Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for resettable protection domains #167

Merged
merged 20 commits into from
Jul 11, 2024
Merged

Conversation

nspin
Copy link
Member

@nspin nspin commented Jul 9, 2024

This PR adds support for the creation of Microkit protection domains which are capable of restoring themselves to their initial state from code and data in read-only memory. Resettable protection domains may reset themselves with the new sel4_reset::reset() function (e.g. in a panic handler), or a parent protection domain may reset a child protection domain by setting its PC back to its entrypoint.

To illustrate how all of this works, here are the steps for creating such a resettable protection domain:

  • Link it against the sel4-reset crate, using, for example, extern se4_reset. This crate defines the _reset symbol, which will serve as the protection domain's new entrypoint. _reset resets all writable segments to their initial state from data in read-only segments, with the exception of the footprint of the .persistent ELF section, and then passes control to _start.
  • Use one of the new --target *-sel4-microkit-resettable*.json target specs, which augments the base Microkit target specs with a linker script fragment that designates _reset as the ELF's entrypoint and gathers and places the .persistent ELF section.
  • Process the program image with the sel4-reset-cli program, which adds a read-only segment containing all of the data needed to restore the writable segments to their initial state.

See crates/private/tests/microkit/reset/src/bin/test.rs for all of this in action.

@nspin
Copy link
Member Author

nspin commented Jul 9, 2024

Uses seL4/microkit#164

nspin added 3 commits July 9, 2024 06:24
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
@nspin nspin force-pushed the pr/resettable branch 3 times, most recently from 4dba8bf to b61459e Compare July 9, 2024 11:55
nspin added 9 commits July 10, 2024 05:10
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
nspin added 5 commits July 10, 2024 07:20
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
nspin added 3 commits July 10, 2024 09:06
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
Signed-off-by: Nick Spinale <nick@nickspinale.com>
@nspin nspin merged commit 4fa77ad into seL4:main Jul 11, 2024
9 checks passed
@nspin nspin deleted the pr/resettable branch July 11, 2024 22:13
@podhrmic
Copy link

Very cool feature!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants