feat: implement USER permission

JonasKruckenberg · JonasKruckenberg · Jan 20, 2025 · Jan 17, 2025 · Jan 17, 2025 · Jan 17, 2025
commit 7ce84c3d5eaaa2ba00a93b7cacb3da2f799cd8a4
diff --git a/kernel/src/arch/riscv64/vm.rs b/kernel/src/arch/riscv64/vm.rs
@@ -587,13 +587,31 @@ impl PageTableEntry {
 bitflags! {
     #[derive(Debug, Copy, Clone, Eq, PartialEq, Default)]
     pub struct PTEFlags: usize {
+        /// Indicates the page table entry is initialized
         const VALID     = 1 << 0;
+        /// Whether the page is readable
         const READ      = 1 << 1;
+        /// Whether the page is writable
         const WRITE     = 1 << 2;
+        /// Whether the page is executable
         const EXECUTE   = 1 << 3;
+        /// Whether the page is accessible to user mode.
+        ///
+        /// By default, pages are only accessible in supervisor mode but marking a page as user-accessible
+        /// allows user mode code to access the page too.
         const USER      = 1 << 4;
+        /// Designates a global mapping.
+        ///
+        /// Global mappings exist in all address space.
+        ///
+        /// Note that as stated in the RISCV privileged spec, forgetting to mark a global mapping as gobal
+        /// is *fine* since it just results in slower performance. However, marking a non-global mapping as
+        /// global by accident will result in undefined behaviour (the CPU might use any of the competing
+        /// mappings for the address).
         const GLOBAL    = 1 << 5;
+        /// Indicated the page has been read, written, or executed from.
         const ACCESSED    = 1 << 6;
+        /// Indicates the page has been written to.
         const DIRTY     = 1 << 7;
     }
 }
@@ -602,13 +620,15 @@ impl From<crate::vm::Permissions> for PTEFlags {
     fn from(flags: crate::vm::Permissions) -> Self {
         use crate::vm::Permissions;
 
-        let mut out = Self::VALID | Self::DIRTY | Self::ACCESSED;
+        // we currently don't use the accessed & dirty bits and, it's recommended to set them if unused
+        let mut out = Self::VALID | Self::ACCESSED | Self::DIRTY;
 
         for flag in flags {
             match flag {
                 Permissions::READ => out.insert(Self::READ),
                 Permissions::WRITE => out.insert(Self::WRITE),
                 Permissions::EXECUTE => out.insert(Self::EXECUTE),
+                Permissions::USER => out.insert(Self::USER),
                 _ => unreachable!(),
             }
         }

diff --git a/kernel/src/vm/mod.rs b/kernel/src/vm/mod.rs
@@ -13,8 +13,8 @@ mod error;
 pub mod flush;
 pub mod frame_alloc;
 mod frame_list;
-mod mmap;
 mod trap_handler;
+mod user_mmap;
 mod vmo;
 
 use crate::arch;
@@ -30,11 +30,11 @@ use core::range::Range;
 use core::{fmt, slice};
 pub use error::Error;
 use loader_api::BootInfo;
-pub use mmap::MmapSlice;
 use rand::SeedableRng;
 use rand_chacha::ChaCha20Rng;
 use sync::{LazyLock, Mutex, OnceLock};
 pub use trap_handler::trap_handler;
+pub use user_mmap::UserMmap;
 use xmas_elf::program::Type;
 
 pub static KERNEL_ASPACE: OnceLock<Mutex<AddressSpace>> = OnceLock::new();
@@ -201,9 +201,14 @@ impl PageFaultFlags {
 bitflags::bitflags! {
     #[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
     pub struct Permissions: u8 {
+        /// Allow reads from the memory region
         const READ = 1 << 0;
+        /// Allow writes to the memory region
         const WRITE = 1 << 1;
+        /// Allow code execution from the memory region
         const EXECUTE = 1 << 2;
+        /// Allow userspace to access the memory region
+        const USER = 1 << 3;
     }
 }