Trait EPMPDebugConfig

pub trait EPMPDebugConfig {
    const DEBUG_ENABLE: bool;
    const TOR_USER_REGIONS: usize;
    const TOR_USER_ENTRIES_OFFSET: usize;
}

EarlGrey SoC ePMP JTAG Debugging Configuration

The EarlGrey SoC includes a RISC-V Debug Manager mapped to a NAPOT-aligned memory region. To use a JTAG-debugger with the EarlGrey SoC, this region needs to be allowed as R/W/X in the ePMP, at least for machine-mode. However, the RISC-V ePMP does not support R/W/X regions when in machine-mode lockdown (MML) mode. Furthermore, with the machine-mode whitelist policy (MMWP) enabled, machine-mode (the kernel) must be given explicit access for any memory regions to be accessed.

Thus, to enable debugger access, the following changes have to be made in the EarlGrey ePMP from its default locked-down configuration:

• Machine-Mode Lockdown (MML) must not be enabled

• A locked (machine-mode) PMP memory region must be allocated for the RISC-V Debug Manager (RVDM) allocated, and be given R/W/X permissions.

• Locked regions are enforced & locked for both machine-mode and user-mode. This means that we can no longer use locked regions in combination with the machine-mode whitelist policy to take away access permissions from user-mode. This means that we need to place all user-mode regions as non-locked regions in front of all locked machine-mode regions, and insert a “deny-all” non-locked fallback user-mode region in between to achieve our desired isolation properties.

As a consequence, because of this “deny-all” user-mode region, we have one fewer memory regions available to be used as a userspace MPU.

Because all of this is much too complex to implement at runtime (and can’t be reconfigured at runtime once MML is configured), we define a new trait EPMPDebugConfig with two implementations EPMPDebugEnable and EPMPDebugDisable. The EPMP implementation is generic over those traits and can, for instance, advertise a different number of MPU regions available for userspace. It further contains a method to retrieve the RVDM memory region’s NAPOT address specification irrespective of whether the debug memory is enabled, and an associated constant to use in the configuration code (such that the branches not taken can be optimized out).

Required Associated Constants

const DEBUG_ENABLE: bool

Whether the debug port shall be enabled or not.

const TOR_USER_REGIONS: usize

How many userspace MPU (TOR) regions are available under this configuration.

const TOR_USER_ENTRIES_OFFSET: usize

The offset where the user-mode TOR PMP entries start. This counts “entries”, meaning pmpaddrX registers. A single “TOR region” uses two consecutive “entries”.

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors

impl EPMPDebugConfig for EPMPDebugDisable

const DEBUG_ENABLE: bool = false

const TOR_USER_REGIONS: usize = 4usize

const TOR_USER_ENTRIES_OFFSET: usize = 4usize

impl EPMPDebugConfig for EPMPDebugEnable

const DEBUG_ENABLE: bool = true

const TOR_USER_REGIONS: usize = 4usize

const TOR_USER_ENTRIES_OFFSET: usize = 0usize