entires) for use as a user-mode memory protection mechanism.

Notably, SimplePMP implements TORUserPMP<MPU_REGIONS> over a generic MPU_REGIONS where MPU_REGIONS <= (AVAILABLE_ENTRIES / 2). As PMP re-configuration can have a significiant runtime overhead, users are free to specify a small MPU_REGIONS const-generic parameter to reduce the runtime overhead induced through PMP configuration, at the cost of having less PMP regions available to use for userspace memory protection.

Implementations§

Source§

impl<const AVAILABLE_ENTRIES: usize> SimplePMP<AVAILABLE_ENTRIES>

Source

pub unsafe fn new() -> Result<Self, ()>

Trait Implementations§

Source§

impl<const AVAILABLE_ENTRIES: usize> Display for SimplePMP<AVAILABLE_ENTRIES>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<const AVAILABLE_ENTRIES: usize, const MPU_REGIONS: usize> TORUserPMP<MPU_REGIONS> for SimplePMP<AVAILABLE_ENTRIES>

Source§

const CONST_ASSERT_CHECK: ()

A placeholder to define const-assertions which are evaluated in PMPUserMPU::new. This can be used to, for instance, assert that the number of userspace regions does not exceed the number of hardware regions.
Source§

fn available_regions(&self) -> usize

The number of TOR regions currently available for userspace memory protection. Within [0; MAX_REGIONS]. Read more
Source§

fn configure_pmp( &self, regions: &[(TORUserPMPCFG, *const u8, *const u8); MPU_REGIONS], ) -> Result<(), ()>

Configure the user-mode memory protection. Read more
Source§

fn enable_user_pmp(&self) -> Result<(), ()>

Enable the user-mode memory protection. Read more
Source§

fn disable_user_pmp(&self)

Disable the user-mode memory protection. Read more

Auto Trait Implementations§

§

impl<const AVAILABLE_ENTRIES: usize> Freeze for SimplePMP<AVAILABLE_ENTRIES>

§

impl<const AVAILABLE_ENTRIES: usize> RefUnwindSafe for SimplePMP<AVAILABLE_ENTRIES>

§

impl<const AVAILABLE_ENTRIES: usize> Send for SimplePMP<AVAILABLE_ENTRIES>

§

impl<const AVAILABLE_ENTRIES: usize> Sync for SimplePMP<AVAILABLE_ENTRIES>

§

impl<const AVAILABLE_ENTRIES: usize> Unpin for SimplePMP<AVAILABLE_ENTRIES>

§

impl<const AVAILABLE_ENTRIES: usize> UnwindSafe for SimplePMP<AVAILABLE_ENTRIES>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.