This patch integrates the thread stack guard feature in the arm
Zephyr core.
Change-Id: I2022899cbc7a340be71cfaa52f79418292f93bae
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch adds the arm core MPU implementation.
This implementation currently supports the thread stack guard feature.
Change-Id: I8b3795ebaf1ebad38aaddc2ed2f05535ead2c09a
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch add arm core MPU support to ARM MPU driver.
Change-Id: I5a61da4615ae687bf42f1c9947e291ebfd2d2c1d
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch adds the arm core MPU interface, a common way to access the
pu functionalities by the arm zephyr kernel.
The interface can be divided in two parts:
- a core part that will be implemented by the arm_core_mpu driver and
used directly by the kernel
- a driver part that will be implemented by the mpu drivers and used by
the arm_core_mpu driver
Change-Id: I590bd284abc40d98b06fdf1efb5800903313aa00
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch adds initial MPU support to NXP K6x family.
The boot configuration prevents the following security issues:
* Prevent to read at an address that is reserved in the memory map.
* Prevent to write into the boot Flash/ROM.
* Prevent from running code located in SRAM.
This driver has been tested on FRDM-K64F.
Change-Id: I907168fff0c6028f1c665f1d3c224cbeec31be32
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
Now that all ARM platforms have a device tree we can move selecting of
HAS_DTS up and remove any !HAS_DTS cases, as well as setting in all the
defconfigs.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This places a sentinel value at the lowest 4 bytes of a stack
memory region and checks it at various intervals, including when
servicing interrupts or context switching.
This is implemented on all arches except ARC, which supports stack
bounds checking directly in hardware.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Unline k_thread_spawn(), the struct k_thread can live anywhere and not
in the thread's stack region. This will be useful for memory protection
scenarios where private kernel structures for a thread are not
accessible by that thread, or we want to allow the thread to use all the
stack space we gave it.
This requires a change to the internal _new_thread() API as we need to
provide a separate pointer for the k_thread.
By default, we still create internal threads with the k_thread in stack
memory. Forthcoming patches will change this, but we first need to make
it easier to define k_thread memory of variable size depending on
whether we need to store coprocessor state or not.
Change-Id: I533bbcf317833ba67a771b356b6bbc6596bf60f5
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Adds event based scheduling logic to the kernel. Updates
management of timeouts, timers, idling etc. based on
time tracked at events rather than periodic ticks. Provides
interfaces for timers to announce and get next timer expiry
based on kernel scheduling decisions involving time slicing
of threads, timeouts and idling. Uses wall time units instead
of ticks in all scheduling activities.
The implementation involves changes in the following areas
1. Management of time in wall units like ms/us instead of ticks
The existing implementation already had an option to configure
number of ticks in a second. The new implementation builds on
top of that feature and provides option to set the size of the
scheduling granurality to mili seconds or micro seconds. This
allows most of the current implementation to be reused. Due to
this re-use and co-existence with tick based kernel, the names
of variables may contain the word "tick". However, in the
tickless kernel implementation, it represents the currently
configured time unit, which would be be mili seconds or
micro seconds. The APIs that take time as a parameter are not
impacted and they continue to pass time in mili seconds.
2. Timers would not be programmed in periodic mode
generating ticks. Instead they would be programmed in one
shot mode to generate events at the time the kernel scheduler
needs to gain control for its scheduling activities like
timers, timeouts, time slicing, idling etc.
3. The scheduler provides interfaces that the timer drivers
use to announce elapsed time and get the next time the scheduler
needs a timer event. It is possible that the scheduler may not
need another timer event, in which case the system would wait
for a non-timer event to wake it up if it is idling.
4. New APIs are defined to be implemented by timer drivers. Also
they need to handler timer events differently. These changes
have been done in the HPET timer driver. In future other timers
that support tickles kernel should implement these APIs as well.
These APIs are to re-program the timer, update and announce
elapsed time.
5. Philosopher and timer_api applications have been enabled to
test tickless kernel. Separate configuration files are created
which define the necessary CONFIG flags. Run these apps using
following command
make pristine && make BOARD=qemu_x86 CONF_FILE=prj_tickless.conf qemu
Jira: ZEP-339 ZEP-1946 ZEP-948
Change-Id: I7d950c31bf1ff929a9066fad42c2f0559a2e5983
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
Future tickless kernel patches would be inserting some
code before call to Swap. To enable this it will create
a mcro named as the current _Swap which would call first
the tickless kernel code and then call the real __swap()
Jira: ZEP-339
Change-Id: Id778bfcee4f88982c958fcf22d7f04deb4bd572f
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
This patch adds initial MPU support to ARM Beetle.
The boot configuration prevents the following security issues:
* Prevent to read at an address that is reserved in the memory map.
* Prevent to write into the boot Flash/ROM.
* Prevent from running code located in SRAM.
Change-Id: I64f1001369896fffb0647de6be605a95161c4695
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch adds an initial driver for the ARM MPU.
This driver has been tested on ARM Beetle and STM32F4.
Change-Id: I2bc4031961ec5a1d569929249237646f4a349f16
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This patch add the Memory Protection Unit parameter to the arm core
configuration.
Change-Id: Ifee8cdd5738391a6f182e8d0382d27eeb8c546ba
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
Signed-off-by: Marc Moreno <marc.morenoberengue@linaro.org>
Put the reason code in r0 and make a SVC #2 call, which will be
propagated to _fatal_error_handler as an exception.
The _is_in_isr() implementation had to be tweaked a bit. User-generated
SVC exception no longer just used for irq_offload(); just because we are
in it does not mean we are in interrupt context. Instead, have the
irq_offload code set and clear the offload_routine global; it will be
non-NULL only if it's in use. Upcoming changes to support memory
protection (which will require system calls) will need this too.
We free up some small amount of ROM deleting _default_esf struct as it's
no longer needed.
Issue: ZEP-843
Change-Id: Ie82bd708575934cffe41e64f5c128c8704ca4e48
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Unlike assertions, these APIs are active at all times. The kernel will
treat these errors in the same way as fatal CPU exceptions. Ultimately,
the policy of what to do with these errors is implemented in
_SysFatalErrorHandler.
If the archtecture supports it, a real CPU exception can be triggered
which will provide a complete register dump and PC value when the
problem occurs. This will provide more helpful information than a fake
exception stack frame (_default_esf) passed to the arch-specific exception
handling code.
Issue: ZEP-843
Change-Id: I8f136905c05bb84772e1c5ed53b8e920d24eb6fd
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
For exceptions where we are just going to abort the current thread, we
need to exit handler mode properly so that PendSV can run and perform a
context switch. For ARM architecture this means that the fatal error
handling code path can indeed return if we were 1) in handler mode and
2) only wish to abort the current thread.
Fixes a very long-standing bug where a thread that generates an
exception, and should only abort the thread, instead takes down the
entire system.
Issue: ZEP-2052
Change-Id: Ib356a34a6fda2e0f8aff39c4b3270efceb81e54d
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We do the same thing on all arch's right now for thread_monitor_init so
lets put it in a common place. This also should fix an issue on xtensa
when thread monitor can be enabled (reference to _nanokernel.threads).
Change-Id: If2f26c1578aa1f18565a530de4880ae7bd5a0da2
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
We do a bit of the same stuff on all the arch's to setup a new thread.
So lets put that code in a common place so we unify it for everyone and
reduce some duplicated code.
Change-Id: Ic04121bfd6846aece16aa7ffd4382bdcdb6136e3
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
There are a few places that we used an naked unsigned type, lets be
explicit and make it 'unsigned int'.
Change-Id: I33fcbdec4a6a1c0b1a2defb9a5844d282d02d80e
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types. This handles the remaining includes and kernel, plus
touching up various points that we skipped because of include
dependancies. We also convert the PRI printf formatters in the arch
code over to normal formatters.
Jira: ZEP-2051
Change-Id: Iecbb12601a3ee4ea936fd7ddea37788a645b08b0
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types. There are few places we dont convert over to the new
types because of compatiability with ext/HALs or for ease of transition
at this point. Fixup a few of the PRI formatters so we build with newlib.
Jira: ZEP-2051
Change-Id: I7d2d3697cad04f20aaa8f6e77228f502cd9c8286
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is a start to move away from the C99 {u}int{8,16,32,64}_t types to
Zephyr defined u{8,16,32,64}_t and s{8,16,32,64}_t. This allows Zephyr
to define the sized types in a consistent manor across all the
architectures we support and not conflict with what various compilers
and libc might do with regards to the C99 types.
We introduce <zephyr/types.h> as part of this and have it include
<stdint.h> for now until we transition all the code away from the C99
types.
We go with u{8,16,32,64}_t and s{8,16,32,64}_t as there are some
existing variables defined u8 & u16 as well as to be consistent with
Zephyr naming conventions.
Jira: ZEP-2051
Change-Id: I451fed0623b029d65866622e478225dfab2c0ca8
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Fix doxygen comment typos used to generate API docs
Change-Id: I94df2e3a2bda248824ed2aeff3dd0eb743f0bf3e
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Instead of FLASH_LOAD_OFFSET being something specific to cortex-m, add
it generally to misc/Kconfig, along with a hidden config
HAS_LOAD_OFFSET which can be selected by the architectures as they add
support for the functionality.
Change-Id: I256ff8cf4e9b8493b26354c3b93fe1f7017d4887
Signed-off-by: David Brown <david.brown@linaro.org>
This patch updates the ARM core to use struct k_thread instead of struct
tcs. Struct tcs has been deprecated with Zephyr 1.6.
Change-Id: I1219add0bbcca4b963ffe02cd4519eca355c7719
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@linaro.org>
This directory now handles all of Cortex-M0, Cortex-M3/M4. So, just
consistently use "Cortex-M" (as used by number of files already)
without refering to a particular subarch. Also, consistently (letter
casing) spell it as "Cortex-M". A typo is fixed too.
Change-Id: I42ee09abc9a503381bca4ae437c83a8f48816ebc
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Currently, ARM Cortex-M image ROMs are linked starting at the flash
device's base address (CONFIG_FLASH_BASE_ADDRESS). This prevents XIP
Zephyr applications from being linked to run from elsewhere on the
flash device. Linking Zephyr applications to run from elsewhere can be
necessary when running under a bootloader (i.e., booting into a Zephyr
application from a bootloader, not using Zephyr as a bootloader).
To enable this use case, add a new config option: FLASH_LOAD_OFFSET.
This option directs the linker to treat ROM as if it started that many
bytes from the base of flash on Cortex-M targets. The option defaults
to zero to preserve backwards compatibility.
Change-Id: I64f82aee257c19c2451f9789b0ab56999775b761
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
This replaces the hard-coded vector table, as well as the
software ISR table created by the linker. Now both are generated
in build via script.
Issue: ZEP-1038, ZEP-1165
Change-Id: Ie6faaf8f7ea3a7a25ecb542f6cf7740836ad7da3
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This patch moves the include for the generated_dts_board.h inside of
the include/arch/arm/arch.h file. This was done to simplify the
includes required for files. Only two files will include the dts
generated include file directly: arch.h and the linker.ld
Change-Id: I2614f4fd4eeed2ab635a3264d7dac8b83f97b760
Signed-off-by: Andy Gross <andy.gross@linaro.org>
We now use CMSIS for ARM Cortex-M SoCs so we can remove the last bits of
scs and scb.
Jira: ZEP-1568
Change-Id: I0c7c45b0321dc402ed594e9faffb5109922edcf0
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Coverted:
_ScbMemFaultMmfarReset
_ScbBusFaultBfarReset
_ScbUsageFaultAllFaultsReset
To use direct CMSIS register access.
Also removed scb.h and references as there is no longer any code in it.
Jira: ZEP-1568
Change-Id: I469f6af39d1bd41db712454b0b3e5ab331979033
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Converted access to CFSR MMFSR, BFSR, and UFSR to use direct CMSIS
register access when printing out the values of those registers.
Jira: ZEP-1568
Change-Id: I7969bb81346327637140ec23d91422a6bfaef032
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Coverted:
_ScbBusFaultAddrGet
_ScbMemFaultAddrGet
To use direct CMSIS register access
Jira: ZEP-1568
Change-Id: Ic49b3ac3fc4fb63d413f273569c77f6539e4e572
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This patch adds support for using device tree configuration files for
configuring ARM platforms.
In this patch, only the FLASH_SIZE, SRAM_SIZE, NUM_IRQS, and
NUM_IRQ_PRIO_BITS were removed from the Kconfig options. A minimal set
of options were removed so that it would be easier to work through the
plumbing of the build system.
It should be noted that the host system must provide access to the
device tree compiler (DTC). The DTC can usually be installed on host
systems through distribution packages or by downloading and compiling
from https://git.kernel.org/pub/scm/utils/dtc/dtc.git
This patch also requires the Python yaml package.
This change implements parts of each of the following Jira:
ZEP-1304
ZEP-1305
ZEP-1306
ZEP-1307
ZEP-1589
Change-Id: If1403801e19d9d85031401b55308935dadf8c9d8
Signed-off-by: Andy Gross <andy.gross@linaro.org>
The entry point specified in the elf file should always point to
executable code, and not to the interrupt vector table. Pointing to the
vector table as the entry point in the elf file presents problems with
running the kernel against a debugger as the debugger starts the program
counter at the top of the interrupt vector table.
Change-Id: I76051f6e99a44bab72936670bead5fb8191a6ec7
Signed-off-by: Tim Nordell <tim.nordell@nimbelink.com>
As cpu_idle.S is the only bit of code that is using the SCB asm defines,
so to allow us to remove scb.h in the future lets move the defines that
are used just into cpu_idle.S
Jira: ZEP-1568
Change-Id: I3c3a6f145ec4c1a43f076d079d5fe1694c255b78
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Kill of nvic.h and use either CMSIS helper functions for NVIC or direct
NVIC register access via CMSIS for IRQ handling code.
Jira: ZEP-1568
Change-Id: If21910b9293121efe85c3c9076a1c2b475ef91ef
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This avoids asm files from having to explicitly define the _ASMLANGUAGE
symbol themselves.
Change-Id: I71f5a169f75d7443a58a0365a41c55b20dae3029
Signed-off-by: Benjamin Walsh <walsh.benj@gmail.com>
Vincenzo Frascino