* copyright-checker: Add FreeRTOS Arm collab copyright
FreeRTOS Arm collab files shall have both Amazon's
and Arm's copyright headers. Hence, the copyright
checker is modified to check for both copyrights.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
* armv8-m: Add support for IAR with TFM FREERTOS PORT
As the case for ARMClang, and GCC toolchains, IAR
with TFM FreeRTOS Port support is added.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* armv8-m: Do not overwrite Control register value
The current ARMv8-M FreeRTOS-Kernel Port code
implementation is modified in a way that allows
the CONTROL register's value to be retained
rather than being overwritten.
This is needed for adding PACBTI support as
the special-purpose CONTROL register `PAC_EN`,
`UPAC_EN`, `BTI_EN`, and `UBTI_EN` PACBTI
enablement bits should be configured before calling
`vRestoreContextOfFirstTask()` function which currently
overwrite the value inside the CONTROL register.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* armv8.1-m: Add PACBTI support to kernel non-secure implementation
In this commit, Pointer Authentication, and Branch Target
Identification Extension (PACBTI) support is added for
Non-Secure and Non-TrustZone variants of Cortex-M85
FreeRTOS-Kernel Port.
The PACBTI support is added for Arm Compiler For
Embedded, and IAR toolchains only. The support in
the kernel is not yet enabled for GNU toolchain
due to known issues.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* Fix CI check
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
---------
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
Co-authored-by: Ahmed Ismail <ahmism01@e133373.arm.com>
Co-authored-by: Gaurav Aggarwal <aggarg@amazon.com>
Earlier the System Call entry from an unprivileged task
looked like:
1. SVC for entering system call.
2. System call implementation.
3. SVC for exiting system call.
Now, the system call entry needs to make only one SVC
call and everything else is handled internally.
This PR also makes the following changes:
1. Update the Access Control List (ACL) mechanism to
grant access to all the kernel objects before the
scheduler is started.
2. Add one struct param for system calls with 5 parameters.
This removes the need for special handling for system
calls with 5 parameters.
3. Remove raise privilege SVC when MPU wrapper v2 is used.
4. Add additional run time parameter checks to MPU wrappers
for xTaskGenericNotify and xQueueTakeMutexRecursive APIs.
Memory Protection Unit (MPU) Enhancements
This commit introduces a new MPU wrapper that places additional
restrictions on unprivileged tasks. The following is the list of changes
introduced with the new MPU wrapper:
1. Opaque and indirectly verifiable integers for kernel object handles:
All the kernel object handles (for example, queue handles) are now
opaque integers. Previously object handles were raw pointers.
2. Saving the task context in Task Control Block (TCB): When a task is
swapped out by the scheduler, the task's context is now saved in its
TCB. Previously the task's context was saved on its stack.
3. Execute system calls on a separate privileged only stack: FreeRTOS
system calls, which execute with elevated privilege, now use a
separate privileged only stack. Previously system calls used the
calling task's stack. The application writer can control the size of
the system call stack using new configSYSTEM_CALL_STACK_SIZE config
macro.
4. Memory bounds checks: FreeRTOS system calls which accept a pointer
and de-reference it, now verify that the calling task has required
permissions to access the memory location referenced by the pointer.
5. System call restrictions: The following system calls are no longer
available to unprivileged tasks:
- vQueueDelete
- xQueueCreateMutex
- xQueueCreateMutexStatic
- xQueueCreateCountingSemaphore
- xQueueCreateCountingSemaphoreStatic
- xQueueGenericCreate
- xQueueGenericCreateStatic
- xQueueCreateSet
- xQueueRemoveFromSet
- xQueueGenericReset
- xTaskCreate
- xTaskCreateStatic
- vTaskDelete
- vTaskPrioritySet
- vTaskSuspendAll
- xTaskResumeAll
- xTaskGetHandle
- xTaskCallApplicationTaskHook
- vTaskList
- vTaskGetRunTimeStats
- xTaskCatchUpTicks
- xEventGroupCreate
- xEventGroupCreateStatic
- vEventGroupDelete
- xStreamBufferGenericCreate
- xStreamBufferGenericCreateStatic
- vStreamBufferDelete
- xStreamBufferReset
Also, an unprivileged task can no longer use vTaskSuspend to suspend
any task other than itself.
We thank the following people for their inputs in these enhancements:
- David Reiss of Meta Platforms, Inc.
- Lan Luo, Xinhui Shao, Yumeng Wei, Zixia Liu, Huaiyu Yan and Zhen Ling
of School of Computer Science and Engineering, Southeast University,
China.
- Xinwen Fu of Department of Computer Science, University of
Massachusetts Lowell, USA.
- Yuequi Chen, Zicheng Wang, Minghao Lin of University of Colorado
Boulder, USA.
* Cortex-M35P: Add Cortex-M35P port
The Cortex-M35P support added to kernel. The port hasn't been
validated yet with TF-M. Hence TF-M support is not included in this
port.
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
* Add portNORETURN to the newly added portmacro.h
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
---------
Signed-off-by: Devaraj Ranganna <devaraj.ranganna@arm.com>
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
Co-authored-by: Gaurav Aggarwal <aggarg@amazon.com>
Co-authored-by: kar-rahul-aws <118818625+kar-rahul-aws@users.noreply.github.com>
