Skip to content

Commit

Permalink
kernel: handle_syscall: elaborate on NonNull change for CapabilityPtr
Browse files Browse the repository at this point in the history
  • Loading branch information
lschuermann committed Nov 13, 2024
1 parent 9560125 commit 670a5d0
Showing 1 changed file with 20 additions and 6 deletions.
26 changes: 20 additions & 6 deletions kernel/src/kernel.rs
Original file line number Diff line number Diff line change
Expand Up @@ -876,12 +876,26 @@ impl Kernel {
subscribe_num: subdriver_number,
};

// TODO: when the compiler supports capability types bring this back
// as a NonNull type. https://github.com/tock/tock/issues/4134.
// First check if `upcall_ptr` is null. A null
// `upcall_ptr` will result in `None` here and
// represents the special "unsubscribe" operation.
// let ptr = NonNull::new(upcall_ptr);
// TODO: when the compiler supports capability types
// bring this back as a NonNull
// type. https://github.com/tock/tock/issues/4134.
//
// Previously, we had a NonNull type (that had a niche)
// here, and could wrap that in Option to fill the niche
// and handle the Null case. CapabilityPtr is filling
// the gap left by * const(), which does not have the
// niche and allows NULL internally. Having a CHERI
// capability type with a niche is (maybe?) predicated
// on having better compiler support.
// Option<NonNull<()>> is preferable here, and it should
// go back to it just as soon as we can express "non
// null capability". For now, checking for the null case
// is handled internally in each `map_or` call.
//
//First check if `upcall_ptr` is null. A null
//`upcall_ptr` will result in `None` here and
//represents the special "unsubscribe" operation.
//let ptr = NonNull::new(upcall_ptr);

// For convenience create an `Upcall` type now. This is
// just a data structure and doesn't do any checking or
Expand Down

0 comments on commit 670a5d0

Please sign in to comment.