merge with upstream 10.5.0 #2
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…() to compile time checks in FreeRTOS.h. Co-authored-by: Paul Bartell <[email protected]>
Co-authored-by: Aniruddha Kanhere <[email protected]>
Fixes warnings about unused parameters and variables when built with `-Wall -Wextra`.
Misra rule 20.7 requires parenthesis to all parameter names in macro definitions. The issue was reported here : https://forums.freertos.org/t/misra-20-7-compatibility/15385
This allows the application write to set FREERTOS_CONFIG_FILE_DIRECTORY to whichever directory the FreeRTOSConfig.h file exists in. This was reported here - #545 Signed-off-by: Gaurav Aggarwal <[email protected]>
* fix type for pointers operations in some places: size_t -> portPOINTER_SIZE_TYPE * fix pointer arithmetics * fix xAddress type
Co-authored-by: Joseph Julicher <[email protected]>
Added checks for ( xIndex >= 0 ) in ThreadLocalStorage APIs
* Update of three badly terminated macro definitions
- vTaskDelayUntil() to conform to usual pattern do { ... } while(0)
- vTaskNotifyGiveFromISR() and
- vTaskGenericNotifyGiveFromISR() to remove extra terminating semicolons
- This PR addresses issues #553 and #554
* Adjust formatting of task.h
Co-authored-by: Paul Bartell <[email protected]>
* Extend support to Arm Cortex-M85 Signed-off-by: Gabor Toth <[email protected]> Change-Id: I679ba8e193638126b683b651513f08df445f9fe6 * Add generated Cortex-M85 support files Signed-off-by: Gabor Toth <[email protected]> Change-Id: Ib329d88623c2936ffe3e9a24f5d6e07655e4e5c8 * Extend Trusted Firmware M port Extend Trusted Firmware M port to Cortex-M23, Cortex-M55 and Cortex-M85. Signed-off-by: Gabor Toth <[email protected]> Change-Id: If8f1081acfd04e547b3227579e70e355a6adffe3 * Re-run copy_files.py script Signed-off-by: Gaurav Aggarwal <[email protected]> Signed-off-by: Gabor Toth <[email protected]> Signed-off-by: Gaurav Aggarwal <[email protected]> Co-authored-by: Gaurav-Aggarwal-AWS <[email protected]> Co-authored-by: Gaurav Aggarwal <[email protected]>
Replace "import" with "include" in cmake code sample.
* Annotate ports CMakeLists.txt with port details * CMake: Add Cortex-M55 and Cortex-M85 ports
ARMv7-M allows overlapping MPU regions. When 2 MPU regions overlap, the MPU configuration of the higher numbered MPU region is applied. For example, if a memory area is covered by 2 MPU regions 0 and 1, the memory permissions for MPU region 1 are applied. We use 5 MPU regions for kernel code and kernel data protections and leave the remaining for the application writer. We were using lowest numbered MPU regions (0-4) for kernel protections and leaving the remaining for the application writer. The application writer could configure those higher numbered MPU regions to override kernel protections. This commit changes the code to use highest numbered MPU regions for kernel protections and leave the remaining for the application writer. This ensures that the application writer cannot override kernel protections. We thank the SecLab team at Northeastern University for reporting this issue. Signed-off-by: Gaurav Aggarwal <[email protected]>
This commit makes the privileged RAM and stack regions non-executable. Signed-off-by: Gaurav Aggarwal <[email protected]>
It was possible for a third party that had already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. This commit removes the local stack variable `xRunningPrivileged` so that a manually crafted stack frame cannot be used for privilege escalation by branching directly inside a FreeRTOS MPU API wrapper. We thank Certibit Consulting, LLC, Huazhong University of Science and Technology and the SecLab team at Northeastern University for reporting this issue. Signed-off-by: Gaurav Aggarwal <[email protected]>
It was possible for an unprivileged task to invoke any function with privilege by passing it as a parameter to MPU_xTaskCreate, MPU_xTaskCreateStatic, MPU_xTimerCreate, MPU_xTimerCreateStatic, or MPU_xTimerPendFunctionCall. This commit ensures that MPU_xTaskCreate and MPU_xTaskCreateStatic can only create unprivileged tasks. It also removes the following APIs: 1. MPU_xTimerCreate 2. MPU_xTimerCreateStatic 3. MPU_xTimerPendFunctionCall We thank Huazhong University of Science and Technology for reporting this issue. Signed-off-by: Gaurav Aggarwal <[email protected]>
Signed-off-by: Gaurav Aggarwal <[email protected]>
Signed-off-by: Gaurav Aggarwal <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Test Steps
Related Issue
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.