@@ -120,28 +120,43 @@ pub unsafe fn raise_tpl(tpl: Tpl) -> TplGuard {
120120 }
121121}
122122
123- /// Allocates memory pages from the system .
123+ /// Allocates a consecutive set of memory pages using the UEFI allocator .
124124///
125- /// UEFI OS loaders should allocate memory of the type `LoaderData`.
125+ /// The caller is responsible to free the memory using [`free_pages`].
126+ ///
127+ /// # Arguments
128+ /// - `allocation_type`: The [`AllocateType`] to alter the allocation strategy.
129+ /// - `memory_type`: The [`MemoryType`] used to persist the allocation in the
130+ /// UEFI memory map. Typically, UEFI OS loaders should allocate memory of
131+ /// type [`MemoryType::LOADER_DATA`].
132+ ///- `size`: Amount of bytes to allocate.
133+ ///
134+ /// # Safety
135+ /// Using this function is safe but reading on initialized memory is not.
136+ /// Please look into the example code.
126137///
127138/// # Errors
128139///
129140/// * [`Status::OUT_OF_RESOURCES`]: allocation failed.
130141/// * [`Status::INVALID_PARAMETER`]: `mem_ty` is [`MemoryType::PERSISTENT_MEMORY`],
131142/// [`MemoryType::UNACCEPTED`], or in the range [`MemoryType::MAX`]`..=0x6fff_ffff`.
132143/// * [`Status::NOT_FOUND`]: the requested pages could not be found.
133- pub fn allocate_pages ( ty : AllocateType , mem_ty : MemoryType , count : usize ) -> Result < NonNull < u8 > > {
144+ pub fn allocate_pages (
145+ allocation_type : AllocateType ,
146+ memory_type : MemoryType ,
147+ count : usize ,
148+ ) -> Result < NonNull < u8 > > {
134149 let bt = boot_services_raw_panicking ( ) ;
135150 let bt = unsafe { bt. as_ref ( ) } ;
136151
137- let ( ty, initial_addr) = match ty {
152+ let ( ty, initial_addr) = match allocation_type {
138153 AllocateType :: AnyPages => ( 0 , 0 ) ,
139154 AllocateType :: MaxAddress ( addr) => ( 1 , addr) ,
140155 AllocateType :: Address ( addr) => ( 2 , addr) ,
141156 } ;
142157
143158 let mut addr1 = initial_addr;
144- unsafe { ( bt. allocate_pages ) ( ty, mem_ty , count, & mut addr1) } . to_result ( ) ?;
159+ unsafe { ( bt. allocate_pages ) ( ty, memory_type , count, & mut addr1) } . to_result ( ) ?;
145160
146161 // The UEFI spec allows `allocate_pages` to return a valid allocation at
147162 // address zero. Rust does not allow writes through a null pointer (which
@@ -155,7 +170,7 @@ pub fn allocate_pages(ty: AllocateType, mem_ty: MemoryType, count: usize) -> Res
155170 // not yet been freed, so if this allocation succeeds it should be at a
156171 // non-zero address.
157172 let mut addr2 = initial_addr;
158- let r = unsafe { ( bt. allocate_pages ) ( ty, mem_ty , count, & mut addr2) } . to_result ( ) ;
173+ let r = unsafe { ( bt. allocate_pages ) ( ty, memory_type , count, & mut addr2) } . to_result ( ) ;
159174
160175 // Free the original allocation (ignoring errors).
161176 let _unused = unsafe { ( bt. free_pages ) ( addr1, count) } ;
@@ -189,22 +204,31 @@ pub unsafe fn free_pages(ptr: NonNull<u8>, count: usize) -> Result {
189204 unsafe { ( bt. free_pages ) ( addr, count) } . to_result ( )
190205}
191206
192- /// Allocates from a memory pool. The pointer will be 8-byte aligned.
207+ /// Allocates a consecutive region of bytes using the UEFI allocator. The buffer
208+ /// will be 8-byte aligned.
209+ ///
210+ /// The caller is responsible to free the memory using [`free_pool`].
211+ ///
212+ /// # Arguments
213+ /// - `memory_type`: The [`MemoryType`] used to persist the allocation in the
214+ /// UEFI memory map. Typically, UEFI OS loaders should allocate memory of
215+ /// type [`MemoryType::LOADER_DATA`].
216+ ///- `size`: Amount of bytes to allocate.
193217///
194218/// # Errors
195219///
196220/// * [`Status::OUT_OF_RESOURCES`]: allocation failed.
197221/// * [`Status::INVALID_PARAMETER`]: `mem_ty` is [`MemoryType::PERSISTENT_MEMORY`],
198222/// [`MemoryType::UNACCEPTED`], or in the range [`MemoryType::MAX`]`..=0x6fff_ffff`.
199- pub fn allocate_pool ( mem_ty : MemoryType , size : usize ) -> Result < NonNull < u8 > > {
223+ pub fn allocate_pool ( memory_type : MemoryType , size : usize ) -> Result < NonNull < u8 > > {
200224 let bt = boot_services_raw_panicking ( ) ;
201225 let bt = unsafe { bt. as_ref ( ) } ;
202226
203227 let mut buffer = ptr:: null_mut ( ) ;
204- let ptr =
205- unsafe { ( bt . allocate_pool ) ( mem_ty , size , & mut buffer ) } . to_result_with_val ( || buffer) ?;
228+ let ptr = unsafe { ( bt . allocate_pool ) ( memory_type , size , & mut buffer ) }
229+ . to_result_with_val ( || buffer) ?;
206230
207- Ok ( NonNull :: new ( ptr) . expect ( "allocate_pool must not return a null pointer if successful" ) )
231+ NonNull :: new ( ptr) . ok_or ( Status :: OUT_OF_RESOURCES . into ( ) )
208232}
209233
210234/// Frees memory allocated by [`allocate_pool`].
0 commit comments