diff options
| author | kar-rahul-aws <118818625+kar-rahul-aws@users.noreply.github.com> | 2023-07-13 14:21:04 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-13 14:21:04 +0300 |
| commit | 97050a17aa8ad5fd7a7789874b38083dbce1fb0b (patch) | |
| tree | 8aeaae8581bdb4ad0870cb39fc478444bbfd2192 /.github | |
| parent | 18e293723929da31c0395fb4c7f9187474058a6a (diff) | |
Memory Protection Unit (MPU) Enhancements (#705)
Memory Protection Unit (MPU) Enhancements
This commit introduces a new MPU wrapper that places additional
restrictions on unprivileged tasks. The following is the list of changes
introduced with the new MPU wrapper:
1. Opaque and indirectly verifiable integers for kernel object handles:
All the kernel object handles (for example, queue handles) are now
opaque integers. Previously object handles were raw pointers.
2. Saving the task context in Task Control Block (TCB): When a task is
swapped out by the scheduler, the task's context is now saved in its
TCB. Previously the task's context was saved on its stack.
3. Execute system calls on a separate privileged only stack: FreeRTOS
system calls, which execute with elevated privilege, now use a
separate privileged only stack. Previously system calls used the
calling task's stack. The application writer can control the size of
the system call stack using new configSYSTEM_CALL_STACK_SIZE config
macro.
4. Memory bounds checks: FreeRTOS system calls which accept a pointer
and de-reference it, now verify that the calling task has required
permissions to access the memory location referenced by the pointer.
5. System call restrictions: The following system calls are no longer
available to unprivileged tasks:
- vQueueDelete
- xQueueCreateMutex
- xQueueCreateMutexStatic
- xQueueCreateCountingSemaphore
- xQueueCreateCountingSemaphoreStatic
- xQueueGenericCreate
- xQueueGenericCreateStatic
- xQueueCreateSet
- xQueueRemoveFromSet
- xQueueGenericReset
- xTaskCreate
- xTaskCreateStatic
- vTaskDelete
- vTaskPrioritySet
- vTaskSuspendAll
- xTaskResumeAll
- xTaskGetHandle
- xTaskCallApplicationTaskHook
- vTaskList
- vTaskGetRunTimeStats
- xTaskCatchUpTicks
- xEventGroupCreate
- xEventGroupCreateStatic
- vEventGroupDelete
- xStreamBufferGenericCreate
- xStreamBufferGenericCreateStatic
- vStreamBufferDelete
- xStreamBufferReset
Also, an unprivileged task can no longer use vTaskSuspend to suspend
any task other than itself.
We thank the following people for their inputs in these enhancements:
- David Reiss of Meta Platforms, Inc.
- Lan Luo, Xinhui Shao, Yumeng Wei, Zixia Liu, Huaiyu Yan and Zhen Ling
of School of Computer Science and Engineering, Southeast University,
China.
- Xinwen Fu of Department of Computer Science, University of
Massachusetts Lowell, USA.
- Yuequi Chen, Zicheng Wang, Minghao Lin of University of Colorado
Boulder, USA.
Diffstat (limited to '.github')
| -rw-r--r-- | .github/lexicon.txt | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/.github/lexicon.txt b/.github/lexicon.txt index 1a7d4852d..ec6577e9e 100644 --- a/.github/lexicon.txt +++ b/.github/lexicon.txt @@ -2468,6 +2468,7 @@ uxportcomparesetextram uxpriority uxprioritytouse uxqueue +uxqueuegetqueueitemsize uxqueuelength uxqueuemessageswaiting uxqueuespacesavailable |