Prevent unprivileged task from altering MPU configuration (#227)

This change removes the FreeRTOS System Calls (aka MPU wrappers) for the
following kernel APIs:
- xTaskCreateRestricted
- xTaskCreateRestrictedStatic
- vTaskAllocateMPURegions

A system call allows an unprivileged task to execute a kernel API which
is otherwise accessible to privileged software only. The above 3 APIs
can create a new task with a different MPU configuration or alter the
MPU configuration of an existing task. This an be (mis)used by an
unprivileged task to grant itself access to a region which it does not
have access to.

Removing the system calls for these APIs ensures that an unprivileged
task cannot execute this APIs. If an unprivileged task attempts to
execute any of these API, it will result in a Memory Fault.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
3 files changed
tree: c9c58b5a396ae6543a5c669ca91e2d7935e6d131
  1. .github/
  2. GitHub-FreeRTOS-Kernel-Home.url
  3. History.txt
  4. LICENSE.md
  5. Quick_Start_Guide.url
  6. README.md
  7. croutine.c
  8. event_groups.c
  9. include/
  10. list.c
  11. portable/
  12. queue.c
  13. stream_buffer.c
  14. tasks.c
  15. timers.c
README.md

Getting started

This repository contains FreeRTOS kernel source/header files and kernel ports only. This repository is referenced as a submodule in FreeRTOS/FreeRTOS repository, which contains pre-configured demo application projects under FreeRTOS/Demo directory.

The easiest way to use FreeRTOS is to start with one of the pre-configured demo application projects. That way you will have the correct FreeRTOS source files included, and the correct include paths configured. Once a demo application is building and executing you can remove the demo application files, and start to add in your own application source files. See the FreeRTOS Kernel Quick Start Guide for detailed instructions and other useful links.

Additionally, for FreeRTOS kernel feature information refer to the Developer Documentation, and API Reference.

Getting help

If you have any questions or need assistance troubleshooting your FreeRTOS project, we have an active community that can help on the FreeRTOS Community Support Forum.

Cloning this repository

To clone using HTTPS:

git clone https://github.com/FreeRTOS/FreeRTOS-Kernel.git

Using SSH:

git clone git@github.com:FreeRTOS/FreeRTOS-Kernel.git

Repository structure

  • The root of this repository contains the three files that are common to every port - list.c, queue.c and tasks.c. The kernel is contained within these three files. croutine.c implements the optional co-routine functionality - which is normally only used on very memory limited systems.

  • The ./portable directory contains the files that are specific to a particular microcontroller and/or compiler. See the readme file in the ./portable directory for more information.

  • The ./include directory contains the real time kernel header files.

Code Formatting

FreeRTOS files are formatted using the “uncrustify” tool. The configuration file used by uncrustify can be found in the FreeRTOS/FreeRTOS repository.

Spelling

lexicon.txt contains words that are not traditionally found in an English dictionary. It is used by the spellchecker to verify the various jargon, variable names, and other odd words used in the FreeRTOS code base. If your pull request fails to pass the spelling and you believe this is a mistake, then add the word to lexicon.txt. Note that only the FreeRTOS Kernel source files are checked for proper spelling, the portable section is ignored.