Can a redesign of an OS in Rust give way to an even simpler framework of exception levels given its memory safety design?
Agenda
LEC 15: Interrupt and Exception (Lab4, Phase 1)
LEC 16: Process and Scheduling (Lab4, Phase 2)
LEC 17: Virtual Memory (Lab4, Phase 3/4)
LEC 19: Synchronization (Lab5, Phase 1)
LEC 20: Networking (Lab5, Phase 2)
Overview
ARMv8/AArch64
Architecture
Exception Level: EL0/1
Instruction set
Review: init.rs
Overview
ARMv7 vs. ARMv8
ARMv8 vs. AArch32 vs. AArch64
Overview
AArch64 and AArch32 are both Execution States unique to overall ARMv8-A architecture. AArch32 is meant to be backwards compatible with older 32-bit dependent versions of ARM like ARMv7-A. AArch64 is the state unique to ARMv8-A. AArch32 is comes bundled with the ARM Virtualization Extensions, Security Extensions, and Large Physical Address Extension. ARMv8-A also allows for the execution of code in both Execution States (32 vs 64) within the OS kernel or hypervisor layers.
Exception level / Execution states
A logical separation of software execution privilege
Similar to hierarchical protection domains (e.g., ring in x86)
Execution states of AArch32/64
Changing execution levels (target mode)
When a processor takes an exception (e.g., interrupt or system call):
Save the current processor state in SPSR
Save the return address to ELR
Execution state
Each core has the execution state represented by:
Register file
Processor state (PSTATE)
Registers (in AArch64)
31 × 64-bit general purpose registers (X0-X30)
Xn for 64-bit wide
Wn for 32-bit wide
Rn for 64/32-bit wides
Special registers
XZR (not X0) virtually contains all zero
SP/PC for stack and program counter
SPSR: saved program status
ELR: exception link register
Processor state (PSTATE)
Conditional flags: N, Z, C, V
Interrupt masks: D, A, I, F
Execution state: nRW (32/64-bit)
Stack selection: SP (SP_EL0/SP_ELn)
Misc: SS (single step), IL (illegal execution)
Accessing PSTATE
MRS X0, SPSel // Read SPSel into X0MSR SPSel, X0 // Write X0 to SPSel
Accessing PSTATE
MSR DAIFSet, #Imm4 // Used to set any or all of DAIF to 1MSR DAIFClr, #Imm4 // Used to clear any or all of DAIF to 0
System registers
System control registers
Controls “features” implemented in the core (e.g., MMU)
e.g., M for enabling MMU, WXN for W^X, EE for endianness
Tastes of instructions: accessing memory
ldr <ra>, [<rb>]: load value from address in <rb> into <ra>
str <ra>, [<rb>]: store value in <ra> to address in <rb>
// push `x0` and `x1` onto the stack. after this operation the stack is://// |------| <- SP// | x0 |// |------|// | x1 |// |------| <x (original SP)//stp x0, x1, [SP, #-16]!
Tastes of instructions: accessing stack
// pop `x0` and `x1` from the stack. after this operation, the stack is://// |------| <x (original SP)// | x0 |// |------|// | x1 |// |------| <- SP//ldp x0, x1, [SP], #16
