Restrict unpriv task to invoke code with privilege
It was possible for an unprivileged task to invoke any function with
privilege by passing it as a parameter to MPU_xTaskCreate,
MPU_xTaskCreateStatic, MPU_xTimerCreate, MPU_xTimerCreateStatic, or
MPU_xTimerPendFunctionCall.
This commit ensures that MPU_xTaskCreate and MPU_xTaskCreateStatic can
only create unprivileged tasks. It also removes the following APIs:
1. MPU_xTimerCreate
2. MPU_xTimerCreateStatic
3. MPU_xTimerPendFunctionCall
We thank Huazhong University of Science and Technology for reporting
this issue.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
diff --git a/include/mpu_wrappers.h b/include/mpu_wrappers.h
index 5a26113..b355ae4 100644
--- a/include/mpu_wrappers.h
+++ b/include/mpu_wrappers.h
@@ -120,13 +120,10 @@
#endif
/* Map standard timer.h API functions to the MPU equivalents. */
- #define xTimerCreate MPU_xTimerCreate
- #define xTimerCreateStatic MPU_xTimerCreateStatic
#define pvTimerGetTimerID MPU_pvTimerGetTimerID
#define vTimerSetTimerID MPU_vTimerSetTimerID
#define xTimerIsTimerActive MPU_xTimerIsTimerActive
#define xTimerGetTimerDaemonTaskHandle MPU_xTimerGetTimerDaemonTaskHandle
- #define xTimerPendFunctionCall MPU_xTimerPendFunctionCall
#define pcTimerGetName MPU_pcTimerGetName
#define vTimerSetReloadMode MPU_vTimerSetReloadMode
#define uxTimerGetReloadMode MPU_uxTimerGetReloadMode
diff --git a/portable/Common/mpu_wrappers.c b/portable/Common/mpu_wrappers.c
index 6207d38..c8aed16 100644
--- a/portable/Common/mpu_wrappers.c
+++ b/portable/Common/mpu_wrappers.c
@@ -65,6 +65,9 @@
portRAISE_PRIVILEGE();
portMEMORY_BARRIER();
+ uxPriority = uxPriority & ~( portPRIVILEGE_BIT );
+ portMEMORY_BARRIER();
+
xReturn = xTaskCreate( pvTaskCode, pcName, usStackDepth, pvParameters, uxPriority, pxCreatedTask );
portMEMORY_BARRIER();
@@ -97,6 +100,9 @@
portRAISE_PRIVILEGE();
portMEMORY_BARRIER();
+ uxPriority = uxPriority & ~( portPRIVILEGE_BIT );
+ portMEMORY_BARRIER();
+
xReturn = xTaskCreateStatic( pxTaskCode, pcName, ulStackDepth, pvParameters, uxPriority, puxStackBuffer, pxTaskBuffer );
portMEMORY_BARRIER();
@@ -1708,67 +1714,6 @@
}
/*-----------------------------------------------------------*/
- #if ( ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) )
- TimerHandle_t MPU_xTimerCreate( const char * const pcTimerName,
- const TickType_t xTimerPeriodInTicks,
- const UBaseType_t uxAutoReload,
- void * const pvTimerID,
- TimerCallbackFunction_t pxCallbackFunction ) /* FREERTOS_SYSTEM_CALL */
- {
- TimerHandle_t xReturn;
-
- if( portIS_PRIVILEGED() == pdFALSE )
- {
- portRAISE_PRIVILEGE();
- portMEMORY_BARRIER();
-
- xReturn = xTimerCreate( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction );
- portMEMORY_BARRIER();
-
- portRESET_PRIVILEGE();
- portMEMORY_BARRIER();
- }
- else
- {
- xReturn = xTimerCreate( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction );
- }
-
- return xReturn;
- }
- #endif /* if ( ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) */
-/*-----------------------------------------------------------*/
-
- #if ( ( configSUPPORT_STATIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) )
- TimerHandle_t MPU_xTimerCreateStatic( const char * const pcTimerName,
- const TickType_t xTimerPeriodInTicks,
- const UBaseType_t uxAutoReload,
- void * const pvTimerID,
- TimerCallbackFunction_t pxCallbackFunction,
- StaticTimer_t * pxTimerBuffer ) /* FREERTOS_SYSTEM_CALL */
- {
- TimerHandle_t xReturn;
-
- if( portIS_PRIVILEGED() == pdFALSE )
- {
- portRAISE_PRIVILEGE();
- portMEMORY_BARRIER();
-
- xReturn = xTimerCreateStatic( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction, pxTimerBuffer );
- portMEMORY_BARRIER();
-
- portRESET_PRIVILEGE();
- portMEMORY_BARRIER();
- }
- else
- {
- xReturn = xTimerCreateStatic( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction, pxTimerBuffer );
- }
-
- return xReturn;
- }
- #endif /* if ( ( configSUPPORT_STATIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) */
-/*-----------------------------------------------------------*/
-
#if ( configUSE_TIMERS == 1 )
void * MPU_pvTimerGetTimerID( const TimerHandle_t xTimer ) /* FREERTOS_SYSTEM_CALL */
{
@@ -1870,35 +1815,6 @@
#endif /* if ( configUSE_TIMERS == 1 ) */
/*-----------------------------------------------------------*/
- #if ( ( INCLUDE_xTimerPendFunctionCall == 1 ) && ( configUSE_TIMERS == 1 ) )
- BaseType_t MPU_xTimerPendFunctionCall( PendedFunction_t xFunctionToPend,
- void * pvParameter1,
- uint32_t ulParameter2,
- TickType_t xTicksToWait ) /* FREERTOS_SYSTEM_CALL */
- {
- BaseType_t xReturn;
-
- if( portIS_PRIVILEGED() == pdFALSE )
- {
- portRAISE_PRIVILEGE();
- portMEMORY_BARRIER();
-
- xReturn = xTimerPendFunctionCall( xFunctionToPend, pvParameter1, ulParameter2, xTicksToWait );
- portMEMORY_BARRIER();
-
- portRESET_PRIVILEGE();
- portMEMORY_BARRIER();
- }
- else
- {
- xReturn = xTimerPendFunctionCall( xFunctionToPend, pvParameter1, ulParameter2, xTicksToWait );
- }
-
- return xReturn;
- }
- #endif /* if ( ( INCLUDE_xTimerPendFunctionCall == 1 ) && ( configUSE_TIMERS == 1 ) ) */
-/*-----------------------------------------------------------*/
-
#if ( configUSE_TIMERS == 1 )
void MPU_vTimerSetReloadMode( TimerHandle_t xTimer,
const UBaseType_t uxAutoReload ) /* FREERTOS_SYSTEM_CALL */
