- Dumping error messages split from _k_object_validate(), to avoid spam
in test cases that are expected to have failure result.
- _k_object_find() prototype moved to syscall_handler.h
- Clean up k_object_access() implementation to avoid double object
lookup and use single validation function
- Added comments, minor whitespace changes
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
When a peer master performed a PHY update procedure with no
change, the state machine was not released. This blocked
any future local initiation of the procedure and also
leading to termination of connection with reason LMP
response timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Computing the total size of the array need to handle the case where
the product overflow a 32-bit unsigned integer.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Use new _SYSCALL_OBJ/_SYSCALL_OBJ_INIT macros.
Use new _SYSCALL_MEMORY_READ/_SYSCALL_MEMORY_WRITE macros.
Some non-obvious checks changed to use _SYSCALL_VERIFY_MSG.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Instead of boolean arguments to indicate memory read/write
permissions, or init/non-init APIs, new macros are introduced
which bake the semantics directly into the name of the macro.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Expecting stringified expressions to be completely comprehensible to end
users is wishful thinking; we really need to express what a failed
system call verification step means in human terms in most cases.
Memory buffer and kernel object checks now are implemented in terms of
_SYSCALL_VERIFY_MSG.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This API only gets used inside system call handlers and a specific test
case dedicated to it. Move definition to the private kernel header along
with the rest of the defines for system call handlers.
A non-userspace inline variant of this function is unnecessary and has
been deleted.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Userspace is built on top of hardware stack protection and assumes
it is there. We can't enable this unless ARCH_HAS_USERSPACE is defined
anyway.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
On ARM, a zero memory address actually falls within the expected bounds
of kernel memory.
Move the NULL check outside the bounds check, so that kernel objects
with NULL memory addresses in the DWARF info (because gc-sections
discarded them) won't confound the script's logic.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Fixed the usage of NRF_AAR peripheral for controller privacy
to clear events on configure and on every radio ISR entry.
Without this fix, there was spurious AAR matches leading to
controller asserts.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The test should only run on platforms where CONFIG_USERSPACE
dependencies are met.
Remove the whitelist, the filter will capture the right platforms.
Fixes: #4050
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
To avoid making a system call for every character emitted, there is now
a small line buffer if userspace is enabled. The interface to the kernel
is a new system call which takes a sized buffer of console data.
If userspace is not enabled this works like before.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Write-block-size values were filled for nRF5, STM32, QMSI, MCUX and
w25qxxdv devices.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
This path introduce API for retrieving a minimum write-block-size
supported by the flash driver.
This value can differ from the hardware alignment requirement
(as it does for nRF5x).
As the driver has a certain requirement for alignment
when writing, it is necessary to export this value for upper modules
which need to know the write-block-size (for instance, NFFS needs this).
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
There are several issues with the dev_config union used as a
convenience when calling the i2c_configure api. One, the union is well
name spaced protected and doesn't convey use with just i2c. Second
there are assumptions of how the bits might get packed by the union
which can't be guaranteed. Since the API takes a u32_t lets change in
tree uses to using the macros to setup a u32_t and make the union as
deprecated.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
ztest unit tests run on the host system, so provide those empty files to
make it build host tests. Those files are auto-generated and not
available when building unit tests.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
because we do not use ini files anymore, to avoid confusion, rename this
to be yamlfile, which is the format we use for testcases now.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
PHY Update procedure timeout was started without transition
to the state that waits for the procedure to complete. This
prevented the timeout from being reset on successful
completion of the procedure and eventually leading to a
connection termination with reason LMP Response Timeout.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix Connection Parameter Request Procedure's Connection
Update Procedure initiation to calculate the offset rather
than selecting offsets from an out-of-bound memory area.
The symptoms of the bug was noticed as a supervision timeout
due to use of incorrect offset communicated to peer and a
wrong offset used in scheduling the connection events.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
__ZEPHYR_SUPERVISOR__ more accurately represents what this means: that
the code is intended for scenarios when the CPU is expected to be
running in supervisor (privileged) mode. This could be in the kernel or
in the application.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
1. Use compatible "ns16550" to match upstream binding
2. Add reg-shift as optional property to binding yaml
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
pyocd occasionally throws USB timeout exceptions when running in
VirtualBox, and recently added a command-line option to limit the USB
packet count as a workaround. Introduce an environment variable
PYOCD_DAPARG so Zephyr can pass the argument to pyocd. For example:
$ make BOARD=frdm_k64f PYOCD_DAPARG='limit_packets=True' flash
This workound comes with a performance penalty when flashing and
debugging with pyocd, so it should only be used when running pyocd in
VirtualBox.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
The EFM32 Wonder Gecko Starter Kit contains sensors and
peripherals demonstarting the usage of the EFM32WG MCU
family. This patch add basic support for this board.
Signed-off-by: Christian Taedcke <hacking@taedcke.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The Silicon Labs EFM32 Wonder Gecko MCU includes:
* Cortex-M4F core at 48MHz
* up to 256KB of flash and 32KB of RAM
* USB with host and OTG support
* multiple low power peripherals
Signed-off-by: Christian Taedcke <hacking@taedcke.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
The Silicon Labs Gecko SDK provides a set of low-level
header files that give access to different hardware
peripherals of Silabs EXX32 SoCs.
This patch adds build infrastructure files like Makefile
and Kconfig to introduce the Gecko SDK into Zephyr.
Signed-off-by: Christian Taedcke <hacking@taedcke.com>
This includes:
* the Gecko SDK files for the EFM32WG SoCs
* the emlib peripheral driver files
Origin: Silicon Labs Gecko SDK
URL: https://github.com/SiliconLabs/Gecko_SDK
Version: v5.1.2 (SHA: 938464c68e6c3b2237388a692f767bb0767ec010)
Purpose: Add support for Silicon Labs EXX32 SoCs
License: Zlib
Maintained-by: External
To update the Gecko SDK, download the current version from the given URL
and replace the following folders:
* Gecko_SDK/platform/Device/ should replace ext/hal/silabs/gecko/Device/
* Gecko_SDK/platform/emlib/ should replace ext/hal/silabs/gecko/emlib/
Signed-off-by: Christian Taedcke <hacking@taedcke.com>
The old policy was that objects that are not marked as initialized may
be claimed by any thread, user or kernel.
This has some undesirable implications:
- Kernel objects that were initailized at build time via some
_<object name>_INITIALIZER macro, not intended for userspace to ever
use, could be 'stolen' if their memory addresses were figured out and
_k_object_init() was never called on them.
- In general, a malicious thread could initialize all unclaimed objects
it could find, resulting in denial of service for the threads that
these objects were intended for.
Now, performing any operation in user mode on a kernel object,
initialized or not, required that the calling user thread have
permission on it. Such permission would have to be explicitly granted or
inherited from a supervisor thread, as with this change only supervisor
thread will be able to claim uninitialized objects in this way.
If an uninitialized kernel object has permissions granted to multiple
threads, whatever thread actually initializes the object will reset all
permission bits to zero and grant only the calling thread access to that
object.
In other words, granting access to an uninitialized object to several
threads means that "whichever of these threads (or any kernel thread)
who actually initializes this object will obtain exclusive access to
that object, which it then may grant to other threads as it sees fit."
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
stm32f407 SoC is an extension of stm32f405 SoC with additional
support of ethernet and DCMI. Hence, in dts description, this
should be represented by stm32f407.dtsi including stm32f405.dtsi.
The opposite was proposed today in stm32 .dtsi files.
This commit fixes the inclusion model and renames
stm32f407-pinctrl.dtsi into stm32f405-pinctrl.dtsi
Signed-off-by: Erwan Gouriou <erwan.gouriou@linaro.org>
Instead of hard coded 1280 bytes MSS, use the MTU of the link
for MSS. The minimal MSS is still 1280 which is mandated by
IPv6 RFC.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
This patch updates tickless testcase replacing existing support
for Atmel SAM3X with support for the whole Atmel SAM family.
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
When the peer slave rejects a Connection Parameter Request
Procedure, the controller proceeds to perform a Connection
Update Procedure without clearing the procedure timer that
causes the connection to terminate eventually. This is
fixed by clearing the procedure timeout when the Connection
Update Procedure completes.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
If a peer master role has support for Connection Parameter
Request Procedure set in its supported features but would
send an Extended Reject Ind as response to the procedure
then the controller incorrectly initiated a Connection
Update Procedure which is not permitted in a slave role.
This would lead to connection timeout after the used instant
in the invalid Connection Update Procedure.
This is fixed by initiating a Connection Update Procedure
only if in a master role.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This reverts commit a3a57b4db1.
There is _no_ need for any vendor specific gremlin bit anywhere.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If CS (Chip Select, known also as Slave Select...) is managed externaly
of the stm32_ll SPI controller, just config NSS line management
accordingly.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Supports both master and slave mode, standard and fast modes,
configurable timeouts, and a few other tunable settings.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Also provide their prototypes in `soc.h`. This should help
readability, since some ROM functions, with their names as provided by
Espressif, have sometimes the same prefix as Zephyr APIs.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Configuring an open drain driver is required by the I2C driver,
but the GPIO driver didn't support setting the drive strength.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
PINMUX_FUNC_A is set to 0, which coincides with the GPIO function in
many of the ESP32 pins. Use PIN_FUNC_GPIO by default inside the
GPIO driver, however, so the correct function is always selected.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>