michaelkuc6/blog_os
1
0
Fork 0
mirror of https://github.com/phil-opp/blog_os.git synced 2025-12-17 06:47:49 +00:00
Code Issues Projects Releases Wiki Activity

FrameAllocator is an unsafe trait now

Browse Source 
Make `BootInfoFrameAllocator` unsafe because the caller must guarantee that the given memory map is valid.
This commit is contained in:
Philipp Oppermann
2019-05-03 18:41:01 +02:00
parent 78e4b22a2f
commit 7796d4c14a
2 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/memory.rs
View File

@@ -59,7 +59,7 @@ pub fn create_example_mapping(
/// A FrameAllocator that always returns `None`.
pub struct EmptyFrameAllocator;
impl FrameAllocator<Size4KiB> for EmptyFrameAllocator {
unsafe impl FrameAllocator<Size4KiB> for EmptyFrameAllocator {
fn allocate_frame(&mut self) -> Option<PhysFrame> {
None
}
@@ -73,7 +73,11 @@ pub struct BootInfoFrameAllocator {
impl BootInfoFrameAllocator {
/// Create a FrameAllocator from the passed memory map.
pub fn init(memory_map: &'static MemoryMap) -> Self {
///
/// This function is unsafe because the caller must guarantee that the passed
/// memory map is valid. The main requirement is that all frames that are marked
/// as `USABLE` in it are really unused.
pub unsafe fn init(memory_map: &'static MemoryMap) -> Self {
BootInfoFrameAllocator {
memory_map,
next: 0,
@@ -94,7 +98,7 @@ impl BootInfoFrameAllocator {
}
}
impl FrameAllocator<Size4KiB> for BootInfoFrameAllocator {
unsafe impl FrameAllocator<Size4KiB> for BootInfoFrameAllocator {
fn allocate_frame(&mut self) -> Option<PhysFrame> {
let frame = self.usable_frames().nth(self.next);
self.next += 1;