capsules_system/storage_permissions/
individual.rs

1// Licensed under the Apache License, Version 2.0 or the MIT License.
2// SPDX-License-Identifier: Apache-2.0 OR MIT
3// Copyright Tock Contributors 2024.
4
5use kernel::capabilities::ApplicationStorageCapability;
6use kernel::platform::chip::Chip;
7use kernel::process::Process;
8use kernel::process::ShortId;
9use kernel::storage_permissions::StoragePermissions;
10
11/// Assign storage permissions that grant applications access to their own
12/// state.
13pub struct IndividualStoragePermissions<
14    C: Chip,
15    D: kernel::process::ProcessStandardDebug,
16    CAP: ApplicationStorageCapability,
17> {
18    cap: CAP,
19    _chip: core::marker::PhantomData<C>,
20    _debug: core::marker::PhantomData<D>,
21}
22
23impl<C: Chip, D: kernel::process::ProcessStandardDebug, CAP: ApplicationStorageCapability>
24    IndividualStoragePermissions<C, D, CAP>
25{
26    pub fn new(cap: CAP) -> Self {
27        Self {
28            cap,
29            _chip: core::marker::PhantomData,
30            _debug: core::marker::PhantomData,
31        }
32    }
33}
34
35impl<C: Chip, D: kernel::process::ProcessStandardDebug, CAP: ApplicationStorageCapability>
36    kernel::process::ProcessStandardStoragePermissionsPolicy<C, D>
37    for IndividualStoragePermissions<C, D, CAP>
38{
39    fn get_permissions(
40        &self,
41        process: &kernel::process::ProcessStandard<C, D>,
42    ) -> StoragePermissions {
43        // If we have a fixed ShortId then this process can have storage
44        // permissions. Otherwise we get null permissions.
45        match process.short_app_id() {
46            ShortId::Fixed(id) => StoragePermissions::new_self_only(id, &self.cap),
47            ShortId::LocallyUnique => StoragePermissions::new_null(),
48        }
49    }
50}
capsules_system/storage_permissions/individual.rs

capsules_system/storage_permissions/
individual.rs
