1 /*
2 * FreeRTOS Kernel V11.0.1
3 * Copyright (C) 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
4 *
5 * SPDX-License-Identifier: MIT
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy of
8 * this software and associated documentation files (the "Software"), to deal in
9 * the Software without restriction, including without limitation the rights to
10 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
11 * the Software, and to permit persons to whom the Software is furnished to do so,
12 * subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in all
15 * copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
19 * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
20 * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
21 * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23 *
24 * https://www.FreeRTOS.org
25 * https://github.com/FreeRTOS
26 *
27 */
28
29 /* Defining MPU_WRAPPERS_INCLUDED_FROM_API_FILE prevents task.h from redefining
30 * all the API functions to use the MPU wrappers. That should only be done when
31 * task.h is included from an application file. */
32 #define MPU_WRAPPERS_INCLUDED_FROM_API_FILE
33
34 /* Scheduler includes. */
35 #include "FreeRTOS.h"
36 #include "task.h"
37
38 /* MPU includes. */
39 #include "mpu_wrappers.h"
40 #include "mpu_syscall_numbers.h"
41
42 /* Portasm includes. */
43 #include "portasm.h"
44
45 #if ( configENABLE_TRUSTZONE == 1 )
46 /* Secure components includes. */
47 #include "secure_context.h"
48 #include "secure_init.h"
49 #endif /* configENABLE_TRUSTZONE */
50
51 #undef MPU_WRAPPERS_INCLUDED_FROM_API_FILE
52
53 /**
54 * The FreeRTOS Cortex M33 port can be configured to run on the Secure Side only
55 * i.e. the processor boots as secure and never jumps to the non-secure side.
56 * The Trust Zone support in the port must be disabled in order to run FreeRTOS
57 * on the secure side. The following are the valid configuration seetings:
58 *
59 * 1. Run FreeRTOS on the Secure Side:
60 * configRUN_FREERTOS_SECURE_ONLY = 1 and configENABLE_TRUSTZONE = 0
61 *
62 * 2. Run FreeRTOS on the Non-Secure Side with Secure Side function call support:
63 * configRUN_FREERTOS_SECURE_ONLY = 0 and configENABLE_TRUSTZONE = 1
64 *
65 * 3. Run FreeRTOS on the Non-Secure Side only i.e. no Secure Side function call support:
66 * configRUN_FREERTOS_SECURE_ONLY = 0 and configENABLE_TRUSTZONE = 0
67 */
68 #if ( ( configRUN_FREERTOS_SECURE_ONLY == 1 ) && ( configENABLE_TRUSTZONE == 1 ) )
69 #error TrustZone needs to be disabled in order to run FreeRTOS on the Secure Side.
70 #endif
71
72 /**
73 * Cortex-M23 does not have non-secure PSPLIM. We should use PSPLIM on Cortex-M23
74 * only when FreeRTOS runs on secure side.
75 */
76 #if ( ( portHAS_ARMV8M_MAIN_EXTENSION == 0 ) && ( configRUN_FREERTOS_SECURE_ONLY == 0 ) )
77 #define portUSE_PSPLIM_REGISTER 0
78 #else
79 #define portUSE_PSPLIM_REGISTER 1
80 #endif
81 /*-----------------------------------------------------------*/
82
83 /**
84 * @brief Prototype of all Interrupt Service Routines (ISRs).
85 */
86 typedef void ( * portISR_t )( void );
87 /*-----------------------------------------------------------*/
88
89 /**
90 * @brief Constants required to manipulate the NVIC.
91 */
92 #define portNVIC_SYSTICK_CTRL_REG ( *( ( volatile uint32_t * ) 0xe000e010 ) )
93 #define portNVIC_SYSTICK_LOAD_REG ( *( ( volatile uint32_t * ) 0xe000e014 ) )
94 #define portNVIC_SYSTICK_CURRENT_VALUE_REG ( *( ( volatile uint32_t * ) 0xe000e018 ) )
95 #define portNVIC_SHPR3_REG ( *( ( volatile uint32_t * ) 0xe000ed20 ) )
96 #define portNVIC_SYSTICK_ENABLE_BIT ( 1UL << 0UL )
97 #define portNVIC_SYSTICK_INT_BIT ( 1UL << 1UL )
98 #define portNVIC_SYSTICK_CLK_BIT ( 1UL << 2UL )
99 #define portNVIC_SYSTICK_COUNT_FLAG_BIT ( 1UL << 16UL )
100 #define portNVIC_PEND_SYSTICK_CLEAR_BIT ( 1UL << 25UL )
101 #define portNVIC_PEND_SYSTICK_SET_BIT ( 1UL << 26UL )
102 #define portMIN_INTERRUPT_PRIORITY ( 255UL )
103 #define portNVIC_PENDSV_PRI ( portMIN_INTERRUPT_PRIORITY << 16UL )
104 #define portNVIC_SYSTICK_PRI ( portMIN_INTERRUPT_PRIORITY << 24UL )
105 /*-----------------------------------------------------------*/
106
107 /**
108 * @brief Constants required to manipulate the SCB.
109 */
110 #define portSCB_VTOR_REG ( *( ( portISR_t ** ) 0xe000ed08 ) )
111 #define portSCB_SYS_HANDLER_CTRL_STATE_REG ( *( ( volatile uint32_t * ) 0xe000ed24 ) )
112 #define portSCB_MEM_FAULT_ENABLE_BIT ( 1UL << 16UL )
113 /*-----------------------------------------------------------*/
114
115 /**
116 * @brief Constants used to check the installation of the FreeRTOS interrupt handlers.
117 */
118 #define portVECTOR_INDEX_SVC ( 11 )
119 #define portVECTOR_INDEX_PENDSV ( 14 )
120 /*-----------------------------------------------------------*/
121
122 /**
123 * @brief Constants required to check the validity of an interrupt priority.
124 */
125 #define portNVIC_SHPR2_REG ( *( ( volatile uint32_t * ) 0xE000ED1C ) )
126 #define portFIRST_USER_INTERRUPT_NUMBER ( 16 )
127 #define portNVIC_IP_REGISTERS_OFFSET_16 ( 0xE000E3F0 )
128 #define portAIRCR_REG ( *( ( volatile uint32_t * ) 0xE000ED0C ) )
129 #define portTOP_BIT_OF_BYTE ( ( uint8_t ) 0x80 )
130 #define portMAX_PRIGROUP_BITS ( ( uint8_t ) 7 )
131 #define portPRIORITY_GROUP_MASK ( 0x07UL << 8UL )
132 #define portPRIGROUP_SHIFT ( 8UL )
133 /*-----------------------------------------------------------*/
134
135 /**
136 * @brief Constants used during system call enter and exit.
137 */
138 #define portPSR_STACK_PADDING_MASK ( 1UL << 9UL )
139 #define portEXC_RETURN_STACK_FRAME_TYPE_MASK ( 1UL << 4UL )
140 /*-----------------------------------------------------------*/
141
142 /**
143 * @brief Constants required to manipulate the FPU.
144 */
145 #define portCPACR ( ( volatile uint32_t * ) 0xe000ed88 ) /* Coprocessor Access Control Register. */
146 #define portCPACR_CP10_VALUE ( 3UL )
147 #define portCPACR_CP11_VALUE portCPACR_CP10_VALUE
148 #define portCPACR_CP10_POS ( 20UL )
149 #define portCPACR_CP11_POS ( 22UL )
150
151 #define portFPCCR ( ( volatile uint32_t * ) 0xe000ef34 ) /* Floating Point Context Control Register. */
152 #define portFPCCR_ASPEN_POS ( 31UL )
153 #define portFPCCR_ASPEN_MASK ( 1UL << portFPCCR_ASPEN_POS )
154 #define portFPCCR_LSPEN_POS ( 30UL )
155 #define portFPCCR_LSPEN_MASK ( 1UL << portFPCCR_LSPEN_POS )
156 /*-----------------------------------------------------------*/
157
158 /**
159 * @brief Offsets in the stack to the parameters when inside the SVC handler.
160 */
161 #define portOFFSET_TO_LR ( 5 )
162 #define portOFFSET_TO_PC ( 6 )
163 #define portOFFSET_TO_PSR ( 7 )
164 /*-----------------------------------------------------------*/
165
166 /**
167 * @brief Constants required to manipulate the MPU.
168 */
169 #define portMPU_TYPE_REG ( *( ( volatile uint32_t * ) 0xe000ed90 ) )
170 #define portMPU_CTRL_REG ( *( ( volatile uint32_t * ) 0xe000ed94 ) )
171 #define portMPU_RNR_REG ( *( ( volatile uint32_t * ) 0xe000ed98 ) )
172
173 #define portMPU_RBAR_REG ( *( ( volatile uint32_t * ) 0xe000ed9c ) )
174 #define portMPU_RLAR_REG ( *( ( volatile uint32_t * ) 0xe000eda0 ) )
175
176 #define portMPU_RBAR_A1_REG ( *( ( volatile uint32_t * ) 0xe000eda4 ) )
177 #define portMPU_RLAR_A1_REG ( *( ( volatile uint32_t * ) 0xe000eda8 ) )
178
179 #define portMPU_RBAR_A2_REG ( *( ( volatile uint32_t * ) 0xe000edac ) )
180 #define portMPU_RLAR_A2_REG ( *( ( volatile uint32_t * ) 0xe000edb0 ) )
181
182 #define portMPU_RBAR_A3_REG ( *( ( volatile uint32_t * ) 0xe000edb4 ) )
183 #define portMPU_RLAR_A3_REG ( *( ( volatile uint32_t * ) 0xe000edb8 ) )
184
185 #define portMPU_MAIR0_REG ( *( ( volatile uint32_t * ) 0xe000edc0 ) )
186 #define portMPU_MAIR1_REG ( *( ( volatile uint32_t * ) 0xe000edc4 ) )
187
188 #define portMPU_RBAR_ADDRESS_MASK ( 0xffffffe0 ) /* Must be 32-byte aligned. */
189 #define portMPU_RLAR_ADDRESS_MASK ( 0xffffffe0 ) /* Must be 32-byte aligned. */
190
191 #define portMPU_RBAR_ACCESS_PERMISSIONS_MASK ( 3UL << 1UL )
192
193 #define portMPU_MAIR_ATTR0_POS ( 0UL )
194 #define portMPU_MAIR_ATTR0_MASK ( 0x000000ff )
195
196 #define portMPU_MAIR_ATTR1_POS ( 8UL )
197 #define portMPU_MAIR_ATTR1_MASK ( 0x0000ff00 )
198
199 #define portMPU_MAIR_ATTR2_POS ( 16UL )
200 #define portMPU_MAIR_ATTR2_MASK ( 0x00ff0000 )
201
202 #define portMPU_MAIR_ATTR3_POS ( 24UL )
203 #define portMPU_MAIR_ATTR3_MASK ( 0xff000000 )
204
205 #define portMPU_MAIR_ATTR4_POS ( 0UL )
206 #define portMPU_MAIR_ATTR4_MASK ( 0x000000ff )
207
208 #define portMPU_MAIR_ATTR5_POS ( 8UL )
209 #define portMPU_MAIR_ATTR5_MASK ( 0x0000ff00 )
210
211 #define portMPU_MAIR_ATTR6_POS ( 16UL )
212 #define portMPU_MAIR_ATTR6_MASK ( 0x00ff0000 )
213
214 #define portMPU_MAIR_ATTR7_POS ( 24UL )
215 #define portMPU_MAIR_ATTR7_MASK ( 0xff000000 )
216
217 #define portMPU_RLAR_ATTR_INDEX0 ( 0UL << 1UL )
218 #define portMPU_RLAR_ATTR_INDEX1 ( 1UL << 1UL )
219 #define portMPU_RLAR_ATTR_INDEX2 ( 2UL << 1UL )
220 #define portMPU_RLAR_ATTR_INDEX3 ( 3UL << 1UL )
221 #define portMPU_RLAR_ATTR_INDEX4 ( 4UL << 1UL )
222 #define portMPU_RLAR_ATTR_INDEX5 ( 5UL << 1UL )
223 #define portMPU_RLAR_ATTR_INDEX6 ( 6UL << 1UL )
224 #define portMPU_RLAR_ATTR_INDEX7 ( 7UL << 1UL )
225
226 #define portMPU_RLAR_REGION_ENABLE ( 1UL )
227
228 /* Enable privileged access to unmapped region. */
229 #define portMPU_PRIV_BACKGROUND_ENABLE_BIT ( 1UL << 2UL )
230
231 /* Enable MPU. */
232 #define portMPU_ENABLE_BIT ( 1UL << 0UL )
233
234 /* Expected value of the portMPU_TYPE register. */
235 #define portEXPECTED_MPU_TYPE_VALUE ( configTOTAL_MPU_REGIONS << 8UL )
236
237 /* Extract first address of the MPU region as encoded in the
238 * RBAR (Region Base Address Register) value. */
239 #define portEXTRACT_FIRST_ADDRESS_FROM_RBAR( rbar ) \
240 ( ( rbar ) & portMPU_RBAR_ADDRESS_MASK )
241
242 /* Extract last address of the MPU region as encoded in the
243 * RLAR (Region Limit Address Register) value. */
244 #define portEXTRACT_LAST_ADDRESS_FROM_RLAR( rlar ) \
245 ( ( ( rlar ) & portMPU_RLAR_ADDRESS_MASK ) | ~portMPU_RLAR_ADDRESS_MASK )
246
247 /* Does addr lies within [start, end] address range? */
248 #define portIS_ADDRESS_WITHIN_RANGE( addr, start, end ) \
249 ( ( ( addr ) >= ( start ) ) && ( ( addr ) <= ( end ) ) )
250
251 /* Is the access request satisfied by the available permissions? */
252 #define portIS_AUTHORIZED( accessRequest, permissions ) \
253 ( ( ( permissions ) & ( accessRequest ) ) == accessRequest )
254
255 /* Max value that fits in a uint32_t type. */
256 #define portUINT32_MAX ( ~( ( uint32_t ) 0 ) )
257
258 /* Check if adding a and b will result in overflow. */
259 #define portADD_UINT32_WILL_OVERFLOW( a, b ) ( ( a ) > ( portUINT32_MAX - ( b ) ) )
260 /*-----------------------------------------------------------*/
261
262 /**
263 * @brief The maximum 24-bit number.
264 *
265 * It is needed because the systick is a 24-bit counter.
266 */
267 #define portMAX_24_BIT_NUMBER ( 0xffffffUL )
268
269 /**
270 * @brief A fiddle factor to estimate the number of SysTick counts that would
271 * have occurred while the SysTick counter is stopped during tickless idle
272 * calculations.
273 */
274 #define portMISSED_COUNTS_FACTOR ( 94UL )
275 /*-----------------------------------------------------------*/
276
277 /**
278 * @brief Constants required to set up the initial stack.
279 */
280 #define portINITIAL_XPSR ( 0x01000000 )
281
282 #if ( configRUN_FREERTOS_SECURE_ONLY == 1 )
283
284 /**
285 * @brief Initial EXC_RETURN value.
286 *
287 * FF FF FF FD
288 * 1111 1111 1111 1111 1111 1111 1111 1101
289 *
290 * Bit[6] - 1 --> The exception was taken from the Secure state.
291 * Bit[5] - 1 --> Do not skip stacking of additional state context.
292 * Bit[4] - 1 --> The PE did not allocate space on the stack for FP context.
293 * Bit[3] - 1 --> Return to the Thread mode.
294 * Bit[2] - 1 --> Restore registers from the process stack.
295 * Bit[1] - 0 --> Reserved, 0.
296 * Bit[0] - 1 --> The exception was taken to the Secure state.
297 */
298 #define portINITIAL_EXC_RETURN ( 0xfffffffd )
299 #else
300
301 /**
302 * @brief Initial EXC_RETURN value.
303 *
304 * FF FF FF BC
305 * 1111 1111 1111 1111 1111 1111 1011 1100
306 *
307 * Bit[6] - 0 --> The exception was taken from the Non-Secure state.
308 * Bit[5] - 1 --> Do not skip stacking of additional state context.
309 * Bit[4] - 1 --> The PE did not allocate space on the stack for FP context.
310 * Bit[3] - 1 --> Return to the Thread mode.
311 * Bit[2] - 1 --> Restore registers from the process stack.
312 * Bit[1] - 0 --> Reserved, 0.
313 * Bit[0] - 0 --> The exception was taken to the Non-Secure state.
314 */
315 #define portINITIAL_EXC_RETURN ( 0xffffffbc )
316 #endif /* configRUN_FREERTOS_SECURE_ONLY */
317
318 /**
319 * @brief CONTROL register privileged bit mask.
320 *
321 * Bit[0] in CONTROL register tells the privilege:
322 * Bit[0] = 0 ==> The task is privileged.
323 * Bit[0] = 1 ==> The task is not privileged.
324 */
325 #define portCONTROL_PRIVILEGED_MASK ( 1UL << 0UL )
326
327 /**
328 * @brief Initial CONTROL register values.
329 */
330 #define portINITIAL_CONTROL_UNPRIVILEGED ( 0x3 )
331 #define portINITIAL_CONTROL_PRIVILEGED ( 0x2 )
332
333 /**
334 * @brief Let the user override the default SysTick clock rate. If defined by the
335 * user, this symbol must equal the SysTick clock rate when the CLK bit is 0 in the
336 * configuration register.
337 */
338 #ifndef configSYSTICK_CLOCK_HZ
339 #define configSYSTICK_CLOCK_HZ ( configCPU_CLOCK_HZ )
340 /* Ensure the SysTick is clocked at the same frequency as the core. */
341 #define portNVIC_SYSTICK_CLK_BIT_CONFIG ( portNVIC_SYSTICK_CLK_BIT )
342 #else
343 /* Select the option to clock SysTick not at the same frequency as the core. */
344 #define portNVIC_SYSTICK_CLK_BIT_CONFIG ( 0 )
345 #endif
346
347 /**
348 * @brief Let the user override the pre-loading of the initial LR with the
349 * address of prvTaskExitError() in case it messes up unwinding of the stack
350 * in the debugger.
351 */
352 #ifdef configTASK_RETURN_ADDRESS
353 #define portTASK_RETURN_ADDRESS configTASK_RETURN_ADDRESS
354 #else
355 #define portTASK_RETURN_ADDRESS prvTaskExitError
356 #endif
357
358 /**
359 * @brief If portPRELOAD_REGISTERS then registers will be given an initial value
360 * when a task is created. This helps in debugging at the cost of code size.
361 */
362 #define portPRELOAD_REGISTERS 1
363
364 /**
365 * @brief A task is created without a secure context, and must call
366 * portALLOCATE_SECURE_CONTEXT() to give itself a secure context before it makes
367 * any secure calls.
368 */
369 #define portNO_SECURE_CONTEXT 0
370 /*-----------------------------------------------------------*/
371
372 /**
373 * @brief Used to catch tasks that attempt to return from their implementing
374 * function.
375 */
376 static void prvTaskExitError( void );
377
378 #if ( configENABLE_MPU == 1 )
379
380 /**
381 * @brief Extract MPU region's access permissions from the Region Base Address
382 * Register (RBAR) value.
383 *
384 * @param ulRBARValue RBAR value for the MPU region.
385 *
386 * @return uint32_t Access permissions.
387 */
388 static uint32_t prvGetRegionAccessPermissions( uint32_t ulRBARValue ) PRIVILEGED_FUNCTION;
389 #endif /* configENABLE_MPU */
390
391 #if ( configENABLE_MPU == 1 )
392
393 /**
394 * @brief Setup the Memory Protection Unit (MPU).
395 */
396 static void prvSetupMPU( void ) PRIVILEGED_FUNCTION;
397 #endif /* configENABLE_MPU */
398
399 #if ( configENABLE_FPU == 1 )
400
401 /**
402 * @brief Setup the Floating Point Unit (FPU).
403 */
404 static void prvSetupFPU( void ) PRIVILEGED_FUNCTION;
405 #endif /* configENABLE_FPU */
406
407 /**
408 * @brief Setup the timer to generate the tick interrupts.
409 *
410 * The implementation in this file is weak to allow application writers to
411 * change the timer used to generate the tick interrupt.
412 */
413 void vPortSetupTimerInterrupt( void ) PRIVILEGED_FUNCTION;
414
415 /**
416 * @brief Checks whether the current execution context is interrupt.
417 *
418 * @return pdTRUE if the current execution context is interrupt, pdFALSE
419 * otherwise.
420 */
421 BaseType_t xPortIsInsideInterrupt( void );
422
423 /**
424 * @brief Yield the processor.
425 */
426 void vPortYield( void ) PRIVILEGED_FUNCTION;
427
428 /**
429 * @brief Enter critical section.
430 */
431 void vPortEnterCritical( void ) PRIVILEGED_FUNCTION;
432
433 /**
434 * @brief Exit from critical section.
435 */
436 void vPortExitCritical( void ) PRIVILEGED_FUNCTION;
437
438 /**
439 * @brief SysTick handler.
440 */
441 void SysTick_Handler( void ) PRIVILEGED_FUNCTION;
442
443 /**
444 * @brief C part of SVC handler.
445 */
446 portDONT_DISCARD void vPortSVCHandler_C( uint32_t * pulCallerStackAddress ) PRIVILEGED_FUNCTION;
447
448 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
449
450 /**
451 * @brief Sets up the system call stack so that upon returning from
452 * SVC, the system call stack is used.
453 *
454 * @param pulTaskStack The current SP when the SVC was raised.
455 * @param ulLR The value of Link Register (EXC_RETURN) in the SVC handler.
456 * @param ucSystemCallNumber The system call number of the system call.
457 */
458 void vSystemCallEnter( uint32_t * pulTaskStack,
459 uint32_t ulLR,
460 uint8_t ucSystemCallNumber ) PRIVILEGED_FUNCTION;
461
462 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
463
464 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
465
466 /**
467 * @brief Raise SVC for exiting from a system call.
468 */
469 void vRequestSystemCallExit( void ) __attribute__( ( naked ) ) PRIVILEGED_FUNCTION;
470
471 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
472
473 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
474
475 /**
476 * @brief Sets up the task stack so that upon returning from
477 * SVC, the task stack is used again.
478 *
479 * @param pulSystemCallStack The current SP when the SVC was raised.
480 * @param ulLR The value of Link Register (EXC_RETURN) in the SVC handler.
481 */
482 void vSystemCallExit( uint32_t * pulSystemCallStack,
483 uint32_t ulLR ) PRIVILEGED_FUNCTION;
484
485 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
486
487 #if ( configENABLE_MPU == 1 )
488
489 /**
490 * @brief Checks whether or not the calling task is privileged.
491 *
492 * @return pdTRUE if the calling task is privileged, pdFALSE otherwise.
493 */
494 BaseType_t xPortIsTaskPrivileged( void ) PRIVILEGED_FUNCTION;
495
496 #endif /* configENABLE_MPU == 1 */
497 /*-----------------------------------------------------------*/
498
499 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) )
500
501 /**
502 * @brief This variable is set to pdTRUE when the scheduler is started.
503 */
504 PRIVILEGED_DATA static BaseType_t xSchedulerRunning = pdFALSE;
505
506 #endif
507
508 /**
509 * @brief Each task maintains its own interrupt status in the critical nesting
510 * variable.
511 */
512 PRIVILEGED_DATA static volatile uint32_t ulCriticalNesting = 0xaaaaaaaaUL;
513
514 #if ( configENABLE_TRUSTZONE == 1 )
515
516 /**
517 * @brief Saved as part of the task context to indicate which context the
518 * task is using on the secure side.
519 */
520 PRIVILEGED_DATA portDONT_DISCARD volatile SecureContextHandle_t xSecureContext = portNO_SECURE_CONTEXT;
521 #endif /* configENABLE_TRUSTZONE */
522
523 /**
524 * @brief Used by the portASSERT_IF_INTERRUPT_PRIORITY_INVALID() macro to ensure
525 * FreeRTOS API functions are not called from interrupts that have been assigned
526 * a priority above configMAX_SYSCALL_INTERRUPT_PRIORITY.
527 */
528 #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) )
529
530 static uint8_t ucMaxSysCallPriority = 0;
531 static uint32_t ulMaxPRIGROUPValue = 0;
532 static const volatile uint8_t * const pcInterruptPriorityRegisters = ( const volatile uint8_t * ) portNVIC_IP_REGISTERS_OFFSET_16;
533
534 #endif /* #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) ) */
535
536 #if ( configUSE_TICKLESS_IDLE == 1 )
537
538 /**
539 * @brief The number of SysTick increments that make up one tick period.
540 */
541 PRIVILEGED_DATA static uint32_t ulTimerCountsForOneTick = 0;
542
543 /**
544 * @brief The maximum number of tick periods that can be suppressed is
545 * limited by the 24 bit resolution of the SysTick timer.
546 */
547 PRIVILEGED_DATA static uint32_t xMaximumPossibleSuppressedTicks = 0;
548
549 /**
550 * @brief Compensate for the CPU cycles that pass while the SysTick is
551 * stopped (low power functionality only).
552 */
553 PRIVILEGED_DATA static uint32_t ulStoppedTimerCompensation = 0;
554 #endif /* configUSE_TICKLESS_IDLE */
555 /*-----------------------------------------------------------*/
556
557 #if ( configUSE_TICKLESS_IDLE == 1 )
vPortSuppressTicksAndSleep(TickType_t xExpectedIdleTime)558 __attribute__( ( weak ) ) void vPortSuppressTicksAndSleep( TickType_t xExpectedIdleTime )
559 {
560 uint32_t ulReloadValue, ulCompleteTickPeriods, ulCompletedSysTickDecrements, ulSysTickDecrementsLeft;
561 TickType_t xModifiableIdleTime;
562
563 /* Make sure the SysTick reload value does not overflow the counter. */
564 if( xExpectedIdleTime > xMaximumPossibleSuppressedTicks )
565 {
566 xExpectedIdleTime = xMaximumPossibleSuppressedTicks;
567 }
568
569 /* Enter a critical section but don't use the taskENTER_CRITICAL()
570 * method as that will mask interrupts that should exit sleep mode. */
571 __asm volatile ( "cpsid i" ::: "memory" );
572 __asm volatile ( "dsb" );
573 __asm volatile ( "isb" );
574
575 /* If a context switch is pending or a task is waiting for the scheduler
576 * to be unsuspended then abandon the low power entry. */
577 if( eTaskConfirmSleepModeStatus() == eAbortSleep )
578 {
579 /* Re-enable interrupts - see comments above the cpsid instruction
580 * above. */
581 __asm volatile ( "cpsie i" ::: "memory" );
582 }
583 else
584 {
585 /* Stop the SysTick momentarily. The time the SysTick is stopped for
586 * is accounted for as best it can be, but using the tickless mode will
587 * inevitably result in some tiny drift of the time maintained by the
588 * kernel with respect to calendar time. */
589 portNVIC_SYSTICK_CTRL_REG = ( portNVIC_SYSTICK_CLK_BIT_CONFIG | portNVIC_SYSTICK_INT_BIT );
590
591 /* Use the SysTick current-value register to determine the number of
592 * SysTick decrements remaining until the next tick interrupt. If the
593 * current-value register is zero, then there are actually
594 * ulTimerCountsForOneTick decrements remaining, not zero, because the
595 * SysTick requests the interrupt when decrementing from 1 to 0. */
596 ulSysTickDecrementsLeft = portNVIC_SYSTICK_CURRENT_VALUE_REG;
597
598 if( ulSysTickDecrementsLeft == 0 )
599 {
600 ulSysTickDecrementsLeft = ulTimerCountsForOneTick;
601 }
602
603 /* Calculate the reload value required to wait xExpectedIdleTime
604 * tick periods. -1 is used because this code normally executes part
605 * way through the first tick period. But if the SysTick IRQ is now
606 * pending, then clear the IRQ, suppressing the first tick, and correct
607 * the reload value to reflect that the second tick period is already
608 * underway. The expected idle time is always at least two ticks. */
609 ulReloadValue = ulSysTickDecrementsLeft + ( ulTimerCountsForOneTick * ( xExpectedIdleTime - 1UL ) );
610
611 if( ( portNVIC_INT_CTRL_REG & portNVIC_PEND_SYSTICK_SET_BIT ) != 0 )
612 {
613 portNVIC_INT_CTRL_REG = portNVIC_PEND_SYSTICK_CLEAR_BIT;
614 ulReloadValue -= ulTimerCountsForOneTick;
615 }
616
617 if( ulReloadValue > ulStoppedTimerCompensation )
618 {
619 ulReloadValue -= ulStoppedTimerCompensation;
620 }
621
622 /* Set the new reload value. */
623 portNVIC_SYSTICK_LOAD_REG = ulReloadValue;
624
625 /* Clear the SysTick count flag and set the count value back to
626 * zero. */
627 portNVIC_SYSTICK_CURRENT_VALUE_REG = 0UL;
628
629 /* Restart SysTick. */
630 portNVIC_SYSTICK_CTRL_REG |= portNVIC_SYSTICK_ENABLE_BIT;
631
632 /* Sleep until something happens. configPRE_SLEEP_PROCESSING() can
633 * set its parameter to 0 to indicate that its implementation contains
634 * its own wait for interrupt or wait for event instruction, and so wfi
635 * should not be executed again. However, the original expected idle
636 * time variable must remain unmodified, so a copy is taken. */
637 xModifiableIdleTime = xExpectedIdleTime;
638 configPRE_SLEEP_PROCESSING( xModifiableIdleTime );
639
640 if( xModifiableIdleTime > 0 )
641 {
642 __asm volatile ( "dsb" ::: "memory" );
643 __asm volatile ( "wfi" );
644 __asm volatile ( "isb" );
645 }
646
647 configPOST_SLEEP_PROCESSING( xExpectedIdleTime );
648
649 /* Re-enable interrupts to allow the interrupt that brought the MCU
650 * out of sleep mode to execute immediately. See comments above
651 * the cpsid instruction above. */
652 __asm volatile ( "cpsie i" ::: "memory" );
653 __asm volatile ( "dsb" );
654 __asm volatile ( "isb" );
655
656 /* Disable interrupts again because the clock is about to be stopped
657 * and interrupts that execute while the clock is stopped will increase
658 * any slippage between the time maintained by the RTOS and calendar
659 * time. */
660 __asm volatile ( "cpsid i" ::: "memory" );
661 __asm volatile ( "dsb" );
662 __asm volatile ( "isb" );
663
664 /* Disable the SysTick clock without reading the
665 * portNVIC_SYSTICK_CTRL_REG register to ensure the
666 * portNVIC_SYSTICK_COUNT_FLAG_BIT is not cleared if it is set. Again,
667 * the time the SysTick is stopped for is accounted for as best it can
668 * be, but using the tickless mode will inevitably result in some tiny
669 * drift of the time maintained by the kernel with respect to calendar
670 * time*/
671 portNVIC_SYSTICK_CTRL_REG = ( portNVIC_SYSTICK_CLK_BIT_CONFIG | portNVIC_SYSTICK_INT_BIT );
672
673 /* Determine whether the SysTick has already counted to zero. */
674 if( ( portNVIC_SYSTICK_CTRL_REG & portNVIC_SYSTICK_COUNT_FLAG_BIT ) != 0 )
675 {
676 uint32_t ulCalculatedLoadValue;
677
678 /* The tick interrupt ended the sleep (or is now pending), and
679 * a new tick period has started. Reset portNVIC_SYSTICK_LOAD_REG
680 * with whatever remains of the new tick period. */
681 ulCalculatedLoadValue = ( ulTimerCountsForOneTick - 1UL ) - ( ulReloadValue - portNVIC_SYSTICK_CURRENT_VALUE_REG );
682
683 /* Don't allow a tiny value, or values that have somehow
684 * underflowed because the post sleep hook did something
685 * that took too long or because the SysTick current-value register
686 * is zero. */
687 if( ( ulCalculatedLoadValue <= ulStoppedTimerCompensation ) || ( ulCalculatedLoadValue > ulTimerCountsForOneTick ) )
688 {
689 ulCalculatedLoadValue = ( ulTimerCountsForOneTick - 1UL );
690 }
691
692 portNVIC_SYSTICK_LOAD_REG = ulCalculatedLoadValue;
693
694 /* As the pending tick will be processed as soon as this
695 * function exits, the tick value maintained by the tick is stepped
696 * forward by one less than the time spent waiting. */
697 ulCompleteTickPeriods = xExpectedIdleTime - 1UL;
698 }
699 else
700 {
701 /* Something other than the tick interrupt ended the sleep. */
702
703 /* Use the SysTick current-value register to determine the
704 * number of SysTick decrements remaining until the expected idle
705 * time would have ended. */
706 ulSysTickDecrementsLeft = portNVIC_SYSTICK_CURRENT_VALUE_REG;
707 #if ( portNVIC_SYSTICK_CLK_BIT_CONFIG != portNVIC_SYSTICK_CLK_BIT )
708 {
709 /* If the SysTick is not using the core clock, the current-
710 * value register might still be zero here. In that case, the
711 * SysTick didn't load from the reload register, and there are
712 * ulReloadValue decrements remaining in the expected idle
713 * time, not zero. */
714 if( ulSysTickDecrementsLeft == 0 )
715 {
716 ulSysTickDecrementsLeft = ulReloadValue;
717 }
718 }
719 #endif /* portNVIC_SYSTICK_CLK_BIT_CONFIG */
720
721 /* Work out how long the sleep lasted rounded to complete tick
722 * periods (not the ulReload value which accounted for part
723 * ticks). */
724 ulCompletedSysTickDecrements = ( xExpectedIdleTime * ulTimerCountsForOneTick ) - ulSysTickDecrementsLeft;
725
726 /* How many complete tick periods passed while the processor
727 * was waiting? */
728 ulCompleteTickPeriods = ulCompletedSysTickDecrements / ulTimerCountsForOneTick;
729
730 /* The reload value is set to whatever fraction of a single tick
731 * period remains. */
732 portNVIC_SYSTICK_LOAD_REG = ( ( ulCompleteTickPeriods + 1UL ) * ulTimerCountsForOneTick ) - ulCompletedSysTickDecrements;
733 }
734
735 /* Restart SysTick so it runs from portNVIC_SYSTICK_LOAD_REG again,
736 * then set portNVIC_SYSTICK_LOAD_REG back to its standard value. If
737 * the SysTick is not using the core clock, temporarily configure it to
738 * use the core clock. This configuration forces the SysTick to load
739 * from portNVIC_SYSTICK_LOAD_REG immediately instead of at the next
740 * cycle of the other clock. Then portNVIC_SYSTICK_LOAD_REG is ready
741 * to receive the standard value immediately. */
742 portNVIC_SYSTICK_CURRENT_VALUE_REG = 0UL;
743 portNVIC_SYSTICK_CTRL_REG = portNVIC_SYSTICK_CLK_BIT | portNVIC_SYSTICK_INT_BIT | portNVIC_SYSTICK_ENABLE_BIT;
744 #if ( portNVIC_SYSTICK_CLK_BIT_CONFIG == portNVIC_SYSTICK_CLK_BIT )
745 {
746 portNVIC_SYSTICK_LOAD_REG = ulTimerCountsForOneTick - 1UL;
747 }
748 #else
749 {
750 /* The temporary usage of the core clock has served its purpose,
751 * as described above. Resume usage of the other clock. */
752 portNVIC_SYSTICK_CTRL_REG = portNVIC_SYSTICK_CLK_BIT | portNVIC_SYSTICK_INT_BIT;
753
754 if( ( portNVIC_SYSTICK_CTRL_REG & portNVIC_SYSTICK_COUNT_FLAG_BIT ) != 0 )
755 {
756 /* The partial tick period already ended. Be sure the SysTick
757 * counts it only once. */
758 portNVIC_SYSTICK_CURRENT_VALUE_REG = 0;
759 }
760
761 portNVIC_SYSTICK_LOAD_REG = ulTimerCountsForOneTick - 1UL;
762 portNVIC_SYSTICK_CTRL_REG = portNVIC_SYSTICK_CLK_BIT_CONFIG | portNVIC_SYSTICK_INT_BIT | portNVIC_SYSTICK_ENABLE_BIT;
763 }
764 #endif /* portNVIC_SYSTICK_CLK_BIT_CONFIG */
765
766 /* Step the tick to account for any tick periods that elapsed. */
767 vTaskStepTick( ulCompleteTickPeriods );
768
769 /* Exit with interrupts enabled. */
770 __asm volatile ( "cpsie i" ::: "memory" );
771 }
772 }
773 #endif /* configUSE_TICKLESS_IDLE */
774 /*-----------------------------------------------------------*/
775
vPortSetupTimerInterrupt(void)776 __attribute__( ( weak ) ) void vPortSetupTimerInterrupt( void ) /* PRIVILEGED_FUNCTION */
777 {
778 /* Calculate the constants required to configure the tick interrupt. */
779 #if ( configUSE_TICKLESS_IDLE == 1 )
780 {
781 ulTimerCountsForOneTick = ( configSYSTICK_CLOCK_HZ / configTICK_RATE_HZ );
782 xMaximumPossibleSuppressedTicks = portMAX_24_BIT_NUMBER / ulTimerCountsForOneTick;
783 ulStoppedTimerCompensation = portMISSED_COUNTS_FACTOR / ( configCPU_CLOCK_HZ / configSYSTICK_CLOCK_HZ );
784 }
785 #endif /* configUSE_TICKLESS_IDLE */
786
787 /* Stop and reset SysTick.
788 *
789 * QEMU versions older than 7.0.0 contain a bug which causes an error if we
790 * enable SysTick without first selecting a valid clock source. We trigger
791 * the bug if we change clock sources from a clock with a zero clock period
792 * to one with a nonzero clock period and enable Systick at the same time.
793 * So we configure the CLKSOURCE bit here, prior to setting the ENABLE bit.
794 * This workaround avoids the bug in QEMU versions older than 7.0.0. */
795 portNVIC_SYSTICK_CTRL_REG = portNVIC_SYSTICK_CLK_BIT_CONFIG;
796 portNVIC_SYSTICK_CURRENT_VALUE_REG = 0UL;
797
798 /* Configure SysTick to interrupt at the requested rate. */
799 portNVIC_SYSTICK_LOAD_REG = ( configSYSTICK_CLOCK_HZ / configTICK_RATE_HZ ) - 1UL;
800 portNVIC_SYSTICK_CTRL_REG = portNVIC_SYSTICK_CLK_BIT_CONFIG | portNVIC_SYSTICK_INT_BIT | portNVIC_SYSTICK_ENABLE_BIT;
801 }
802 /*-----------------------------------------------------------*/
803
prvTaskExitError(void)804 static void prvTaskExitError( void )
805 {
806 volatile uint32_t ulDummy = 0UL;
807
808 /* A function that implements a task must not exit or attempt to return to
809 * its caller as there is nothing to return to. If a task wants to exit it
810 * should instead call vTaskDelete( NULL ). Artificially force an assert()
811 * to be triggered if configASSERT() is defined, then stop here so
812 * application writers can catch the error. */
813 configASSERT( ulCriticalNesting == ~0UL );
814 portDISABLE_INTERRUPTS();
815
816 while( ulDummy == 0 )
817 {
818 /* This file calls prvTaskExitError() after the scheduler has been
819 * started to remove a compiler warning about the function being
820 * defined but never called. ulDummy is used purely to quieten other
821 * warnings about code appearing after this function is called - making
822 * ulDummy volatile makes the compiler think the function could return
823 * and therefore not output an 'unreachable code' warning for code that
824 * appears after it. */
825 }
826 }
827 /*-----------------------------------------------------------*/
828
829 #if ( configENABLE_MPU == 1 )
prvGetRegionAccessPermissions(uint32_t ulRBARValue)830 static uint32_t prvGetRegionAccessPermissions( uint32_t ulRBARValue ) /* PRIVILEGED_FUNCTION */
831 {
832 uint32_t ulAccessPermissions = 0;
833
834 if( ( ulRBARValue & portMPU_RBAR_ACCESS_PERMISSIONS_MASK ) == portMPU_REGION_READ_ONLY )
835 {
836 ulAccessPermissions = tskMPU_READ_PERMISSION;
837 }
838
839 if( ( ulRBARValue & portMPU_RBAR_ACCESS_PERMISSIONS_MASK ) == portMPU_REGION_READ_WRITE )
840 {
841 ulAccessPermissions = ( tskMPU_READ_PERMISSION | tskMPU_WRITE_PERMISSION );
842 }
843
844 return ulAccessPermissions;
845 }
846 #endif /* configENABLE_MPU */
847 /*-----------------------------------------------------------*/
848
849 #if ( configENABLE_MPU == 1 )
prvSetupMPU(void)850 static void prvSetupMPU( void ) /* PRIVILEGED_FUNCTION */
851 {
852 #if defined( __ARMCC_VERSION )
853
854 /* Declaration when these variable are defined in code instead of being
855 * exported from linker scripts. */
856 extern uint32_t * __privileged_functions_start__;
857 extern uint32_t * __privileged_functions_end__;
858 extern uint32_t * __syscalls_flash_start__;
859 extern uint32_t * __syscalls_flash_end__;
860 extern uint32_t * __unprivileged_flash_start__;
861 extern uint32_t * __unprivileged_flash_end__;
862 extern uint32_t * __privileged_sram_start__;
863 extern uint32_t * __privileged_sram_end__;
864 #else /* if defined( __ARMCC_VERSION ) */
865 /* Declaration when these variable are exported from linker scripts. */
866 extern uint32_t __privileged_functions_start__[];
867 extern uint32_t __privileged_functions_end__[];
868 extern uint32_t __syscalls_flash_start__[];
869 extern uint32_t __syscalls_flash_end__[];
870 extern uint32_t __unprivileged_flash_start__[];
871 extern uint32_t __unprivileged_flash_end__[];
872 extern uint32_t __privileged_sram_start__[];
873 extern uint32_t __privileged_sram_end__[];
874 #endif /* defined( __ARMCC_VERSION ) */
875
876 /* The only permitted number of regions are 8 or 16. */
877 configASSERT( ( configTOTAL_MPU_REGIONS == 8 ) || ( configTOTAL_MPU_REGIONS == 16 ) );
878
879 /* Ensure that the configTOTAL_MPU_REGIONS is configured correctly. */
880 configASSERT( portMPU_TYPE_REG == portEXPECTED_MPU_TYPE_VALUE );
881
882 /* Check that the MPU is present. */
883 if( portMPU_TYPE_REG == portEXPECTED_MPU_TYPE_VALUE )
884 {
885 /* MAIR0 - Index 0. */
886 portMPU_MAIR0_REG |= ( ( portMPU_NORMAL_MEMORY_BUFFERABLE_CACHEABLE << portMPU_MAIR_ATTR0_POS ) & portMPU_MAIR_ATTR0_MASK );
887 /* MAIR0 - Index 1. */
888 portMPU_MAIR0_REG |= ( ( portMPU_DEVICE_MEMORY_nGnRE << portMPU_MAIR_ATTR1_POS ) & portMPU_MAIR_ATTR1_MASK );
889
890 /* Setup privileged flash as Read Only so that privileged tasks can
891 * read it but not modify. */
892 portMPU_RNR_REG = portPRIVILEGED_FLASH_REGION;
893 portMPU_RBAR_REG = ( ( ( uint32_t ) __privileged_functions_start__ ) & portMPU_RBAR_ADDRESS_MASK ) |
894 ( portMPU_REGION_NON_SHAREABLE ) |
895 ( portMPU_REGION_PRIVILEGED_READ_ONLY );
896 portMPU_RLAR_REG = ( ( ( uint32_t ) __privileged_functions_end__ ) & portMPU_RLAR_ADDRESS_MASK ) |
897 ( portMPU_RLAR_ATTR_INDEX0 ) |
898 ( portMPU_RLAR_REGION_ENABLE );
899
900 /* Setup unprivileged flash as Read Only by both privileged and
901 * unprivileged tasks. All tasks can read it but no-one can modify. */
902 portMPU_RNR_REG = portUNPRIVILEGED_FLASH_REGION;
903 portMPU_RBAR_REG = ( ( ( uint32_t ) __unprivileged_flash_start__ ) & portMPU_RBAR_ADDRESS_MASK ) |
904 ( portMPU_REGION_NON_SHAREABLE ) |
905 ( portMPU_REGION_READ_ONLY );
906 portMPU_RLAR_REG = ( ( ( uint32_t ) __unprivileged_flash_end__ ) & portMPU_RLAR_ADDRESS_MASK ) |
907 ( portMPU_RLAR_ATTR_INDEX0 ) |
908 ( portMPU_RLAR_REGION_ENABLE );
909
910 /* Setup unprivileged syscalls flash as Read Only by both privileged
911 * and unprivileged tasks. All tasks can read it but no-one can modify. */
912 portMPU_RNR_REG = portUNPRIVILEGED_SYSCALLS_REGION;
913 portMPU_RBAR_REG = ( ( ( uint32_t ) __syscalls_flash_start__ ) & portMPU_RBAR_ADDRESS_MASK ) |
914 ( portMPU_REGION_NON_SHAREABLE ) |
915 ( portMPU_REGION_READ_ONLY );
916 portMPU_RLAR_REG = ( ( ( uint32_t ) __syscalls_flash_end__ ) & portMPU_RLAR_ADDRESS_MASK ) |
917 ( portMPU_RLAR_ATTR_INDEX0 ) |
918 ( portMPU_RLAR_REGION_ENABLE );
919
920 /* Setup RAM containing kernel data for privileged access only. */
921 portMPU_RNR_REG = portPRIVILEGED_RAM_REGION;
922 portMPU_RBAR_REG = ( ( ( uint32_t ) __privileged_sram_start__ ) & portMPU_RBAR_ADDRESS_MASK ) |
923 ( portMPU_REGION_NON_SHAREABLE ) |
924 ( portMPU_REGION_PRIVILEGED_READ_WRITE ) |
925 ( portMPU_REGION_EXECUTE_NEVER );
926 portMPU_RLAR_REG = ( ( ( uint32_t ) __privileged_sram_end__ ) & portMPU_RLAR_ADDRESS_MASK ) |
927 ( portMPU_RLAR_ATTR_INDEX0 ) |
928 ( portMPU_RLAR_REGION_ENABLE );
929
930 /* Enable mem fault. */
931 portSCB_SYS_HANDLER_CTRL_STATE_REG |= portSCB_MEM_FAULT_ENABLE_BIT;
932
933 /* Enable MPU with privileged background access i.e. unmapped
934 * regions have privileged access. */
935 portMPU_CTRL_REG |= ( portMPU_PRIV_BACKGROUND_ENABLE_BIT | portMPU_ENABLE_BIT );
936 }
937 }
938 #endif /* configENABLE_MPU */
939 /*-----------------------------------------------------------*/
940
941 #if ( configENABLE_FPU == 1 )
prvSetupFPU(void)942 static void prvSetupFPU( void ) /* PRIVILEGED_FUNCTION */
943 {
944 #if ( configENABLE_TRUSTZONE == 1 )
945 {
946 /* Enable non-secure access to the FPU. */
947 SecureInit_EnableNSFPUAccess();
948 }
949 #endif /* configENABLE_TRUSTZONE */
950
951 /* CP10 = 11 ==> Full access to FPU i.e. both privileged and
952 * unprivileged code should be able to access FPU. CP11 should be
953 * programmed to the same value as CP10. */
954 *( portCPACR ) |= ( ( portCPACR_CP10_VALUE << portCPACR_CP10_POS ) |
955 ( portCPACR_CP11_VALUE << portCPACR_CP11_POS )
956 );
957
958 /* ASPEN = 1 ==> Hardware should automatically preserve floating point
959 * context on exception entry and restore on exception return.
960 * LSPEN = 1 ==> Enable lazy context save of FP state. */
961 *( portFPCCR ) |= ( portFPCCR_ASPEN_MASK | portFPCCR_LSPEN_MASK );
962 }
963 #endif /* configENABLE_FPU */
964 /*-----------------------------------------------------------*/
965
vPortYield(void)966 void vPortYield( void ) /* PRIVILEGED_FUNCTION */
967 {
968 /* Set a PendSV to request a context switch. */
969 portNVIC_INT_CTRL_REG = portNVIC_PENDSVSET_BIT;
970
971 /* Barriers are normally not required but do ensure the code is
972 * completely within the specified behaviour for the architecture. */
973 __asm volatile ( "dsb" ::: "memory" );
974 __asm volatile ( "isb" );
975 }
976 /*-----------------------------------------------------------*/
977
vPortEnterCritical(void)978 void vPortEnterCritical( void ) /* PRIVILEGED_FUNCTION */
979 {
980 portDISABLE_INTERRUPTS();
981 ulCriticalNesting++;
982
983 /* Barriers are normally not required but do ensure the code is
984 * completely within the specified behaviour for the architecture. */
985 __asm volatile ( "dsb" ::: "memory" );
986 __asm volatile ( "isb" );
987 }
988 /*-----------------------------------------------------------*/
989
vPortExitCritical(void)990 void vPortExitCritical( void ) /* PRIVILEGED_FUNCTION */
991 {
992 configASSERT( ulCriticalNesting );
993 ulCriticalNesting--;
994
995 if( ulCriticalNesting == 0 )
996 {
997 portENABLE_INTERRUPTS();
998 }
999 }
1000 /*-----------------------------------------------------------*/
1001
SysTick_Handler(void)1002 void SysTick_Handler( void ) /* PRIVILEGED_FUNCTION */
1003 {
1004 uint32_t ulPreviousMask;
1005
1006 ulPreviousMask = portSET_INTERRUPT_MASK_FROM_ISR();
1007 traceISR_ENTER();
1008 {
1009 /* Increment the RTOS tick. */
1010 if( xTaskIncrementTick() != pdFALSE )
1011 {
1012 traceISR_EXIT_TO_SCHEDULER();
1013 /* Pend a context switch. */
1014 portNVIC_INT_CTRL_REG = portNVIC_PENDSVSET_BIT;
1015 }
1016 else
1017 {
1018 traceISR_EXIT();
1019 }
1020 }
1021 portCLEAR_INTERRUPT_MASK_FROM_ISR( ulPreviousMask );
1022 }
1023 /*-----------------------------------------------------------*/
1024
vPortSVCHandler_C(uint32_t * pulCallerStackAddress)1025 void vPortSVCHandler_C( uint32_t * pulCallerStackAddress ) /* PRIVILEGED_FUNCTION portDONT_DISCARD */
1026 {
1027 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 1 ) )
1028 #if defined( __ARMCC_VERSION )
1029
1030 /* Declaration when these variable are defined in code instead of being
1031 * exported from linker scripts. */
1032 extern uint32_t * __syscalls_flash_start__;
1033 extern uint32_t * __syscalls_flash_end__;
1034 #else
1035 /* Declaration when these variable are exported from linker scripts. */
1036 extern uint32_t __syscalls_flash_start__[];
1037 extern uint32_t __syscalls_flash_end__[];
1038 #endif /* defined( __ARMCC_VERSION ) */
1039 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 1 ) */
1040
1041 uint32_t ulPC;
1042
1043 #if ( configENABLE_TRUSTZONE == 1 )
1044 uint32_t ulR0, ulR1;
1045 extern TaskHandle_t pxCurrentTCB;
1046 #if ( configENABLE_MPU == 1 )
1047 uint32_t ulControl, ulIsTaskPrivileged;
1048 #endif /* configENABLE_MPU */
1049 #endif /* configENABLE_TRUSTZONE */
1050 uint8_t ucSVCNumber;
1051
1052 /* Register are stored on the stack in the following order - R0, R1, R2, R3,
1053 * R12, LR, PC, xPSR. */
1054 ulPC = pulCallerStackAddress[ portOFFSET_TO_PC ];
1055 ucSVCNumber = ( ( uint8_t * ) ulPC )[ -2 ];
1056
1057 switch( ucSVCNumber )
1058 {
1059 #if ( configENABLE_TRUSTZONE == 1 )
1060 case portSVC_ALLOCATE_SECURE_CONTEXT:
1061
1062 /* R0 contains the stack size passed as parameter to the
1063 * vPortAllocateSecureContext function. */
1064 ulR0 = pulCallerStackAddress[ 0 ];
1065
1066 #if ( configENABLE_MPU == 1 )
1067 {
1068 /* Read the CONTROL register value. */
1069 __asm volatile ( "mrs %0, control" : "=r" ( ulControl ) );
1070
1071 /* The task that raised the SVC is privileged if Bit[0]
1072 * in the CONTROL register is 0. */
1073 ulIsTaskPrivileged = ( ( ulControl & portCONTROL_PRIVILEGED_MASK ) == 0 );
1074
1075 /* Allocate and load a context for the secure task. */
1076 xSecureContext = SecureContext_AllocateContext( ulR0, ulIsTaskPrivileged, pxCurrentTCB );
1077 }
1078 #else /* if ( configENABLE_MPU == 1 ) */
1079 {
1080 /* Allocate and load a context for the secure task. */
1081 xSecureContext = SecureContext_AllocateContext( ulR0, pxCurrentTCB );
1082 }
1083 #endif /* configENABLE_MPU */
1084
1085 configASSERT( xSecureContext != securecontextINVALID_CONTEXT_ID );
1086 SecureContext_LoadContext( xSecureContext, pxCurrentTCB );
1087 break;
1088
1089 case portSVC_FREE_SECURE_CONTEXT:
1090
1091 /* R0 contains TCB being freed and R1 contains the secure
1092 * context handle to be freed. */
1093 ulR0 = pulCallerStackAddress[ 0 ];
1094 ulR1 = pulCallerStackAddress[ 1 ];
1095
1096 /* Free the secure context. */
1097 SecureContext_FreeContext( ( SecureContextHandle_t ) ulR1, ( void * ) ulR0 );
1098 break;
1099 #endif /* configENABLE_TRUSTZONE */
1100
1101 case portSVC_START_SCHEDULER:
1102 #if ( configENABLE_TRUSTZONE == 1 )
1103 {
1104 /* De-prioritize the non-secure exceptions so that the
1105 * non-secure pendSV runs at the lowest priority. */
1106 SecureInit_DePrioritizeNSExceptions();
1107
1108 /* Initialize the secure context management system. */
1109 SecureContext_Init();
1110 }
1111 #endif /* configENABLE_TRUSTZONE */
1112
1113 #if ( configENABLE_FPU == 1 )
1114 {
1115 /* Setup the Floating Point Unit (FPU). */
1116 prvSetupFPU();
1117 }
1118 #endif /* configENABLE_FPU */
1119
1120 /* Setup the context of the first task so that the first task starts
1121 * executing. */
1122 vRestoreContextOfFirstTask();
1123 break;
1124
1125 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 1 ) )
1126 case portSVC_RAISE_PRIVILEGE:
1127
1128 /* Only raise the privilege, if the svc was raised from any of
1129 * the system calls. */
1130 if( ( ulPC >= ( uint32_t ) __syscalls_flash_start__ ) &&
1131 ( ulPC <= ( uint32_t ) __syscalls_flash_end__ ) )
1132 {
1133 vRaisePrivilege();
1134 }
1135 break;
1136 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 1 ) */
1137
1138 #if ( configENABLE_MPU == 1 )
1139 case portSVC_YIELD:
1140 vPortYield();
1141 break;
1142 #endif /* configENABLE_MPU == 1 */
1143
1144 default:
1145 /* Incorrect SVC call. */
1146 configASSERT( pdFALSE );
1147 }
1148 }
1149 /*-----------------------------------------------------------*/
1150
1151 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
1152
vSystemCallEnter(uint32_t * pulTaskStack,uint32_t ulLR,uint8_t ucSystemCallNumber)1153 void vSystemCallEnter( uint32_t * pulTaskStack,
1154 uint32_t ulLR,
1155 uint8_t ucSystemCallNumber ) /* PRIVILEGED_FUNCTION */
1156 {
1157 extern TaskHandle_t pxCurrentTCB;
1158 extern UBaseType_t uxSystemCallImplementations[ NUM_SYSTEM_CALLS ];
1159 xMPU_SETTINGS * pxMpuSettings;
1160 uint32_t * pulSystemCallStack;
1161 uint32_t ulStackFrameSize, ulSystemCallLocation, i;
1162
1163 #if defined( __ARMCC_VERSION )
1164 /* Declaration when these variable are defined in code instead of being
1165 * exported from linker scripts. */
1166 extern uint32_t * __syscalls_flash_start__;
1167 extern uint32_t * __syscalls_flash_end__;
1168 #else
1169 /* Declaration when these variable are exported from linker scripts. */
1170 extern uint32_t __syscalls_flash_start__[];
1171 extern uint32_t __syscalls_flash_end__[];
1172 #endif /* #if defined( __ARMCC_VERSION ) */
1173
1174 ulSystemCallLocation = pulTaskStack[ portOFFSET_TO_PC ];
1175 pxMpuSettings = xTaskGetMPUSettings( pxCurrentTCB );
1176
1177 /* Checks:
1178 * 1. SVC is raised from the system call section (i.e. application is
1179 * not raising SVC directly).
1180 * 2. pxMpuSettings->xSystemCallStackInfo.pulTaskStack must be NULL as
1181 * it is non-NULL only during the execution of a system call (i.e.
1182 * between system call enter and exit).
1183 * 3. System call is not for a kernel API disabled by the configuration
1184 * in FreeRTOSConfig.h.
1185 * 4. We do not need to check that ucSystemCallNumber is within range
1186 * because the assembly SVC handler checks that before calling
1187 * this function.
1188 */
1189 if( ( ulSystemCallLocation >= ( uint32_t ) __syscalls_flash_start__ ) &&
1190 ( ulSystemCallLocation <= ( uint32_t ) __syscalls_flash_end__ ) &&
1191 ( pxMpuSettings->xSystemCallStackInfo.pulTaskStack == NULL ) &&
1192 ( uxSystemCallImplementations[ ucSystemCallNumber ] != ( UBaseType_t ) 0 ) )
1193 {
1194 pulSystemCallStack = pxMpuSettings->xSystemCallStackInfo.pulSystemCallStack;
1195
1196 #if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) )
1197 {
1198 if( ( ulLR & portEXC_RETURN_STACK_FRAME_TYPE_MASK ) == 0UL )
1199 {
1200 /* Extended frame i.e. FPU in use. */
1201 ulStackFrameSize = 26;
1202 __asm volatile (
1203 " vpush {s0} \n" /* Trigger lazy stacking. */
1204 " vpop {s0} \n" /* Nullify the affect of the above instruction. */
1205 ::: "memory"
1206 );
1207 }
1208 else
1209 {
1210 /* Standard frame i.e. FPU not in use. */
1211 ulStackFrameSize = 8;
1212 }
1213 }
1214 #else /* if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) ) */
1215 {
1216 ulStackFrameSize = 8;
1217 }
1218 #endif /* configENABLE_FPU || configENABLE_MVE */
1219
1220 /* Make space on the system call stack for the stack frame. */
1221 pulSystemCallStack = pulSystemCallStack - ulStackFrameSize;
1222
1223 /* Copy the stack frame. */
1224 for( i = 0; i < ulStackFrameSize; i++ )
1225 {
1226 pulSystemCallStack[ i ] = pulTaskStack[ i ];
1227 }
1228
1229 /* Store the value of the Link Register before the SVC was raised.
1230 * It contains the address of the caller of the System Call entry
1231 * point (i.e. the caller of the MPU_<API>). We need to restore it
1232 * when we exit from the system call. */
1233 pxMpuSettings->xSystemCallStackInfo.ulLinkRegisterAtSystemCallEntry = pulTaskStack[ portOFFSET_TO_LR ];
1234 /* Store the value of the PSPLIM register before the SVC was raised.
1235 * We need to restore it when we exit from the system call. */
1236 #if ( portUSE_PSPLIM_REGISTER == 1 )
1237 {
1238 __asm volatile ( "mrs %0, psplim" : "=r" ( pxMpuSettings->xSystemCallStackInfo.ulStackLimitRegisterAtSystemCallEntry ) );
1239 }
1240 #endif
1241
1242 /* Use the pulSystemCallStack in thread mode. */
1243 __asm volatile ( "msr psp, %0" : : "r" ( pulSystemCallStack ) );
1244 #if ( portUSE_PSPLIM_REGISTER == 1 )
1245 {
1246 __asm volatile ( "msr psplim, %0" : : "r" ( pxMpuSettings->xSystemCallStackInfo.pulSystemCallStackLimit ) );
1247 }
1248 #endif
1249
1250 /* Start executing the system call upon returning from this handler. */
1251 pulSystemCallStack[ portOFFSET_TO_PC ] = uxSystemCallImplementations[ ucSystemCallNumber ];
1252 /* Raise a request to exit from the system call upon finishing the
1253 * system call. */
1254 pulSystemCallStack[ portOFFSET_TO_LR ] = ( uint32_t ) vRequestSystemCallExit;
1255
1256 /* Remember the location where we should copy the stack frame when we exit from
1257 * the system call. */
1258 pxMpuSettings->xSystemCallStackInfo.pulTaskStack = pulTaskStack + ulStackFrameSize;
1259
1260 /* Record if the hardware used padding to force the stack pointer
1261 * to be double word aligned. */
1262 if( ( pulTaskStack[ portOFFSET_TO_PSR ] & portPSR_STACK_PADDING_MASK ) == portPSR_STACK_PADDING_MASK )
1263 {
1264 pxMpuSettings->ulTaskFlags |= portSTACK_FRAME_HAS_PADDING_FLAG;
1265 }
1266 else
1267 {
1268 pxMpuSettings->ulTaskFlags &= ( ~portSTACK_FRAME_HAS_PADDING_FLAG );
1269 }
1270
1271 /* We ensure in pxPortInitialiseStack that the system call stack is
1272 * double word aligned and therefore, there is no need of padding.
1273 * Clear the bit[9] of stacked xPSR. */
1274 pulSystemCallStack[ portOFFSET_TO_PSR ] &= ( ~portPSR_STACK_PADDING_MASK );
1275
1276 /* Raise the privilege for the duration of the system call. */
1277 __asm volatile (
1278 " mrs r0, control \n" /* Obtain current control value. */
1279 " movs r1, #1 \n" /* r1 = 1. */
1280 " bics r0, r1 \n" /* Clear nPRIV bit. */
1281 " msr control, r0 \n" /* Write back new control value. */
1282 ::: "r0", "r1", "memory"
1283 );
1284 }
1285 }
1286
1287 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
1288 /*-----------------------------------------------------------*/
1289
1290 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
1291
vRequestSystemCallExit(void)1292 void vRequestSystemCallExit( void ) /* __attribute__( ( naked ) ) PRIVILEGED_FUNCTION */
1293 {
1294 __asm volatile ( "svc %0 \n" ::"i" ( portSVC_SYSTEM_CALL_EXIT ) : "memory" );
1295 }
1296
1297 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
1298 /*-----------------------------------------------------------*/
1299
1300 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
1301
vSystemCallExit(uint32_t * pulSystemCallStack,uint32_t ulLR)1302 void vSystemCallExit( uint32_t * pulSystemCallStack,
1303 uint32_t ulLR ) /* PRIVILEGED_FUNCTION */
1304 {
1305 extern TaskHandle_t pxCurrentTCB;
1306 xMPU_SETTINGS * pxMpuSettings;
1307 uint32_t * pulTaskStack;
1308 uint32_t ulStackFrameSize, ulSystemCallLocation, i;
1309
1310 #if defined( __ARMCC_VERSION )
1311 /* Declaration when these variable are defined in code instead of being
1312 * exported from linker scripts. */
1313 extern uint32_t * __privileged_functions_start__;
1314 extern uint32_t * __privileged_functions_end__;
1315 #else
1316 /* Declaration when these variable are exported from linker scripts. */
1317 extern uint32_t __privileged_functions_start__[];
1318 extern uint32_t __privileged_functions_end__[];
1319 #endif /* #if defined( __ARMCC_VERSION ) */
1320
1321 ulSystemCallLocation = pulSystemCallStack[ portOFFSET_TO_PC ];
1322 pxMpuSettings = xTaskGetMPUSettings( pxCurrentTCB );
1323
1324 /* Checks:
1325 * 1. SVC is raised from the privileged code (i.e. application is not
1326 * raising SVC directly). This SVC is only raised from
1327 * vRequestSystemCallExit which is in the privileged code section.
1328 * 2. pxMpuSettings->xSystemCallStackInfo.pulTaskStack must not be NULL -
1329 * this means that we previously entered a system call and the
1330 * application is not attempting to exit without entering a system
1331 * call.
1332 */
1333 if( ( ulSystemCallLocation >= ( uint32_t ) __privileged_functions_start__ ) &&
1334 ( ulSystemCallLocation <= ( uint32_t ) __privileged_functions_end__ ) &&
1335 ( pxMpuSettings->xSystemCallStackInfo.pulTaskStack != NULL ) )
1336 {
1337 pulTaskStack = pxMpuSettings->xSystemCallStackInfo.pulTaskStack;
1338
1339 #if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) )
1340 {
1341 if( ( ulLR & portEXC_RETURN_STACK_FRAME_TYPE_MASK ) == 0UL )
1342 {
1343 /* Extended frame i.e. FPU in use. */
1344 ulStackFrameSize = 26;
1345 __asm volatile (
1346 " vpush {s0} \n" /* Trigger lazy stacking. */
1347 " vpop {s0} \n" /* Nullify the affect of the above instruction. */
1348 ::: "memory"
1349 );
1350 }
1351 else
1352 {
1353 /* Standard frame i.e. FPU not in use. */
1354 ulStackFrameSize = 8;
1355 }
1356 }
1357 #else /* if ( ( configENABLE_FPU == 1 ) || ( configENABLE_MVE == 1 ) ) */
1358 {
1359 ulStackFrameSize = 8;
1360 }
1361 #endif /* configENABLE_FPU || configENABLE_MVE */
1362
1363 /* Make space on the task stack for the stack frame. */
1364 pulTaskStack = pulTaskStack - ulStackFrameSize;
1365
1366 /* Copy the stack frame. */
1367 for( i = 0; i < ulStackFrameSize; i++ )
1368 {
1369 pulTaskStack[ i ] = pulSystemCallStack[ i ];
1370 }
1371
1372 /* Use the pulTaskStack in thread mode. */
1373 __asm volatile ( "msr psp, %0" : : "r" ( pulTaskStack ) );
1374
1375 /* Return to the caller of the System Call entry point (i.e. the
1376 * caller of the MPU_<API>). */
1377 pulTaskStack[ portOFFSET_TO_PC ] = pxMpuSettings->xSystemCallStackInfo.ulLinkRegisterAtSystemCallEntry;
1378 /* Ensure that LR has a valid value.*/
1379 pulTaskStack[ portOFFSET_TO_LR ] = pxMpuSettings->xSystemCallStackInfo.ulLinkRegisterAtSystemCallEntry;
1380
1381 /* Restore the PSPLIM register to what it was at the time of
1382 * system call entry. */
1383 #if ( portUSE_PSPLIM_REGISTER == 1 )
1384 {
1385 __asm volatile ( "msr psplim, %0" : : "r" ( pxMpuSettings->xSystemCallStackInfo.ulStackLimitRegisterAtSystemCallEntry ) );
1386 }
1387 #endif
1388
1389 /* If the hardware used padding to force the stack pointer
1390 * to be double word aligned, set the stacked xPSR bit[9],
1391 * otherwise clear it. */
1392 if( ( pxMpuSettings->ulTaskFlags & portSTACK_FRAME_HAS_PADDING_FLAG ) == portSTACK_FRAME_HAS_PADDING_FLAG )
1393 {
1394 pulTaskStack[ portOFFSET_TO_PSR ] |= portPSR_STACK_PADDING_MASK;
1395 }
1396 else
1397 {
1398 pulTaskStack[ portOFFSET_TO_PSR ] &= ( ~portPSR_STACK_PADDING_MASK );
1399 }
1400
1401 /* This is not NULL only for the duration of the system call. */
1402 pxMpuSettings->xSystemCallStackInfo.pulTaskStack = NULL;
1403
1404 /* Drop the privilege before returning to the thread mode. */
1405 __asm volatile (
1406 " mrs r0, control \n" /* Obtain current control value. */
1407 " movs r1, #1 \n" /* r1 = 1. */
1408 " orrs r0, r1 \n" /* Set nPRIV bit. */
1409 " msr control, r0 \n" /* Write back new control value. */
1410 ::: "r0", "r1", "memory"
1411 );
1412 }
1413 }
1414
1415 #endif /* ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) */
1416 /*-----------------------------------------------------------*/
1417
1418 #if ( configENABLE_MPU == 1 )
1419
xPortIsTaskPrivileged(void)1420 BaseType_t xPortIsTaskPrivileged( void ) /* PRIVILEGED_FUNCTION */
1421 {
1422 BaseType_t xTaskIsPrivileged = pdFALSE;
1423 const xMPU_SETTINGS * xTaskMpuSettings = xTaskGetMPUSettings( NULL ); /* Calling task's MPU settings. */
1424
1425 if( ( xTaskMpuSettings->ulTaskFlags & portTASK_IS_PRIVILEGED_FLAG ) == portTASK_IS_PRIVILEGED_FLAG )
1426 {
1427 xTaskIsPrivileged = pdTRUE;
1428 }
1429
1430 return xTaskIsPrivileged;
1431 }
1432
1433 #endif /* configENABLE_MPU == 1 */
1434 /*-----------------------------------------------------------*/
1435
1436 #if ( configENABLE_MPU == 1 )
1437
pxPortInitialiseStack(StackType_t * pxTopOfStack,StackType_t * pxEndOfStack,TaskFunction_t pxCode,void * pvParameters,BaseType_t xRunPrivileged,xMPU_SETTINGS * xMPUSettings)1438 StackType_t * pxPortInitialiseStack( StackType_t * pxTopOfStack,
1439 StackType_t * pxEndOfStack,
1440 TaskFunction_t pxCode,
1441 void * pvParameters,
1442 BaseType_t xRunPrivileged,
1443 xMPU_SETTINGS * xMPUSettings ) /* PRIVILEGED_FUNCTION */
1444 {
1445 uint32_t ulIndex = 0;
1446
1447 xMPUSettings->ulContext[ ulIndex ] = 0x04040404; /* r4. */
1448 ulIndex++;
1449 xMPUSettings->ulContext[ ulIndex ] = 0x05050505; /* r5. */
1450 ulIndex++;
1451 xMPUSettings->ulContext[ ulIndex ] = 0x06060606; /* r6. */
1452 ulIndex++;
1453 xMPUSettings->ulContext[ ulIndex ] = 0x07070707; /* r7. */
1454 ulIndex++;
1455 xMPUSettings->ulContext[ ulIndex ] = 0x08080808; /* r8. */
1456 ulIndex++;
1457 xMPUSettings->ulContext[ ulIndex ] = 0x09090909; /* r9. */
1458 ulIndex++;
1459 xMPUSettings->ulContext[ ulIndex ] = 0x10101010; /* r10. */
1460 ulIndex++;
1461 xMPUSettings->ulContext[ ulIndex ] = 0x11111111; /* r11. */
1462 ulIndex++;
1463
1464 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) pvParameters; /* r0. */
1465 ulIndex++;
1466 xMPUSettings->ulContext[ ulIndex ] = 0x01010101; /* r1. */
1467 ulIndex++;
1468 xMPUSettings->ulContext[ ulIndex ] = 0x02020202; /* r2. */
1469 ulIndex++;
1470 xMPUSettings->ulContext[ ulIndex ] = 0x03030303; /* r3. */
1471 ulIndex++;
1472 xMPUSettings->ulContext[ ulIndex ] = 0x12121212; /* r12. */
1473 ulIndex++;
1474 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) portTASK_RETURN_ADDRESS; /* LR. */
1475 ulIndex++;
1476 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) pxCode; /* PC. */
1477 ulIndex++;
1478 xMPUSettings->ulContext[ ulIndex ] = portINITIAL_XPSR; /* xPSR. */
1479 ulIndex++;
1480
1481 #if ( configENABLE_TRUSTZONE == 1 )
1482 {
1483 xMPUSettings->ulContext[ ulIndex ] = portNO_SECURE_CONTEXT; /* xSecureContext. */
1484 ulIndex++;
1485 }
1486 #endif /* configENABLE_TRUSTZONE */
1487 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) ( pxTopOfStack - 8 ); /* PSP with the hardware saved stack. */
1488 ulIndex++;
1489 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) pxEndOfStack; /* PSPLIM. */
1490 ulIndex++;
1491
1492 if( xRunPrivileged == pdTRUE )
1493 {
1494 xMPUSettings->ulTaskFlags |= portTASK_IS_PRIVILEGED_FLAG;
1495 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) portINITIAL_CONTROL_PRIVILEGED; /* CONTROL. */
1496 ulIndex++;
1497 }
1498 else
1499 {
1500 xMPUSettings->ulTaskFlags &= ( ~portTASK_IS_PRIVILEGED_FLAG );
1501 xMPUSettings->ulContext[ ulIndex ] = ( uint32_t ) portINITIAL_CONTROL_UNPRIVILEGED; /* CONTROL. */
1502 ulIndex++;
1503 }
1504
1505 xMPUSettings->ulContext[ ulIndex ] = portINITIAL_EXC_RETURN; /* LR (EXC_RETURN). */
1506 ulIndex++;
1507
1508 #if ( configUSE_MPU_WRAPPERS_V1 == 0 )
1509 {
1510 /* Ensure that the system call stack is double word aligned. */
1511 xMPUSettings->xSystemCallStackInfo.pulSystemCallStack = &( xMPUSettings->xSystemCallStackInfo.ulSystemCallStackBuffer[ configSYSTEM_CALL_STACK_SIZE - 1 ] );
1512 xMPUSettings->xSystemCallStackInfo.pulSystemCallStack = ( uint32_t * ) ( ( uint32_t ) ( xMPUSettings->xSystemCallStackInfo.pulSystemCallStack ) &
1513 ( uint32_t ) ( ~( portBYTE_ALIGNMENT_MASK ) ) );
1514
1515 xMPUSettings->xSystemCallStackInfo.pulSystemCallStackLimit = &( xMPUSettings->xSystemCallStackInfo.ulSystemCallStackBuffer[ 0 ] );
1516 xMPUSettings->xSystemCallStackInfo.pulSystemCallStackLimit = ( uint32_t * ) ( ( ( uint32_t ) ( xMPUSettings->xSystemCallStackInfo.pulSystemCallStackLimit ) +
1517 ( uint32_t ) ( portBYTE_ALIGNMENT - 1 ) ) &
1518 ( uint32_t ) ( ~( portBYTE_ALIGNMENT_MASK ) ) );
1519
1520 /* This is not NULL only for the duration of a system call. */
1521 xMPUSettings->xSystemCallStackInfo.pulTaskStack = NULL;
1522 }
1523 #endif /* configUSE_MPU_WRAPPERS_V1 == 0 */
1524
1525 return &( xMPUSettings->ulContext[ ulIndex ] );
1526 }
1527
1528 #else /* configENABLE_MPU */
1529
pxPortInitialiseStack(StackType_t * pxTopOfStack,StackType_t * pxEndOfStack,TaskFunction_t pxCode,void * pvParameters)1530 StackType_t * pxPortInitialiseStack( StackType_t * pxTopOfStack,
1531 StackType_t * pxEndOfStack,
1532 TaskFunction_t pxCode,
1533 void * pvParameters ) /* PRIVILEGED_FUNCTION */
1534 {
1535 /* Simulate the stack frame as it would be created by a context switch
1536 * interrupt. */
1537 #if ( portPRELOAD_REGISTERS == 0 )
1538 {
1539 pxTopOfStack--; /* Offset added to account for the way the MCU uses the stack on entry/exit of interrupts. */
1540 *pxTopOfStack = portINITIAL_XPSR; /* xPSR. */
1541 pxTopOfStack--;
1542 *pxTopOfStack = ( StackType_t ) pxCode; /* PC. */
1543 pxTopOfStack--;
1544 *pxTopOfStack = ( StackType_t ) portTASK_RETURN_ADDRESS; /* LR. */
1545 pxTopOfStack -= 5; /* R12, R3, R2 and R1. */
1546 *pxTopOfStack = ( StackType_t ) pvParameters; /* R0. */
1547 pxTopOfStack -= 9; /* R11..R4, EXC_RETURN. */
1548 *pxTopOfStack = portINITIAL_EXC_RETURN;
1549 pxTopOfStack--;
1550 *pxTopOfStack = ( StackType_t ) pxEndOfStack; /* Slot used to hold this task's PSPLIM value. */
1551
1552 #if ( configENABLE_TRUSTZONE == 1 )
1553 {
1554 pxTopOfStack--;
1555 *pxTopOfStack = portNO_SECURE_CONTEXT; /* Slot used to hold this task's xSecureContext value. */
1556 }
1557 #endif /* configENABLE_TRUSTZONE */
1558 }
1559 #else /* portPRELOAD_REGISTERS */
1560 {
1561 pxTopOfStack--; /* Offset added to account for the way the MCU uses the stack on entry/exit of interrupts. */
1562 *pxTopOfStack = portINITIAL_XPSR; /* xPSR. */
1563 pxTopOfStack--;
1564 *pxTopOfStack = ( StackType_t ) pxCode; /* PC. */
1565 pxTopOfStack--;
1566 *pxTopOfStack = ( StackType_t ) portTASK_RETURN_ADDRESS; /* LR. */
1567 pxTopOfStack--;
1568 *pxTopOfStack = ( StackType_t ) 0x12121212UL; /* R12. */
1569 pxTopOfStack--;
1570 *pxTopOfStack = ( StackType_t ) 0x03030303UL; /* R3. */
1571 pxTopOfStack--;
1572 *pxTopOfStack = ( StackType_t ) 0x02020202UL; /* R2. */
1573 pxTopOfStack--;
1574 *pxTopOfStack = ( StackType_t ) 0x01010101UL; /* R1. */
1575 pxTopOfStack--;
1576 *pxTopOfStack = ( StackType_t ) pvParameters; /* R0. */
1577 pxTopOfStack--;
1578 *pxTopOfStack = ( StackType_t ) 0x11111111UL; /* R11. */
1579 pxTopOfStack--;
1580 *pxTopOfStack = ( StackType_t ) 0x10101010UL; /* R10. */
1581 pxTopOfStack--;
1582 *pxTopOfStack = ( StackType_t ) 0x09090909UL; /* R09. */
1583 pxTopOfStack--;
1584 *pxTopOfStack = ( StackType_t ) 0x08080808UL; /* R08. */
1585 pxTopOfStack--;
1586 *pxTopOfStack = ( StackType_t ) 0x07070707UL; /* R07. */
1587 pxTopOfStack--;
1588 *pxTopOfStack = ( StackType_t ) 0x06060606UL; /* R06. */
1589 pxTopOfStack--;
1590 *pxTopOfStack = ( StackType_t ) 0x05050505UL; /* R05. */
1591 pxTopOfStack--;
1592 *pxTopOfStack = ( StackType_t ) 0x04040404UL; /* R04. */
1593 pxTopOfStack--;
1594 *pxTopOfStack = portINITIAL_EXC_RETURN; /* EXC_RETURN. */
1595 pxTopOfStack--;
1596 *pxTopOfStack = ( StackType_t ) pxEndOfStack; /* Slot used to hold this task's PSPLIM value. */
1597
1598 #if ( configENABLE_TRUSTZONE == 1 )
1599 {
1600 pxTopOfStack--;
1601 *pxTopOfStack = portNO_SECURE_CONTEXT; /* Slot used to hold this task's xSecureContext value. */
1602 }
1603 #endif /* configENABLE_TRUSTZONE */
1604 }
1605 #endif /* portPRELOAD_REGISTERS */
1606
1607 return pxTopOfStack;
1608 }
1609
1610 #endif /* configENABLE_MPU */
1611 /*-----------------------------------------------------------*/
1612
xPortStartScheduler(void)1613 BaseType_t xPortStartScheduler( void ) /* PRIVILEGED_FUNCTION */
1614 {
1615 /* An application can install FreeRTOS interrupt handlers in one of the
1616 * folllowing ways:
1617 * 1. Direct Routing - Install the functions SVC_Handler and PendSV_Handler
1618 * for SVCall and PendSV interrupts respectively.
1619 * 2. Indirect Routing - Install separate handlers for SVCall and PendSV
1620 * interrupts and route program control from those handlers to
1621 * SVC_Handler and PendSV_Handler functions.
1622 *
1623 * Applications that use Indirect Routing must set
1624 * configCHECK_HANDLER_INSTALLATION to 0 in their FreeRTOSConfig.h. Direct
1625 * routing, which is validated here when configCHECK_HANDLER_INSTALLATION
1626 * is 1, should be preferred when possible. */
1627 #if ( configCHECK_HANDLER_INSTALLATION == 1 )
1628 {
1629 const portISR_t * const pxVectorTable = portSCB_VTOR_REG;
1630
1631 /* Validate that the application has correctly installed the FreeRTOS
1632 * handlers for SVCall and PendSV interrupts. We do not check the
1633 * installation of the SysTick handler because the application may
1634 * choose to drive the RTOS tick using a timer other than the SysTick
1635 * timer by overriding the weak function vPortSetupTimerInterrupt().
1636 *
1637 * Assertion failures here indicate incorrect installation of the
1638 * FreeRTOS handlers. For help installing the FreeRTOS handlers, see
1639 * https://www.FreeRTOS.org/FAQHelp.html.
1640 *
1641 * Systems with a configurable address for the interrupt vector table
1642 * can also encounter assertion failures or even system faults here if
1643 * VTOR is not set correctly to point to the application's vector table. */
1644 configASSERT( pxVectorTable[ portVECTOR_INDEX_SVC ] == SVC_Handler );
1645 configASSERT( pxVectorTable[ portVECTOR_INDEX_PENDSV ] == PendSV_Handler );
1646 }
1647 #endif /* configCHECK_HANDLER_INSTALLATION */
1648
1649 #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) )
1650 {
1651 volatile uint32_t ulImplementedPrioBits = 0;
1652 volatile uint8_t ucMaxPriorityValue;
1653
1654 /* Determine the maximum priority from which ISR safe FreeRTOS API
1655 * functions can be called. ISR safe functions are those that end in
1656 * "FromISR". FreeRTOS maintains separate thread and ISR API functions to
1657 * ensure interrupt entry is as fast and simple as possible.
1658 *
1659 * First, determine the number of priority bits available. Write to all
1660 * possible bits in the priority setting for SVCall. */
1661 portNVIC_SHPR2_REG = 0xFF000000;
1662
1663 /* Read the value back to see how many bits stuck. */
1664 ucMaxPriorityValue = ( uint8_t ) ( ( portNVIC_SHPR2_REG & 0xFF000000 ) >> 24 );
1665
1666 /* Use the same mask on the maximum system call priority. */
1667 ucMaxSysCallPriority = configMAX_SYSCALL_INTERRUPT_PRIORITY & ucMaxPriorityValue;
1668
1669 /* Check that the maximum system call priority is nonzero after
1670 * accounting for the number of priority bits supported by the
1671 * hardware. A priority of 0 is invalid because setting the BASEPRI
1672 * register to 0 unmasks all interrupts, and interrupts with priority 0
1673 * cannot be masked using BASEPRI.
1674 * See https://www.FreeRTOS.org/RTOS-Cortex-M3-M4.html */
1675 configASSERT( ucMaxSysCallPriority );
1676
1677 /* Check that the bits not implemented in hardware are zero in
1678 * configMAX_SYSCALL_INTERRUPT_PRIORITY. */
1679 configASSERT( ( configMAX_SYSCALL_INTERRUPT_PRIORITY & ( uint8_t ) ( ~( uint32_t ) ucMaxPriorityValue ) ) == 0U );
1680
1681 /* Calculate the maximum acceptable priority group value for the number
1682 * of bits read back. */
1683 while( ( ucMaxPriorityValue & portTOP_BIT_OF_BYTE ) == portTOP_BIT_OF_BYTE )
1684 {
1685 ulImplementedPrioBits++;
1686 ucMaxPriorityValue <<= ( uint8_t ) 0x01;
1687 }
1688
1689 if( ulImplementedPrioBits == 8 )
1690 {
1691 /* When the hardware implements 8 priority bits, there is no way for
1692 * the software to configure PRIGROUP to not have sub-priorities. As
1693 * a result, the least significant bit is always used for sub-priority
1694 * and there are 128 preemption priorities and 2 sub-priorities.
1695 *
1696 * This may cause some confusion in some cases - for example, if
1697 * configMAX_SYSCALL_INTERRUPT_PRIORITY is set to 5, both 5 and 4
1698 * priority interrupts will be masked in Critical Sections as those
1699 * are at the same preemption priority. This may appear confusing as
1700 * 4 is higher (numerically lower) priority than
1701 * configMAX_SYSCALL_INTERRUPT_PRIORITY and therefore, should not
1702 * have been masked. Instead, if we set configMAX_SYSCALL_INTERRUPT_PRIORITY
1703 * to 4, this confusion does not happen and the behaviour remains the same.
1704 *
1705 * The following assert ensures that the sub-priority bit in the
1706 * configMAX_SYSCALL_INTERRUPT_PRIORITY is clear to avoid the above mentioned
1707 * confusion. */
1708 configASSERT( ( configMAX_SYSCALL_INTERRUPT_PRIORITY & 0x1U ) == 0U );
1709 ulMaxPRIGROUPValue = 0;
1710 }
1711 else
1712 {
1713 ulMaxPRIGROUPValue = portMAX_PRIGROUP_BITS - ulImplementedPrioBits;
1714 }
1715
1716 /* Shift the priority group value back to its position within the AIRCR
1717 * register. */
1718 ulMaxPRIGROUPValue <<= portPRIGROUP_SHIFT;
1719 ulMaxPRIGROUPValue &= portPRIORITY_GROUP_MASK;
1720 }
1721 #endif /* #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) ) */
1722
1723 /* Make PendSV and SysTick the lowest priority interrupts, and make SVCall
1724 * the highest priority. */
1725 portNVIC_SHPR3_REG |= portNVIC_PENDSV_PRI;
1726 portNVIC_SHPR3_REG |= portNVIC_SYSTICK_PRI;
1727 portNVIC_SHPR2_REG = 0;
1728
1729 #if ( configENABLE_MPU == 1 )
1730 {
1731 /* Setup the Memory Protection Unit (MPU). */
1732 prvSetupMPU();
1733 }
1734 #endif /* configENABLE_MPU */
1735
1736 /* Start the timer that generates the tick ISR. Interrupts are disabled
1737 * here already. */
1738 vPortSetupTimerInterrupt();
1739
1740 /* Initialize the critical nesting count ready for the first task. */
1741 ulCriticalNesting = 0;
1742
1743 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) )
1744 {
1745 xSchedulerRunning = pdTRUE;
1746 }
1747 #endif
1748
1749 /* Start the first task. */
1750 vStartFirstTask();
1751
1752 /* Should never get here as the tasks will now be executing. Call the task
1753 * exit error function to prevent compiler warnings about a static function
1754 * not being called in the case that the application writer overrides this
1755 * functionality by defining configTASK_RETURN_ADDRESS. Call
1756 * vTaskSwitchContext() so link time optimization does not remove the
1757 * symbol. */
1758 vTaskSwitchContext();
1759 prvTaskExitError();
1760
1761 /* Should not get here. */
1762 return 0;
1763 }
1764 /*-----------------------------------------------------------*/
1765
vPortEndScheduler(void)1766 void vPortEndScheduler( void ) /* PRIVILEGED_FUNCTION */
1767 {
1768 /* Not implemented in ports where there is nothing to return to.
1769 * Artificially force an assert. */
1770 configASSERT( ulCriticalNesting == 1000UL );
1771 }
1772 /*-----------------------------------------------------------*/
1773
1774 #if ( configENABLE_MPU == 1 )
vPortStoreTaskMPUSettings(xMPU_SETTINGS * xMPUSettings,const struct xMEMORY_REGION * const xRegions,StackType_t * pxBottomOfStack,uint32_t ulStackDepth)1775 void vPortStoreTaskMPUSettings( xMPU_SETTINGS * xMPUSettings,
1776 const struct xMEMORY_REGION * const xRegions,
1777 StackType_t * pxBottomOfStack,
1778 uint32_t ulStackDepth )
1779 {
1780 uint32_t ulRegionStartAddress, ulRegionEndAddress, ulRegionNumber;
1781 int32_t lIndex = 0;
1782
1783 #if defined( __ARMCC_VERSION )
1784
1785 /* Declaration when these variable are defined in code instead of being
1786 * exported from linker scripts. */
1787 extern uint32_t * __privileged_sram_start__;
1788 extern uint32_t * __privileged_sram_end__;
1789 #else
1790 /* Declaration when these variable are exported from linker scripts. */
1791 extern uint32_t __privileged_sram_start__[];
1792 extern uint32_t __privileged_sram_end__[];
1793 #endif /* defined( __ARMCC_VERSION ) */
1794
1795 /* Setup MAIR0. */
1796 xMPUSettings->ulMAIR0 = ( ( portMPU_NORMAL_MEMORY_BUFFERABLE_CACHEABLE << portMPU_MAIR_ATTR0_POS ) & portMPU_MAIR_ATTR0_MASK );
1797 xMPUSettings->ulMAIR0 |= ( ( portMPU_DEVICE_MEMORY_nGnRE << portMPU_MAIR_ATTR1_POS ) & portMPU_MAIR_ATTR1_MASK );
1798
1799 /* This function is called automatically when the task is created - in
1800 * which case the stack region parameters will be valid. At all other
1801 * times the stack parameters will not be valid and it is assumed that
1802 * the stack region has already been configured. */
1803 if( ulStackDepth > 0 )
1804 {
1805 ulRegionStartAddress = ( uint32_t ) pxBottomOfStack;
1806 ulRegionEndAddress = ( uint32_t ) pxBottomOfStack + ( ulStackDepth * ( uint32_t ) sizeof( StackType_t ) ) - 1;
1807
1808 /* If the stack is within the privileged SRAM, do not protect it
1809 * using a separate MPU region. This is needed because privileged
1810 * SRAM is already protected using an MPU region and ARMv8-M does
1811 * not allow overlapping MPU regions. */
1812 if( ( ulRegionStartAddress >= ( uint32_t ) __privileged_sram_start__ ) &&
1813 ( ulRegionEndAddress <= ( uint32_t ) __privileged_sram_end__ ) )
1814 {
1815 xMPUSettings->xRegionsSettings[ 0 ].ulRBAR = 0;
1816 xMPUSettings->xRegionsSettings[ 0 ].ulRLAR = 0;
1817 }
1818 else
1819 {
1820 /* Define the region that allows access to the stack. */
1821 ulRegionStartAddress &= portMPU_RBAR_ADDRESS_MASK;
1822 ulRegionEndAddress &= portMPU_RLAR_ADDRESS_MASK;
1823
1824 xMPUSettings->xRegionsSettings[ 0 ].ulRBAR = ( ulRegionStartAddress ) |
1825 ( portMPU_REGION_NON_SHAREABLE ) |
1826 ( portMPU_REGION_READ_WRITE ) |
1827 ( portMPU_REGION_EXECUTE_NEVER );
1828
1829 xMPUSettings->xRegionsSettings[ 0 ].ulRLAR = ( ulRegionEndAddress ) |
1830 ( portMPU_RLAR_ATTR_INDEX0 ) |
1831 ( portMPU_RLAR_REGION_ENABLE );
1832 }
1833 }
1834
1835 /* User supplied configurable regions. */
1836 for( ulRegionNumber = 1; ulRegionNumber <= portNUM_CONFIGURABLE_REGIONS; ulRegionNumber++ )
1837 {
1838 /* If xRegions is NULL i.e. the task has not specified any MPU
1839 * region, the else part ensures that all the configurable MPU
1840 * regions are invalidated. */
1841 if( ( xRegions != NULL ) && ( xRegions[ lIndex ].ulLengthInBytes > 0UL ) )
1842 {
1843 /* Translate the generic region definition contained in xRegions
1844 * into the ARMv8 specific MPU settings that are then stored in
1845 * xMPUSettings. */
1846 ulRegionStartAddress = ( ( uint32_t ) xRegions[ lIndex ].pvBaseAddress ) & portMPU_RBAR_ADDRESS_MASK;
1847 ulRegionEndAddress = ( uint32_t ) xRegions[ lIndex ].pvBaseAddress + xRegions[ lIndex ].ulLengthInBytes - 1;
1848 ulRegionEndAddress &= portMPU_RLAR_ADDRESS_MASK;
1849
1850 /* Start address. */
1851 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRBAR = ( ulRegionStartAddress ) |
1852 ( portMPU_REGION_NON_SHAREABLE );
1853
1854 /* RO/RW. */
1855 if( ( xRegions[ lIndex ].ulParameters & tskMPU_REGION_READ_ONLY ) != 0 )
1856 {
1857 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRBAR |= ( portMPU_REGION_READ_ONLY );
1858 }
1859 else
1860 {
1861 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRBAR |= ( portMPU_REGION_READ_WRITE );
1862 }
1863
1864 /* XN. */
1865 if( ( xRegions[ lIndex ].ulParameters & tskMPU_REGION_EXECUTE_NEVER ) != 0 )
1866 {
1867 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRBAR |= ( portMPU_REGION_EXECUTE_NEVER );
1868 }
1869
1870 /* End Address. */
1871 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRLAR = ( ulRegionEndAddress ) |
1872 ( portMPU_RLAR_REGION_ENABLE );
1873
1874 /* Normal memory/ Device memory. */
1875 if( ( xRegions[ lIndex ].ulParameters & tskMPU_REGION_DEVICE_MEMORY ) != 0 )
1876 {
1877 /* Attr1 in MAIR0 is configured as device memory. */
1878 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRLAR |= portMPU_RLAR_ATTR_INDEX1;
1879 }
1880 else
1881 {
1882 /* Attr0 in MAIR0 is configured as normal memory. */
1883 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRLAR |= portMPU_RLAR_ATTR_INDEX0;
1884 }
1885 }
1886 else
1887 {
1888 /* Invalidate the region. */
1889 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRBAR = 0UL;
1890 xMPUSettings->xRegionsSettings[ ulRegionNumber ].ulRLAR = 0UL;
1891 }
1892
1893 lIndex++;
1894 }
1895 }
1896 #endif /* configENABLE_MPU */
1897 /*-----------------------------------------------------------*/
1898
1899 #if ( configENABLE_MPU == 1 )
xPortIsAuthorizedToAccessBuffer(const void * pvBuffer,uint32_t ulBufferLength,uint32_t ulAccessRequested)1900 BaseType_t xPortIsAuthorizedToAccessBuffer( const void * pvBuffer,
1901 uint32_t ulBufferLength,
1902 uint32_t ulAccessRequested ) /* PRIVILEGED_FUNCTION */
1903
1904 {
1905 uint32_t i, ulBufferStartAddress, ulBufferEndAddress;
1906 BaseType_t xAccessGranted = pdFALSE;
1907 const xMPU_SETTINGS * xTaskMpuSettings = xTaskGetMPUSettings( NULL ); /* Calling task's MPU settings. */
1908
1909 if( ( xTaskMpuSettings->ulTaskFlags & portTASK_IS_PRIVILEGED_FLAG ) == portTASK_IS_PRIVILEGED_FLAG )
1910 {
1911 xAccessGranted = pdTRUE;
1912 }
1913 else
1914 {
1915 if( portADD_UINT32_WILL_OVERFLOW( ( ( uint32_t ) pvBuffer ), ( ulBufferLength - 1UL ) ) == pdFALSE )
1916 {
1917 ulBufferStartAddress = ( uint32_t ) pvBuffer;
1918 ulBufferEndAddress = ( ( ( uint32_t ) pvBuffer ) + ulBufferLength - 1UL );
1919
1920 for( i = 0; i < portTOTAL_NUM_REGIONS; i++ )
1921 {
1922 /* Is the MPU region enabled? */
1923 if( ( xTaskMpuSettings->xRegionsSettings[ i ].ulRLAR & portMPU_RLAR_REGION_ENABLE ) == portMPU_RLAR_REGION_ENABLE )
1924 {
1925 if( portIS_ADDRESS_WITHIN_RANGE( ulBufferStartAddress,
1926 portEXTRACT_FIRST_ADDRESS_FROM_RBAR( xTaskMpuSettings->xRegionsSettings[ i ].ulRBAR ),
1927 portEXTRACT_LAST_ADDRESS_FROM_RLAR( xTaskMpuSettings->xRegionsSettings[ i ].ulRLAR ) ) &&
1928 portIS_ADDRESS_WITHIN_RANGE( ulBufferEndAddress,
1929 portEXTRACT_FIRST_ADDRESS_FROM_RBAR( xTaskMpuSettings->xRegionsSettings[ i ].ulRBAR ),
1930 portEXTRACT_LAST_ADDRESS_FROM_RLAR( xTaskMpuSettings->xRegionsSettings[ i ].ulRLAR ) ) &&
1931 portIS_AUTHORIZED( ulAccessRequested,
1932 prvGetRegionAccessPermissions( xTaskMpuSettings->xRegionsSettings[ i ].ulRBAR ) ) )
1933 {
1934 xAccessGranted = pdTRUE;
1935 break;
1936 }
1937 }
1938 }
1939 }
1940 }
1941
1942 return xAccessGranted;
1943 }
1944 #endif /* configENABLE_MPU */
1945 /*-----------------------------------------------------------*/
1946
xPortIsInsideInterrupt(void)1947 BaseType_t xPortIsInsideInterrupt( void )
1948 {
1949 uint32_t ulCurrentInterrupt;
1950 BaseType_t xReturn;
1951
1952 /* Obtain the number of the currently executing interrupt. Interrupt Program
1953 * Status Register (IPSR) holds the exception number of the currently-executing
1954 * exception or zero for Thread mode.*/
1955 __asm volatile ( "mrs %0, ipsr" : "=r" ( ulCurrentInterrupt )::"memory" );
1956
1957 if( ulCurrentInterrupt == 0 )
1958 {
1959 xReturn = pdFALSE;
1960 }
1961 else
1962 {
1963 xReturn = pdTRUE;
1964 }
1965
1966 return xReturn;
1967 }
1968 /*-----------------------------------------------------------*/
1969
1970 #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) )
1971
vPortValidateInterruptPriority(void)1972 void vPortValidateInterruptPriority( void )
1973 {
1974 uint32_t ulCurrentInterrupt;
1975 uint8_t ucCurrentPriority;
1976
1977 /* Obtain the number of the currently executing interrupt. */
1978 __asm volatile ( "mrs %0, ipsr" : "=r" ( ulCurrentInterrupt )::"memory" );
1979
1980 /* Is the interrupt number a user defined interrupt? */
1981 if( ulCurrentInterrupt >= portFIRST_USER_INTERRUPT_NUMBER )
1982 {
1983 /* Look up the interrupt's priority. */
1984 ucCurrentPriority = pcInterruptPriorityRegisters[ ulCurrentInterrupt ];
1985
1986 /* The following assertion will fail if a service routine (ISR) for
1987 * an interrupt that has been assigned a priority above
1988 * configMAX_SYSCALL_INTERRUPT_PRIORITY calls an ISR safe FreeRTOS API
1989 * function. ISR safe FreeRTOS API functions must *only* be called
1990 * from interrupts that have been assigned a priority at or below
1991 * configMAX_SYSCALL_INTERRUPT_PRIORITY.
1992 *
1993 * Numerically low interrupt priority numbers represent logically high
1994 * interrupt priorities, therefore the priority of the interrupt must
1995 * be set to a value equal to or numerically *higher* than
1996 * configMAX_SYSCALL_INTERRUPT_PRIORITY.
1997 *
1998 * Interrupts that use the FreeRTOS API must not be left at their
1999 * default priority of zero as that is the highest possible priority,
2000 * which is guaranteed to be above configMAX_SYSCALL_INTERRUPT_PRIORITY,
2001 * and therefore also guaranteed to be invalid.
2002 *
2003 * FreeRTOS maintains separate thread and ISR API functions to ensure
2004 * interrupt entry is as fast and simple as possible.
2005 *
2006 * The following links provide detailed information:
2007 * https://www.FreeRTOS.org/RTOS-Cortex-M3-M4.html
2008 * https://www.FreeRTOS.org/FAQHelp.html */
2009 configASSERT( ucCurrentPriority >= ucMaxSysCallPriority );
2010 }
2011
2012 /* Priority grouping: The interrupt controller (NVIC) allows the bits
2013 * that define each interrupt's priority to be split between bits that
2014 * define the interrupt's pre-emption priority bits and bits that define
2015 * the interrupt's sub-priority. For simplicity all bits must be defined
2016 * to be pre-emption priority bits. The following assertion will fail if
2017 * this is not the case (if some bits represent a sub-priority).
2018 *
2019 * If the application only uses CMSIS libraries for interrupt
2020 * configuration then the correct setting can be achieved on all Cortex-M
2021 * devices by calling NVIC_SetPriorityGrouping( 0 ); before starting the
2022 * scheduler. Note however that some vendor specific peripheral libraries
2023 * assume a non-zero priority group setting, in which cases using a value
2024 * of zero will result in unpredictable behaviour. */
2025 configASSERT( ( portAIRCR_REG & portPRIORITY_GROUP_MASK ) <= ulMaxPRIGROUPValue );
2026 }
2027
2028 #endif /* #if ( ( configASSERT_DEFINED == 1 ) && ( portHAS_ARMV8M_MAIN_EXTENSION == 1 ) ) */
2029 /*-----------------------------------------------------------*/
2030
2031 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) )
2032
vPortGrantAccessToKernelObject(TaskHandle_t xInternalTaskHandle,int32_t lInternalIndexOfKernelObject)2033 void vPortGrantAccessToKernelObject( TaskHandle_t xInternalTaskHandle,
2034 int32_t lInternalIndexOfKernelObject ) /* PRIVILEGED_FUNCTION */
2035 {
2036 uint32_t ulAccessControlListEntryIndex, ulAccessControlListEntryBit;
2037 xMPU_SETTINGS * xTaskMpuSettings;
2038
2039 ulAccessControlListEntryIndex = ( ( uint32_t ) lInternalIndexOfKernelObject / portACL_ENTRY_SIZE_BITS );
2040 ulAccessControlListEntryBit = ( ( uint32_t ) lInternalIndexOfKernelObject % portACL_ENTRY_SIZE_BITS );
2041
2042 xTaskMpuSettings = xTaskGetMPUSettings( xInternalTaskHandle );
2043
2044 xTaskMpuSettings->ulAccessControlList[ ulAccessControlListEntryIndex ] |= ( 1U << ulAccessControlListEntryBit );
2045 }
2046
2047 #endif /* #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) ) */
2048 /*-----------------------------------------------------------*/
2049
2050 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) )
2051
vPortRevokeAccessToKernelObject(TaskHandle_t xInternalTaskHandle,int32_t lInternalIndexOfKernelObject)2052 void vPortRevokeAccessToKernelObject( TaskHandle_t xInternalTaskHandle,
2053 int32_t lInternalIndexOfKernelObject ) /* PRIVILEGED_FUNCTION */
2054 {
2055 uint32_t ulAccessControlListEntryIndex, ulAccessControlListEntryBit;
2056 xMPU_SETTINGS * xTaskMpuSettings;
2057
2058 ulAccessControlListEntryIndex = ( ( uint32_t ) lInternalIndexOfKernelObject / portACL_ENTRY_SIZE_BITS );
2059 ulAccessControlListEntryBit = ( ( uint32_t ) lInternalIndexOfKernelObject % portACL_ENTRY_SIZE_BITS );
2060
2061 xTaskMpuSettings = xTaskGetMPUSettings( xInternalTaskHandle );
2062
2063 xTaskMpuSettings->ulAccessControlList[ ulAccessControlListEntryIndex ] &= ~( 1U << ulAccessControlListEntryBit );
2064 }
2065
2066 #endif /* #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) && ( configENABLE_ACCESS_CONTROL_LIST == 1 ) ) */
2067 /*-----------------------------------------------------------*/
2068
2069 #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) )
2070
2071 #if ( configENABLE_ACCESS_CONTROL_LIST == 1 )
2072
xPortIsAuthorizedToAccessKernelObject(int32_t lInternalIndexOfKernelObject)2073 BaseType_t xPortIsAuthorizedToAccessKernelObject( int32_t lInternalIndexOfKernelObject ) /* PRIVILEGED_FUNCTION */
2074 {
2075 uint32_t ulAccessControlListEntryIndex, ulAccessControlListEntryBit;
2076 BaseType_t xAccessGranted = pdFALSE;
2077 const xMPU_SETTINGS * xTaskMpuSettings;
2078
2079 if( xSchedulerRunning == pdFALSE )
2080 {
2081 /* Grant access to all the kernel objects before the scheduler
2082 * is started. It is necessary because there is no task running
2083 * yet and therefore, we cannot use the permissions of any
2084 * task. */
2085 xAccessGranted = pdTRUE;
2086 }
2087 else
2088 {
2089 xTaskMpuSettings = xTaskGetMPUSettings( NULL ); /* Calling task's MPU settings. */
2090
2091 ulAccessControlListEntryIndex = ( ( uint32_t ) lInternalIndexOfKernelObject / portACL_ENTRY_SIZE_BITS );
2092 ulAccessControlListEntryBit = ( ( uint32_t ) lInternalIndexOfKernelObject % portACL_ENTRY_SIZE_BITS );
2093
2094 if( ( xTaskMpuSettings->ulTaskFlags & portTASK_IS_PRIVILEGED_FLAG ) == portTASK_IS_PRIVILEGED_FLAG )
2095 {
2096 xAccessGranted = pdTRUE;
2097 }
2098 else
2099 {
2100 if( ( xTaskMpuSettings->ulAccessControlList[ ulAccessControlListEntryIndex ] & ( 1U << ulAccessControlListEntryBit ) ) != 0 )
2101 {
2102 xAccessGranted = pdTRUE;
2103 }
2104 }
2105 }
2106
2107 return xAccessGranted;
2108 }
2109
2110 #else /* #if ( configENABLE_ACCESS_CONTROL_LIST == 1 ) */
2111
xPortIsAuthorizedToAccessKernelObject(int32_t lInternalIndexOfKernelObject)2112 BaseType_t xPortIsAuthorizedToAccessKernelObject( int32_t lInternalIndexOfKernelObject ) /* PRIVILEGED_FUNCTION */
2113 {
2114 ( void ) lInternalIndexOfKernelObject;
2115
2116 /* If Access Control List feature is not used, all the tasks have
2117 * access to all the kernel objects. */
2118 return pdTRUE;
2119 }
2120
2121 #endif /* #if ( configENABLE_ACCESS_CONTROL_LIST == 1 ) */
2122
2123 #endif /* #if ( ( configENABLE_MPU == 1 ) && ( configUSE_MPU_WRAPPERS_V1 == 0 ) ) */
2124 /*-----------------------------------------------------------*/
2125
