7iwind/threadx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Release 6.1.10

Browse Source
This commit is contained in:
Yuxin Zhou
2022-01-29 00:24:03 +00:00
parent b216ceb25e
commit f7f0957188
3111 changed files with 495735 additions and 40800 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ports/cortex_m33/gnu/src/tx_initialize_low_level.S
View File

@@ -34,7 +34,7 @@ HEAP_SIZE = 0x00000000
/* FUNCTION RELEASE */
/* */
/* _tx_initialize_low_level Cortex-M33/GNU */
/* 6.1 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -68,6 +68,8 @@ HEAP_SIZE = 0x00000000
/* DATE NAME DESCRIPTION */
/* */
/* 09-30-2020 Scott Larson Initial Version 6.1 */
/* 01-31-2022 Scott Larson Fixed predefined macro name, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
// VOID _tx_initialize_low_level(VOID)
@@ -218,7 +220,7 @@ _unhandled_usage_loop:
// Handle stack overflow
STR r1, [r0] // Clear CFSR flag(s)
#ifdef __ARM_PCS_VFP
#ifdef __ARM_FP
LDR r0, =0xE000EF34 // Cleanup FPU context: Load FPCCR address
LDR r1, [r0] // Load FPCCR
BIC r1, r1, #1 // Clear the lazy preservation active bit

10
ports/cortex_m33/gnu/src/tx_thread_schedule.S
View File

@@ -26,7 +26,7 @@
/* FUNCTION RELEASE */
/* */
/* _tx_thread_schedule Cortex-M33/GNU */
/* 6.1.6 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -65,6 +65,8 @@
/* 06-02-2021 Scott Larson Added secure stack initialize */
/* in SVC handler, */
/* resulting in version 6.1.7 */
/* 01-31-2022 Scott Larson Fixed predefined macro name, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
// VOID _tx_thread_schedule(VOID)
@@ -86,7 +88,7 @@ _tx_thread_schedule:
LDR r2, =_tx_thread_preempt_disable // Build address of preempt disable flag
STR r0, [r2, #0] // Clear preempt disable flag
#ifdef __ARM_PCS_VFP
#ifdef __ARM_FP
/* Clear CONTROL.FPCA bit so VFP registers aren't unnecessarily stacked. */
MRS r0, CONTROL // Pickup current CONTROL register
BIC r0, r0, #4 // Clear the FPCA bit
@@ -145,7 +147,7 @@ __tx_ts_handler:
STR r3, [r0] // Set _tx_thread_current_ptr to NULL
MRS r12, PSP // Pickup PSP pointer (thread's stack pointer)
STMDB r12!, {r4-r11} // Save its remaining registers
#ifdef __ARM_PCS_VFP
#ifdef __ARM_FP
TST LR, #0x10 // Determine if the VFP extended frame is present
BNE _skip_vfp_save
VSTMDB r12!,{s16-s31} // Yes, save additional VFP registers
@@ -230,7 +232,7 @@ _skip_secure_restore:
MSR PSPLIM, r12 // Set stack limit
LDR r12, [r1, #8] // Pickup thread's stack pointer
LDMIA r12!, {LR} // Pickup LR
#ifdef __ARM_PCS_VFP
#ifdef __ARM_FP
TST LR, #0x10 // Determine if the VFP extended frame is present
BNE _skip_vfp_restore // If not, skip VFP restore
VLDMIA r12!, {s16-s31} // Yes, restore additional VFP registers

213
ports/cortex_m33/gnu/src/tx_thread_secure_stack.c
View File

@@ -23,7 +23,7 @@
#include "tx_api.h"
/* If TX_SINGLE_MODE_SECURE or TX_SINGLE_MODE_NON_SECURE is defined,
/* If TX_SINGLE_MODE_SECURE or TX_SINGLE_MODE_NON_SECURE is defined,
no secure stack functionality is needed. */
#if !defined(TX_SINGLE_MODE_SECURE) && !defined(TX_SINGLE_MODE_NON_SECURE)
@@ -44,8 +44,14 @@
#define TX_THREAD_STACK_SEAL_SIZE 8
#define TX_THREAD_STACK_SEAL_VALUE 0xFEF5EDA5
/* Secure stack info struct to hold stack start, stack limit,
current stack pointer, and pointer to owning thread.
/* max number of Secure context */
#ifndef TX_MAX_SECURE_CONTEXTS
#define TX_MAX_SECURE_CONTEXTS 32
#endif
#define TX_INVALID_SECURE_CONTEXT_IDX (-1)
/* Secure stack info struct to hold stack start, stack limit,
current stack pointer, and pointer to owning thread.
This will be allocated for each thread with a secure stack. */
typedef struct TX_THREAD_SECURE_STACK_INFO_STRUCT
{
@@ -53,8 +59,14 @@ typedef struct TX_THREAD_SECURE_STACK_INFO_STRUCT
VOID *tx_thread_secure_stack_start; /* Thread's secure stack start address */
VOID *tx_thread_secure_stack_limit; /* Thread's secure stack limit */
TX_THREAD *tx_thread_ptr; /* Keep track of thread for error handling */
INT tx_next_free_index; /* Next free index of free secure context */
} TX_THREAD_SECURE_STACK_INFO;
/* Static secure contexts */
static TX_THREAD_SECURE_STACK_INFO tx_thread_secure_context[TX_MAX_SECURE_CONTEXTS];
/* Head of free secure context */
static INT tx_head_free_index = 0U;
/**************************************************************************/
@@ -62,7 +74,7 @@ typedef struct TX_THREAD_SECURE_STACK_INFO_STRUCT
/* FUNCTION RELEASE */
/* */
/* _tx_thread_secure_mode_stack_initialize Cortex-M33/GNU */
/* 6.1.7 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -98,6 +110,9 @@ typedef struct TX_THREAD_SECURE_STACK_INFO_STRUCT
/* handler mode, */
/* disable optimizations, */
/* resulting in version 6.1.7 */
/* 01-31-2022 Himanshu Gupta Modified comments(s), updated */
/* secure stack allocation, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
__attribute__((cmse_nonsecure_entry, optimize(0)))
@@ -106,6 +121,7 @@ UINT _tx_thread_secure_mode_stack_initialize(void)
UINT status;
ULONG control;
ULONG ipsr;
INT index;
/* Make sure function is called from interrupt (threads should not call). */
asm volatile("MRS %0, IPSR" : "=r" (ipsr)); /* Get IPSR register. */
@@ -119,12 +135,26 @@ ULONG ipsr;
asm volatile("MRS %0, CONTROL" : "=r" (control)); /* Get CONTROL register. */
control |= 2; /* Use PSP. */
asm volatile("MSR CONTROL, %0" :: "r" (control)); /* Set CONTROL register. */
/* Set process stack pointer and stack limit to 0 to throw exception when a thread
without a secure stack calls a secure function that tries to use secure stack. */
asm volatile("MSR PSPLIM, %0" :: "r" (0));
asm volatile("MSR PSP, %0" :: "r" (0));
for (index = 0; index < TX_MAX_SECURE_CONTEXTS; index++)
{
/* Check last index and mark next free to invalid index */
if(index == (TX_MAX_SECURE_CONTEXTS - 1))
{
tx_thread_secure_context[index].tx_next_free_index = TX_INVALID_SECURE_CONTEXT_IDX;
}
else
{
tx_thread_secure_context[index].tx_next_free_index = index + 1;
}
}
status = TX_SUCCESS;
}
return status;
@@ -137,7 +167,7 @@ ULONG ipsr;
/* FUNCTION RELEASE */
/* */
/* _tx_thread_secure_mode_stack_allocate Cortex-M33/GNU */
/* 6.1.1 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -160,9 +190,7 @@ ULONG ipsr;
/* */
/* CALLS */
/* */
/* calloc Compiler's calloc function */
/* malloc Compiler's malloc function */
/* free Compiler's free() function */
/* */
/* CALLED BY */
/* */
@@ -176,6 +204,9 @@ ULONG ipsr;
/* 10-16-2020 Scott Larson Modified comment(s), */
/* added stack sealing, */
/* resulting in version 6.1.1 */
/* 01-31-2022 Himanshu Gupta Modified comments(s), updated */
/* secure stack allocation, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
__attribute__((cmse_nonsecure_entry))
@@ -186,9 +217,10 @@ TX_THREAD_SECURE_STACK_INFO *info_ptr;
UCHAR *stack_mem;
ULONG ipsr;
ULONG psplim_ns;
INT secure_context_index;
status = TX_SUCCESS;
/* Make sure function is called from interrupt (threads should not call). */
asm volatile("MRS %0, IPSR" : "=r" (ipsr)); /* Get IPSR register. */
if (ipsr == 0)
@@ -199,23 +231,38 @@ ULONG psplim_ns;
{
status = TX_SIZE_ERROR;
}
/* Check if thread already has secure stack allocated. */
else if (thread_ptr -> tx_thread_secure_stack_context != 0)
{
status = TX_THREAD_ERROR;
}
else
{
/* Allocate space for secure stack info. */
info_ptr = calloc(1, sizeof(TX_THREAD_SECURE_STACK_INFO));
if(info_ptr != TX_NULL)
TX_DISABLE
/* Allocate free index for secure stack info. */
if(tx_head_free_index != TX_INVALID_SECURE_CONTEXT_IDX)
{
secure_context_index = tx_head_free_index;
tx_head_free_index = tx_thread_secure_context[tx_head_free_index].tx_next_free_index;
tx_thread_secure_context[secure_context_index].tx_next_free_index = TX_INVALID_SECURE_CONTEXT_IDX;
}
else
{
secure_context_index = TX_INVALID_SECURE_CONTEXT_IDX;
}
TX_RESTORE
if(secure_context_index != TX_INVALID_SECURE_CONTEXT_IDX)
{
info_ptr = &tx_thread_secure_context[secure_context_index];
/* If stack info allocated, allocate a stack & seal. */
stack_mem = malloc(stack_size + TX_THREAD_STACK_SEAL_SIZE);
if(stack_mem != TX_NULL)
{
/* Secure stack has been allocated, save in the stack info struct. */
@@ -223,13 +270,13 @@ ULONG psplim_ns;
info_ptr -> tx_thread_secure_stack_start = stack_mem + stack_size;
info_ptr -> tx_thread_secure_stack_ptr = info_ptr -> tx_thread_secure_stack_start;
info_ptr -> tx_thread_ptr = thread_ptr;
/* Seal bottom of stack. */
*(ULONG*)info_ptr -> tx_thread_secure_stack_start = TX_THREAD_STACK_SEAL_VALUE;
/* Save info pointer in thread. */
thread_ptr -> tx_thread_secure_stack_context = info_ptr;
/* Save secure context id (i.e non-zero base index) in thread. */
thread_ptr -> tx_thread_secure_stack_context = (VOID *)(secure_context_index + 1);
/* Check if this thread is running by looking at its stack start and PSPLIM_NS */
asm volatile("MRS %0, PSPLIM_NS" : "=r" (psplim_ns)); /* Get PSPLIM_NS register. */
if(((ULONG) thread_ptr -> tx_thread_stack_start & 0xFFFFFFF8) == psplim_ns)
@@ -239,21 +286,26 @@ ULONG psplim_ns;
asm volatile("MSR PSP, %0" :: "r" ((ULONG)(info_ptr -> tx_thread_secure_stack_ptr)));
}
}
else
{
TX_DISABLE
/* Stack not allocated, free the info struct. */
free(info_ptr);
tx_thread_secure_context[secure_context_index].tx_next_free_index = tx_head_free_index;
tx_head_free_index = secure_context_index;
TX_RESTORE
status = TX_NO_MEMORY;
}
}
else
{
status = TX_NO_MEMORY;
}
}
return(status);
}
@@ -264,7 +316,7 @@ ULONG psplim_ns;
/* FUNCTION RELEASE */
/* */
/* _tx_thread_secure_mode_stack_free Cortex-M33/GNU */
/* 6.1.1 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -298,46 +350,67 @@ ULONG psplim_ns;
/* 09-30-2020 Scott Larson Initial Version 6.1 */
/* 10-16-2020 Scott Larson Modified comment(s), */
/* resulting in version 6.1.1 */
/* 01-31-2022 Himanshu Gupta Modified comments(s), updated */
/* secure stack allocation, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
__attribute__((cmse_nonsecure_entry))
UINT _tx_thread_secure_mode_stack_free(TX_THREAD *thread_ptr)
{
TX_INTERRUPT_SAVE_AREA
UINT status;
TX_THREAD_SECURE_STACK_INFO *info_ptr;
ULONG ipsr;
INT secure_context_index;
status = TX_SUCCESS;
/* Pickup stack info from thread. */
info_ptr = thread_ptr -> tx_thread_secure_stack_context;
/* Pickup stack info id from thread. */
secure_context_index = (INT)thread_ptr -> tx_thread_secure_stack_context - 1;
/* Make sure function is called from interrupt (threads should not call). */
asm volatile("MRS %0, IPSR" : "=r" (ipsr)); /* Get IPSR register. */
if (ipsr == 0)
{
status = TX_CALLER_ERROR;
}
/* Check that this secure context is for this thread. */
else if (info_ptr -> tx_thread_ptr != thread_ptr)
/* Check if secure context index is in valid range. */
else if (secure_context_index < 0 || secure_context_index >= TX_MAX_SECURE_CONTEXTS)
{
status = TX_THREAD_ERROR;
}
else
{
/* Free secure stack. */
free(info_ptr -> tx_thread_secure_stack_limit);
/* Free info struct. */
free(info_ptr);
/* Clear secure context from thread. */
thread_ptr -> tx_thread_secure_stack_context = 0;
/* Pickup stack info from static array of secure contexts. */
info_ptr = &tx_thread_secure_context[secure_context_index];
/* Check that this secure context is for this thread. */
if (info_ptr -> tx_thread_ptr != thread_ptr)
{
status = TX_THREAD_ERROR;
}
else
{
/* Free secure stack. */
free(info_ptr -> tx_thread_secure_stack_limit);
TX_DISABLE
/* Free info struct. */
tx_thread_secure_context[secure_context_index].tx_next_free_index = tx_head_free_index;
tx_head_free_index = secure_context_index;
TX_RESTORE
/* Clear secure context from thread. */
thread_ptr -> tx_thread_secure_stack_context = 0;
}
}
return(status);
}
@@ -348,7 +421,7 @@ ULONG ipsr;
/* FUNCTION RELEASE */
/* */
/* _tx_thread_secure_stack_context_save Cortex-M33/GNU */
/* 6.1.7 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -382,6 +455,9 @@ ULONG ipsr;
/* resulting in version 6.1.1 */
/* 06-02-2021 Scott Larson Fix stack pointer save, */
/* resulting in version 6.1.7 */
/* 01-31-2022 Himanshu Gupta Modified comments(s), updated */
/* secure stack allocation, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
__attribute__((cmse_nonsecure_entry))
@@ -390,6 +466,7 @@ void _tx_thread_secure_stack_context_save(TX_THREAD *thread_ptr)
TX_THREAD_SECURE_STACK_INFO *info_ptr;
ULONG sp;
ULONG ipsr;
INT secure_context_index = (INT)thread_ptr -> tx_thread_secure_stack_context - 1;
/* This function should be called from scheduler only. */
asm volatile("MRS %0, IPSR" : "=r" (ipsr)); /* Get IPSR register. */
@@ -397,32 +474,38 @@ ULONG ipsr;
{
return;
}
/* Check if secure context index is in valid range. */
else if (secure_context_index < 0 || secure_context_index >= TX_MAX_SECURE_CONTEXTS)
{
return;
}
/* Pickup the secure context pointer. */
info_ptr = (TX_THREAD_SECURE_STACK_INFO *)(thread_ptr -> tx_thread_secure_stack_context);
info_ptr = &tx_thread_secure_context[secure_context_index];
/* Check that this secure context is for this thread. */
if (info_ptr -> tx_thread_ptr != thread_ptr)
{
return;
}
/* Check that stack pointer is in range */
asm volatile("MRS %0, PSP" : "=r" (sp)); /* Get PSP register. */
if ((sp < (ULONG)info_ptr -> tx_thread_secure_stack_limit) ||
if ((sp < (ULONG)info_ptr -> tx_thread_secure_stack_limit) ||
(sp > (ULONG)info_ptr -> tx_thread_secure_stack_start))
{
return;
}
/* Save stack pointer. */
info_ptr -> tx_thread_secure_stack_ptr = (VOID *) sp;
/* Set process stack pointer and stack limit to 0 to throw exception when a thread
without a secure stack calls a secure function that tries to use secure stack. */
asm volatile("MSR PSPLIM, %0" :: "r" (0));
asm volatile("MSR PSP, %0" :: "r" (0));
return;
}
@@ -433,7 +516,7 @@ ULONG ipsr;
/* FUNCTION RELEASE */
/* */
/* _tx_thread_secure_stack_context_restore Cortex-M33/GNU */
/* 6.1.1 */
/* 6.1.10 */
/* AUTHOR */
/* */
/* Scott Larson, Microsoft Corporation */
@@ -465,6 +548,9 @@ ULONG ipsr;
/* 09-30-2020 Scott Larson Initial Version 6.1 */
/* 10-16-2020 Scott Larson Modified comment(s), */
/* resulting in version 6.1.1 */
/* 01-31-2022 Himanshu Gupta Modified comments(s), updated */
/* secure stack allocation, */
/* resulting in version 6.1.10 */
/* */
/**************************************************************************/
__attribute__((cmse_nonsecure_entry))
@@ -472,6 +558,7 @@ void _tx_thread_secure_stack_context_restore(TX_THREAD *thread_ptr)
{
TX_THREAD_SECURE_STACK_INFO *info_ptr;
ULONG ipsr;
INT secure_context_index = (INT)thread_ptr -> tx_thread_secure_stack_context - 1;
/* This function should be called from scheduler only. */
asm volatile("MRS %0, IPSR" : "=r" (ipsr)); /* Get IPSR register. */
@@ -479,20 +566,26 @@ ULONG ipsr;
{
return;
}
/* Check if secure context index is in valid range. */
else if (secure_context_index < 0 || secure_context_index >= TX_MAX_SECURE_CONTEXTS)
{
return;
}
/* Pickup the secure context pointer. */
info_ptr = (TX_THREAD_SECURE_STACK_INFO *)(thread_ptr -> tx_thread_secure_stack_context);
info_ptr = &tx_thread_secure_context[secure_context_index];
/* Check that this secure context is for this thread. */
if (info_ptr -> tx_thread_ptr != thread_ptr)
{
return;
}
/* Set stack pointer and limit. */
asm volatile("MSR PSPLIM, %0" :: "r" ((ULONG)info_ptr -> tx_thread_secure_stack_limit));
asm volatile("MSR PSP, %0" :: "r" ((ULONG)info_ptr -> tx_thread_secure_stack_ptr));
return;
}