kai
/
pounder_test
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updating DAC SPI structures to own HAL SPI structure for safety guarantees

This commit is contained in:
Ryan Summers 2020-11-24 17:21:14 +01:00
parent bf8b950fe6
commit d236ea94c4
2 changed files with 43 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/adc.rs
View File

@ -307,6 +307,8 @@ impl Adc1Input {
Transfer::init( Transfer::init(
trigger_stream, trigger_stream,
SPI3::new(trigger_channel), SPI3::new(trigger_channel),
// Note(unsafe). This transaction is read-only and SPI_START is a dont-care value,
// so it is always safe to share.
unsafe { &mut SPI_START }, unsafe { &mut SPI_START },
None, None,
trigger_config, trigger_config,

81
src/dac.rs
View File

@ -24,19 +24,24 @@ static mut DAC1_BUF0: [u16; SAMPLE_BUFFER_SIZE] = [0; SAMPLE_BUFFER_SIZE];
#[link_section = ".axisram.buffers"] #[link_section = ".axisram.buffers"]
static mut DAC1_BUF1: [u16; SAMPLE_BUFFER_SIZE] = [0; SAMPLE_BUFFER_SIZE]; static mut DAC1_BUF1: [u16; SAMPLE_BUFFER_SIZE] = [0; SAMPLE_BUFFER_SIZE];
/// SPI4 is used as a ZST (zero-sized type) for indicating a DMA transfer into the SPI4 TX FIFO /// SPI4 is used as a type for indicating a DMA transfer into the SPI4 TX FIFO
struct SPI4 { struct SPI4 {
spi: hal::spi::Spi<hal::stm32::SPI4, hal::spi::Disabled, u16>,
_channel: sampling_timer::tim2::Channel3, _channel: sampling_timer::tim2::Channel3,
} }
impl SPI4 { impl SPI4 {
pub fn new(_channel: sampling_timer::tim2::Channel3) -> Self { pub fn new(
Self { _channel } _channel: sampling_timer::tim2::Channel3,
spi: hal::spi::Spi<hal::stm32::SPI4, hal::spi::Disabled, u16>,
) -> Self {
Self { _channel, spi }
} }
} }
// Note(unsafe): This is safe because the DMA request line is logically owned by this module. // Note(unsafe): This is safe because the DMA request line is logically owned by this module.
// Additionally, it is only safe if the SPI TX functionality is never used, which is managed by the // Additionally, the SPI is owned by this structure and is known to be configured for u16 word
// Dac0Output. // sizes.
unsafe impl TargetAddress<MemoryToPeripheral> for SPI4 { unsafe impl TargetAddress<MemoryToPeripheral> for SPI4 {
/// SPI2 is configured to operate using 16-bit transfer words. /// SPI2 is configured to operate using 16-bit transfer words.
type MemSize = u16; type MemSize = u16;
@ -46,25 +51,28 @@ unsafe impl TargetAddress<MemoryToPeripheral> for SPI4 {
/// Whenever the DMA request occurs, it should write into SPI4's TX FIFO. /// Whenever the DMA request occurs, it should write into SPI4's TX FIFO.
fn address(&self) -> u32 { fn address(&self) -> u32 {
// Note(unsafe): This is only safe as long as no other users write to the SPI TX FIFO. &self.spi.inner().txdr as *const _ as u32
let regs = unsafe { &*hal::stm32::SPI4::ptr() };
&regs.txdr as *const _ as u32
} }
} }
/// SPI5 is used as a ZST (zero-sized type) for indicating a DMA transfer into the SPI5 TX FIFO /// SPI5 is used as a ZST (zero-sized type) for indicating a DMA transfer into the SPI5 TX FIFO
struct SPI5 { struct SPI5 {
_channel: sampling_timer::tim2::Channel4, _channel: sampling_timer::tim2::Channel4,
spi: hal::spi::Spi<hal::stm32::SPI5, hal::spi::Disabled, u16>,
} }
impl SPI5 { impl SPI5 {
pub fn new(_channel: sampling_timer::tim2::Channel4) -> Self { pub fn new(
Self { _channel } _channel: sampling_timer::tim2::Channel4,
spi: hal::spi::Spi<hal::stm32::SPI5, hal::spi::Disabled, u16>,
) -> Self {
Self { _channel, spi }
} }
} }
// Note(unsafe): This is safe because the DMA request line is logically owned by this module. // Note(unsafe): This is safe because the DMA request line is logically owned by this module.
// Additionally, it is only safe if the SPI TX functionality is never used, which is managed by the // Additionally, the SPI is owned by this structure and is known to be configured for u16 word
// Dac1Output. // sizes.
unsafe impl TargetAddress<MemoryToPeripheral> for SPI5 { unsafe impl TargetAddress<MemoryToPeripheral> for SPI5 {
/// SPI5 is configured to operate using 16-bit transfer words. /// SPI5 is configured to operate using 16-bit transfer words.
type MemSize = u16; type MemSize = u16;
@ -74,9 +82,7 @@ unsafe impl TargetAddress<MemoryToPeripheral> for SPI5 {
/// Whenever the DMA request occurs, it should write into SPI5's TX FIFO /// Whenever the DMA request occurs, it should write into SPI5's TX FIFO
fn address(&self) -> u32 { fn address(&self) -> u32 {
// Note(unsafe): This is only safe as long as no other users write to the SPI TX FIFO. &self.spi.inner().txdr as *const _ as u32
let regs = unsafe { &*hal::stm32::SPI5::ptr() };
&regs.txdr as *const _ as u32
} }
} }
@ -121,7 +127,6 @@ impl DacOutputs {
pub struct Dac0Output { pub struct Dac0Output {
next_buffer: Option<&'static mut [u16; SAMPLE_BUFFER_SIZE]>, next_buffer: Option<&'static mut [u16; SAMPLE_BUFFER_SIZE]>,
// Note: SPI TX functionality may not be used from this structure to ensure safety with DMA. // Note: SPI TX functionality may not be used from this structure to ensure safety with DMA.
_spi: hal::spi::Spi<hal::stm32::SPI4, hal::spi::Disabled, u16>,
transfer: Transfer< transfer: Transfer<
hal::dma::dma::Stream4<hal::stm32::DMA1>, hal::dma::dma::Stream4<hal::stm32::DMA1>,
SPI4, SPI4,
@ -153,16 +158,6 @@ impl Dac0Output {
.memory_increment(true) .memory_increment(true)
.peripheral_increment(false); .peripheral_increment(false);
// Construct the trigger stream to write from memory to the peripheral.
let transfer: Transfer<_, _, MemoryToPeripheral, _> = Transfer::init(
stream,
SPI4::new(trigger_channel),
// Note(unsafe): This buffer is only used once and provided for the DMA transfer.
unsafe { &mut DAC0_BUF0 },
None,
trigger_config,
);
// Listen for any potential SPI error signals, which may indicate that we are not generating // Listen for any potential SPI error signals, which may indicate that we are not generating
// update codes. // update codes.
let mut spi = spi.disable(); let mut spi = spi.disable();
@ -175,11 +170,20 @@ impl Dac0Output {
spi.inner().cr1.modify(|_, w| w.spe().set_bit()); spi.inner().cr1.modify(|_, w| w.spe().set_bit());
spi.inner().cr1.modify(|_, w| w.cstart().started()); spi.inner().cr1.modify(|_, w| w.cstart().started());
// Construct the trigger stream to write from memory to the peripheral.
let transfer: Transfer<_, _, MemoryToPeripheral, _> = Transfer::init(
stream,
SPI4::new(trigger_channel, spi),
// Note(unsafe): This buffer is only used once and provided for the DMA transfer.
unsafe { &mut DAC0_BUF0 },
None,
trigger_config,
);
Self { Self {
transfer, transfer,
// Note(unsafe): This buffer is only used once and provided for the next DMA transfer. // Note(unsafe): This buffer is only used once and provided for the next DMA transfer.
next_buffer: unsafe { Some(&mut DAC0_BUF1) }, next_buffer: unsafe { Some(&mut DAC0_BUF1) },
_spi: spi,
first_transfer: true, first_transfer: true,
} }
} }
@ -216,8 +220,6 @@ impl Dac0Output {
/// Represents the data output stream from DAC1. /// Represents the data output stream from DAC1.
pub struct Dac1Output { pub struct Dac1Output {
next_buffer: Option<&'static mut [u16; SAMPLE_BUFFER_SIZE]>, next_buffer: Option<&'static mut [u16; SAMPLE_BUFFER_SIZE]>,
// Note: SPI TX functionality may not be used from this structure to ensure safety with DMA.
_spi: hal::spi::Spi<hal::stm32::SPI5, hal::spi::Disabled, u16>,
transfer: Transfer< transfer: Transfer<
hal::dma::dma::Stream5<hal::stm32::DMA1>, hal::dma::dma::Stream5<hal::stm32::DMA1>,
SPI5, SPI5,
@ -250,16 +252,6 @@ impl Dac1Output {
.peripheral_increment(false) .peripheral_increment(false)
.circular_buffer(true); .circular_buffer(true);
// Construct the stream to write from memory to the peripheral.
let transfer: Transfer<_, _, MemoryToPeripheral, _> = Transfer::init(
stream,
SPI5::new(trigger_channel),
// Note(unsafe): This buffer is only used once and provided to the transfer.
unsafe { &mut DAC1_BUF0 },
None,
trigger_config,
);
// Listen for any SPI errors, as this may indicate that we are not generating updates on the // Listen for any SPI errors, as this may indicate that we are not generating updates on the
// DAC. // DAC.
let mut spi = spi.disable(); let mut spi = spi.disable();
@ -272,11 +264,20 @@ impl Dac1Output {
spi.inner().cr1.modify(|_, w| w.spe().set_bit()); spi.inner().cr1.modify(|_, w| w.spe().set_bit());
spi.inner().cr1.modify(|_, w| w.cstart().started()); spi.inner().cr1.modify(|_, w| w.cstart().started());
// Construct the stream to write from memory to the peripheral.
let transfer: Transfer<_, _, MemoryToPeripheral, _> = Transfer::init(
stream,
SPI5::new(trigger_channel, spi),
// Note(unsafe): This buffer is only used once and provided to the transfer.
unsafe { &mut DAC1_BUF0 },
None,
trigger_config,
);
Self { Self {
// Note(unsafe): This buffer is only used once and provided for the next DMA transfer. // Note(unsafe): This buffer is only used once and provided for the next DMA transfer.
next_buffer: unsafe { Some(&mut DAC1_BUF1) }, next_buffer: unsafe { Some(&mut DAC1_BUF1) },
transfer, transfer,
_spi: spi,
first_transfer: true, first_transfer: true,
} }
} }