Crate sel4_microkit

A foundation for pure-Rust seL4 Microkit protection domains.

See the seL4 Microkit manual for non-Rust-specific documentation about the seL4 Microkit.

See the demo for a concrete example of this crate in action.

This crate depends, at build time, on the libsel4 headers. It requires that either $SEL4_INCLUDE_DIRS contains a colon-separated list of include paths for the libsel4 headers, or that $SEL4_PREFIX is set, in which case $SEL4_PREFIX/libsel4/include is used.

The microkit tool expects protection domain binaries to expose a few symbols. All protection domains must contain the symbol __sel4_ipc_buffer_obj. Furthermore, for protection domains with memory regions, the microkit tool injects the addresses of these memory regions at build time by patching designated symbols. The *-sel4-microkit{,-minimal}.json rustc target specs distributed as part of the rust-sel4 project provide __sel4_ipc_buffer_obj, and the memory_region_symbol macro provides a conveneint way to declare memory region address symbols.

Use the protection_domain macro to declare the initialization function, stack size, and, optionally, heap and heap size.

Modules

• panicking

Macros

• debug_print
  Like std::print!, except backed by debug_put_char.
• debug_println
  Like std::println!, except backed by debug_put_char.
• memory_region_symbol
  Declares a symbol via which the microkit tool can inject a memory region’s address, and returns the memory region’s address at runtime.
• var
  Declares a symbol via which the microkit tool can inject a variable declared by e.g. setvar_vaddr, and returns the variable’s value at runtime.

Structs

• Channel
  A channel between this protection domain and another, identified by a channel index.
• Child
  A handle to a child protection domain, identified by a child protection domain index.
• DeferredAction
  An action deferred for syscall coalescing using Handler::take_deferred_action.
• DeferredActionSlot
  Utility type for implementing Handler::take_deferred_action.
• IrqAckError
  Error type returned by Channel::irq_ack.
• MessageInfo
  Corresponds to microkit_msginfo.
• NullHandler
  A Handler implementation which does not override any of the default method implementations.

Enums

• DeferredActionInterface
  A channel interface for which actions can be deferred.
• Infallible
  The error type for errors that can never happen.

Constants

• DEFAULT_STACK_SIZE
  The default stack size used by #[protection_domain].

Traits

• Handler
  Trait for the application-specific part of a protection domain’s main loop.

Functions

• get_mr
  Corresponds to microkit_mr_get.
• ipc_buffer_ptr
  Returns a pointer to the protection domain’s sel4::IpcBuffer.
• pd_is_passive
  Returns whether this protection domain is a passive server.
• pd_name
  Returns the name of this protection domain.
• set_mr
  Corresponds to microkit_mr_set.
• with_msg_bytes
  Provides access to the protection domain’s message registers, viewed as an array of bytes.
• with_msg_bytes_mut
  Provides mutable access to the protection domain’s message registers, viewed as an array of bytes.
• with_msg_regs
  Provides access to the protection domain’s message registers.
• with_msg_regs_mut
  Provides mutable access to the protection domain’s message registers.

Type Aliases

• MessageLabel
  Type alias for MessageInfo labels.
• MessageRegisterValue
  Type alias for message register values.

Attribute Macros

• protection_domain
  Declares a function to be the the protection domain’s initialization function.