Skip to main content

islet_rmm/rsi/
hostcall.rs

1use crate::const_assert_eq;
2use crate::rmi::error::Error;
3
4use autopadding::*;
5
6pub const HOST_CALL_NR_GPRS: usize = 31;
7
8pad_struct_and_impl_default!(
9pub struct HostCall {
10    0x0 imm: u16,
11    0x8 gprs: [u64; HOST_CALL_NR_GPRS],
12    0x100 => @END,
13}
14);
15
16const_assert_eq!(core::mem::size_of::<HostCall>(), 0x100);
17
18impl HostCall {
19    pub fn set_gpr(&mut self, idx: usize, val: u64) -> Result<(), Error> {
20        if idx >= HOST_CALL_NR_GPRS {
21            error!("out of index: {}", idx);
22            return Err(Error::RmiErrorInput);
23        }
24        self.gprs[idx] = val;
25        Ok(())
26    }
27
28    pub fn gpr(&self, idx: usize) -> Result<u64, Error> {
29        if idx >= HOST_CALL_NR_GPRS {
30            error!("out of index: {}", idx);
31            return Err(Error::RmiErrorInput);
32        }
33        Ok(self.gprs[idx])
34    }
35
36    pub fn imm(&self) -> u16 {
37        self.imm
38    }
39}
40
41impl core::fmt::Debug for HostCall {
42    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
43        f.debug_struct("rsi::HostCall")
44            .field("imm", &format_args!("{:#X}", &self.imm))
45            .field("gprs", &self.gprs)
46            .finish()
47    }
48}
49
50impl safe_abstraction::raw_ptr::RawPtr for HostCall {}
51
52impl safe_abstraction::raw_ptr::SafetyChecked for HostCall {}
53
54impl safe_abstraction::raw_ptr::SafetyAssured for HostCall {
55    fn is_initialized(&self) -> bool {
56        // The initialization of this memory is guaranteed
57        // according to the RMM Specification A2.2.4 Granule Wiping.
58        // This instance belongs to a Data Granule and has been initialized.
59        true
60    }
61
62    fn verify_ownership(&self) -> bool {
63        // The instance's ownership is guaranteed while being processed by the RMM.
64        // While the Realm holds RW permissions for the instance,
65        // it cannot exercise these permissions from the moment an SMC request is made
66        // until the request is completed. Even in multi-core environments,
67        // the designated areas are protected by Stage 2 Table,
68        // ensuring that there are no adverse effects on RMM's memory safety.
69        true
70    }
71}