fix(interrupt): add missing "task context" check to set_priority

Author: yvt

src/constance/src/kernel/interrupt.rs

@@ -76,16 +76,22 @@ impl<System: Kernel> InterruptLine<System> {
         self,
         value: InterruptPriority,
     ) -> Result<(), SetInterruptLinePriorityError> {
-        let _lock = utils::lock_cpu::<System>()?;
+        let mut lock = utils::lock_cpu::<System>()?;
+
+        // Deny a non-task context
+        if System::is_interrupt_context() {
+            return Err(SetInterruptLinePriorityError::BadContext);
+        }
 
         // Deny unmanaged priority
         if !System::MANAGED_INTERRUPT_PRIORITY_RANGE.contains(&value) {
             return Err(SetInterruptLinePriorityError::BadParam);
         }
 
-        // Safety: (1) We are the kernel, so it's okay to call `Port`'s methods.
-        //         (2) CPU Lock active
-        unsafe { System::set_interrupt_line_priority(self.0, value) }
+        // Safety: (1) Some of the preconditions of `set_priority_unchecked`,
+        //         which are upheld by the caller.
+        //         (2) A task context.
+        unsafe { self.set_priority_unchecked_inner(value, lock.borrow_mut()) }
     }
 
     /// Set the priority of the interrupt line without checking if the new
@@ -109,6 +115,7 @@ impl<System: Kernel> InterruptLine<System> {
     ) -> Result<(), SetInterruptLinePriorityError> {
         let mut lock = utils::lock_cpu::<System>()?;
 
+        // Deny a non-task context
         if System::is_interrupt_context() {
             return Err(SetInterruptLinePriorityError::BadContext);
         }

src/constance_test_suite/src/kernel_tests/interrupt_disallowed_services.rs

@@ -0,0 +1,64 @@
+//! Checks the return codes of disallowed system calls made in an interrupt
+//! context.
+use constance::{
+    kernel::{self, InterruptHandler, InterruptLine, Task},
+    prelude::*,
+};
+
+use super::Driver;
+
+#[derive(Debug)]
+pub struct App<System> {
+    int: Option<InterruptLine<System>>,
+}
+
+impl<System: Kernel> App<System> {
+    constance::configure! {
+        pub const fn new<D: Driver<Self>>(_: &mut CfgBuilder<System>) -> Self {
+            new! { Task<_>, start = task_body::<System, D>, priority = 0, active = true };
+
+            let int = if let [int_line, ..] = *D::INTERRUPT_LINES {
+                unsafe {
+                    new! { InterruptHandler<_>,
+                        line = int_line, start = isr::<System, D>, unmanaged };
+                }
+
+                Some(new! { InterruptLine<_>, line = int_line, enabled = true })
+            } else {
+                None
+            };
+
+            App { int }
+        }
+    }
+}
+
+fn task_body<System: Kernel, D: Driver<App<System>>>(_: usize) {
+    let int = if let Some(int) = D::app().int {
+        int
+    } else {
+        log::warn!("No interrupt lines defined, skipping the test");
+        D::success();
+        return;
+    };
+
+    int.pend().unwrap();
+}
+
+fn isr<System: Kernel, D: Driver<App<System>>>(_: usize) {
+    // Disallowed in a non-task context
+    assert_eq!(
+        D::app().int.unwrap().set_priority(1),
+        Err(kernel::SetInterruptLinePriorityError::BadContext),
+    );
+    assert_eq!(
+        unsafe { D::app().int.unwrap().set_priority_unchecked(1) },
+        Err(kernel::SetInterruptLinePriorityError::BadContext),
+    );
+    assert_eq!(
+        System::boost_priority(),
+        Err(kernel::BoostPriorityError::BadContext),
+    );
+
+    D::success();
+}

src/constance_test_suite/src/lib.rs

@@ -145,6 +145,7 @@ pub mod kernel_tests {
         (mod event_group_order_task_priority {}, "event_group_order_task_priority"),
         (mod event_group_set_and_dispatch {}, "event_group_set_and_dispatch"),
         (mod event_group_wait_types {}, "event_group_wait_types"),
+        (mod interrupt_disallowed_services {}, "interrupt_disallowed_services"),
         (mod interrupt_misc {}, "interrupt_misc"),
         (mod interrupt_priority {}, "interrupt_priority"),
         (mod priority_boost {}, "priority_boost"),