mirror of
https://github.com/FreeRTOS/FreeRTOS-Kernel.git
synced 2025-11-04 10:42:33 -05:00
97050a17aa
Memory Protection Unit (MPU) Enhancements
This commit introduces a new MPU wrapper that places additional
restrictions on unprivileged tasks. The following is the list of changes
introduced with the new MPU wrapper:
1. Opaque and indirectly verifiable integers for kernel object handles:
All the kernel object handles (for example, queue handles) are now
opaque integers. Previously object handles were raw pointers.
2. Saving the task context in Task Control Block (TCB): When a task is
swapped out by the scheduler, the task's context is now saved in its
TCB. Previously the task's context was saved on its stack.
3. Execute system calls on a separate privileged only stack: FreeRTOS
system calls, which execute with elevated privilege, now use a
separate privileged only stack. Previously system calls used the
calling task's stack. The application writer can control the size of
the system call stack using new configSYSTEM_CALL_STACK_SIZE config
macro.
4. Memory bounds checks: FreeRTOS system calls which accept a pointer
and de-reference it, now verify that the calling task has required
permissions to access the memory location referenced by the pointer.
5. System call restrictions: The following system calls are no longer
available to unprivileged tasks:
- vQueueDelete
- xQueueCreateMutex
- xQueueCreateMutexStatic
- xQueueCreateCountingSemaphore
- xQueueCreateCountingSemaphoreStatic
- xQueueGenericCreate
- xQueueGenericCreateStatic
- xQueueCreateSet
- xQueueRemoveFromSet
- xQueueGenericReset
- xTaskCreate
- xTaskCreateStatic
- vTaskDelete
- vTaskPrioritySet
- vTaskSuspendAll
- xTaskResumeAll
- xTaskGetHandle
- xTaskCallApplicationTaskHook
- vTaskList
- vTaskGetRunTimeStats
- xTaskCatchUpTicks
- xEventGroupCreate
- xEventGroupCreateStatic
- vEventGroupDelete
- xStreamBufferGenericCreate
- xStreamBufferGenericCreateStatic
- vStreamBufferDelete
- xStreamBufferReset
Also, an unprivileged task can no longer use vTaskSuspend to suspend
any task other than itself.
We thank the following people for their inputs in these enhancements:
- David Reiss of Meta Platforms, Inc.
- Lan Luo, Xinhui Shao, Yumeng Wei, Zixia Liu, Huaiyu Yan and Zhen Ling
of School of Computer Science and Engineering, Southeast University,
China.
- Xinwen Fu of Department of Computer Science, University of
Massachusetts Lowell, USA.
- Yuequi Chen, Zicheng Wang, Minghao Lin of University of Colorado
Boulder, USA.
|
||
|---|---|---|
| .. | ||
| ARM7_AT91FR40008 | ||
| ARM7_AT91SAM7S | ||
| ARM7_LPC23xx | ||
| ARM7_LPC2000 | ||
| ARM_CA9 | ||
| ARM_CA53_64_BIT | ||
| ARM_CA53_64_BIT_SRE | ||
| ARM_CM0 | ||
| ARM_CM3 | ||
| ARM_CM3_MPU | ||
| ARM_CM4_MPU | ||
| ARM_CM4F | ||
| ARM_CM7 | ||
| ARM_CM23 | ||
| ARM_CM23_NTZ/non_secure | ||
| ARM_CM33 | ||
| ARM_CM33_NTZ/non_secure | ||
| ARM_CM35P | ||
| ARM_CM35P_NTZ/non_secure | ||
| ARM_CM55 | ||
| ARM_CM55_NTZ/non_secure | ||
| ARM_CM85 | ||
| ARM_CM85_NTZ/non_secure | ||
| ARM_CR5 | ||
| ARM_CRx_No_GIC | ||
| ATMega323 | ||
| AVR32_UC3 | ||
| AVR_AVRDx | ||
| AVR_Mega0 | ||
| ColdFire_V2 | ||
| CORTUS_APS3 | ||
| H8S2329 | ||
| HCS12 | ||
| IA32_flat | ||
| MCF5235 | ||
| MicroBlaze | ||
| MicroBlazeV8 | ||
| MicroBlazeV9 | ||
| MSP430F449 | ||
| NiosII | ||
| PPC405_Xilinx | ||
| PPC440_Xilinx | ||
| RISC-V | ||
| RL78 | ||
| RX100 | ||
| RX200 | ||
| RX600 | ||
| RX600v2 | ||
| RX700v3_DPFPU | ||
| STR75x | ||
| TriCore_1782 | ||