diff options
| author | Alexandre Courbot <acourbot@nvidia.com> | 2025-07-18 16:26:20 +0900 |
|---|---|---|
| committer | Alexandre Courbot <acourbot@nvidia.com> | 2025-08-15 12:02:56 +0900 |
| commit | af10924fc471d1c693b8689249f53ea10b0519b7 (patch) | |
| tree | d06d79a834d78cfb4d876181dbcd7f8f2970f253 /rust/kernel | |
| parent | c6bc4225279d9a6eff8aafc94347183b2babc52a (diff) | |
gpu: nova-core: register: redesign relative registers
The relative registers are currently very unsafe to use: callers can
specify any constant as the base address for access, meaning they can
effectively interpret any I/O address as any relative register.
Ideally, valid base addresses for a family of registers should be
explicitly defined in the code, and could only be used with the relevant
registers
This patch changes the relative register declaration from e.g.:
register!(CPU_CTL @ +0x0000010, "CPU core control" {
0:0 start as bool, "Start the CPU core";
});
into:
register!(CPU_CTL @ CpuCtlBase[0x10], "CPU core control" {
0:0 start as bool, "Start the CPU core";
});
Where `CpuCtlBase` is the name of a ZST used as a parameter of the
`RegisterBase<>` trait to define a trait unique to a class of register.
This specialized trait is then implemented for every type that provides
a valid base address, enabling said types to be passed as the base
address provider for the register's I/O accessor methods.
This design thus makes it impossible to pass an unexpected base address
to a relative register, and, since the valid bases are all known at
compile-time, also guarantees that all I/O accesses are done within the
valid bounds of the I/O range.
[acourbot@nvidia.com: add example in the commit log.]
Reviewed-by: Lyude Paul <lyude@redhat.com>
Link: https://lore.kernel.org/r/20250718-nova-regs-v2-15-7b6a762aa1cd@nvidia.com
Signed-off-by: Alexandre Courbot <acourbot@nvidia.com>
Diffstat (limited to 'rust/kernel')
0 files changed, 0 insertions, 0 deletions