945af95f42
All system calls made from userspace which involve pointers to kernel objects (including device drivers) will need to have those pointers validated; userspace should never be able to crash the kernel by passing it garbage. The actual validation with _k_object_validate() will be in the system call receiver code, which doesn't exist yet. - CONFIG_USERSPACE introduced. We are somewhat far away from having an end-to-end implementation, but at least need a Kconfig symbol to guard the incoming code with. Formal documentation doesn't exist yet either, but will appear later down the road once the implementation is mostly finalized. - In the memory region for RAM, the data section has been moved last, past bss and noinit. This ensures that inserting generated tables with addresses of kernel objects does not change the addresses of those objects (which would make the table invalid) - The DWARF debug information in the generated ELF binary is parsed to fetch the locations of all kernel objects and pass this to gperf to create a perfect hash table of their memory addresses. - The generated gperf code doesn't know that we are exclusively working with memory addresses and uses memory inefficently. A post-processing script process_gperf.py adjusts the generated code before it is compiled to work with pointer values directly and not strings containing them. - _k_object_init() calls inserted into the init functions for the set of kernel object types we are going to support so far Issue: ZEP-2187 Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
166 lines
3.5 KiB
C
166 lines
3.5 KiB
C
/*
|
|
* Copyright (c) 2010-2016 Wind River Systems, Inc.
|
|
*
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
|
|
/**
|
|
* @file
|
|
*
|
|
* @brief Kernel semaphore object.
|
|
*
|
|
* The semaphores are of the 'counting' type, i.e. each 'give' operation will
|
|
* increment the internal count by 1, if no fiber is pending on it. The 'init'
|
|
* call initializes the count to 0. Following multiple 'give' operations, the
|
|
* same number of 'take' operations can be performed without the calling fiber
|
|
* having to pend on the semaphore, or the calling task having to poll.
|
|
*/
|
|
|
|
#include <kernel.h>
|
|
#include <kernel_structs.h>
|
|
#include <debug/object_tracing_common.h>
|
|
#include <toolchain.h>
|
|
#include <linker/sections.h>
|
|
#include <wait_q.h>
|
|
#include <misc/dlist.h>
|
|
#include <ksched.h>
|
|
#include <init.h>
|
|
|
|
extern struct k_sem _k_sem_list_start[];
|
|
extern struct k_sem _k_sem_list_end[];
|
|
|
|
#ifdef CONFIG_OBJECT_TRACING
|
|
|
|
struct k_sem *_trace_list_k_sem;
|
|
|
|
/*
|
|
* Complete initialization of statically defined semaphores.
|
|
*/
|
|
static int init_sem_module(struct device *dev)
|
|
{
|
|
ARG_UNUSED(dev);
|
|
|
|
struct k_sem *sem;
|
|
|
|
for (sem = _k_sem_list_start; sem < _k_sem_list_end; sem++) {
|
|
SYS_TRACING_OBJ_INIT(k_sem, sem);
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
SYS_INIT(init_sem_module, PRE_KERNEL_1, CONFIG_KERNEL_INIT_PRIORITY_OBJECTS);
|
|
|
|
#endif /* CONFIG_OBJECT_TRACING */
|
|
|
|
void k_sem_init(struct k_sem *sem, unsigned int initial_count,
|
|
unsigned int limit)
|
|
{
|
|
__ASSERT(limit != 0, "limit cannot be zero");
|
|
|
|
sem->count = initial_count;
|
|
sem->limit = limit;
|
|
sys_dlist_init(&sem->wait_q);
|
|
#if defined(CONFIG_POLL)
|
|
sys_dlist_init(&sem->poll_events);
|
|
#endif
|
|
|
|
SYS_TRACING_OBJ_INIT(k_sem, sem);
|
|
|
|
_k_object_init(sem);
|
|
}
|
|
|
|
|
|
/* returns 1 if a reschedule must take place, 0 otherwise */
|
|
static inline int handle_poll_events(struct k_sem *sem)
|
|
{
|
|
#ifdef CONFIG_POLL
|
|
u32_t state = K_POLL_STATE_SEM_AVAILABLE;
|
|
|
|
return _handle_obj_poll_events(&sem->poll_events, state);
|
|
#else
|
|
return 0;
|
|
#endif
|
|
}
|
|
|
|
static inline void increment_count_up_to_limit(struct k_sem *sem)
|
|
{
|
|
sem->count += (sem->count != sem->limit);
|
|
}
|
|
|
|
/* returns 1 if _Swap() will need to be invoked, 0 otherwise */
|
|
static int do_sem_give(struct k_sem *sem)
|
|
{
|
|
struct k_thread *thread = _unpend_first_thread(&sem->wait_q);
|
|
|
|
if (!thread) {
|
|
increment_count_up_to_limit(sem);
|
|
return handle_poll_events(sem);
|
|
}
|
|
(void)_abort_thread_timeout(thread);
|
|
_ready_thread(thread);
|
|
_set_thread_return_value(thread, 0);
|
|
|
|
return !_is_in_isr() && _must_switch_threads();
|
|
}
|
|
|
|
/*
|
|
* This function is meant to be called only by
|
|
* _sys_event_logger_put_non_preemptible(), which itself is really meant to be
|
|
* called only by _sys_k_event_logger_context_switch(), used within a context
|
|
* switch to log the event.
|
|
*
|
|
* WARNING:
|
|
* It must be called with interrupts already locked.
|
|
* It cannot be called for a sempahore part of a group.
|
|
*/
|
|
void _sem_give_non_preemptible(struct k_sem *sem)
|
|
{
|
|
struct k_thread *thread;
|
|
|
|
thread = _unpend_first_thread(&sem->wait_q);
|
|
if (!thread) {
|
|
increment_count_up_to_limit(sem);
|
|
return;
|
|
}
|
|
|
|
_abort_thread_timeout(thread);
|
|
|
|
_ready_thread(thread);
|
|
_set_thread_return_value(thread, 0);
|
|
}
|
|
|
|
void k_sem_give(struct k_sem *sem)
|
|
{
|
|
unsigned int key;
|
|
|
|
key = irq_lock();
|
|
|
|
if (do_sem_give(sem)) {
|
|
_Swap(key);
|
|
} else {
|
|
irq_unlock(key);
|
|
}
|
|
}
|
|
|
|
int k_sem_take(struct k_sem *sem, s32_t timeout)
|
|
{
|
|
__ASSERT(!_is_in_isr() || timeout == K_NO_WAIT, "");
|
|
|
|
unsigned int key = irq_lock();
|
|
|
|
if (likely(sem->count > 0)) {
|
|
sem->count--;
|
|
irq_unlock(key);
|
|
return 0;
|
|
}
|
|
|
|
if (timeout == K_NO_WAIT) {
|
|
irq_unlock(key);
|
|
return -EBUSY;
|
|
}
|
|
|
|
_pend_current_thread(&sem->wait_q, timeout);
|
|
|
|
return _Swap(key);
|
|
}
|