From c108df4c2b7f8f6e7b885c1e91bc9a806fb19e5a Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Thu, 23 Jan 2025 21:19:49 +0530 Subject: [PATCH 1/3] Disable stack overflow check for MPU ports Stack overflow check is not straight forward to implement for MPU ports because of the following reasons: 1. The context is stroed in TCB and as a result, pxTopOfStack member points to the context location in TCB. 2. System calls are executed on a separate privileged only stack. It is still okay because an MPU region is used to protect task stack which means task stack overflow will trigger an MPU fault. Signed-off-by: Gaurav Aggarwal --- include/portable.h | 4 - include/stack_macros.h | 81 +++++++++---------- portable/ARMv8M/non_secure/portmacrocommon.h | 5 -- .../GCC/ARM_CM23/non_secure/portmacrocommon.h | 5 -- .../ARM_CM23_NTZ/non_secure/portmacrocommon.h | 5 -- .../GCC/ARM_CM33/non_secure/portmacrocommon.h | 5 -- .../ARM_CM33_NTZ/non_secure/portmacrocommon.h | 5 -- .../ARM_CM35P/non_secure/portmacrocommon.h | 5 -- .../non_secure/portmacrocommon.h | 5 -- .../GCC/ARM_CM55/non_secure/portmacrocommon.h | 5 -- .../ARM_CM55_NTZ/non_secure/portmacrocommon.h | 5 -- .../GCC/ARM_CM85/non_secure/portmacrocommon.h | 5 -- .../ARM_CM85_NTZ/non_secure/portmacrocommon.h | 5 -- .../IAR/ARM_CM23/non_secure/portmacrocommon.h | 5 -- .../ARM_CM23_NTZ/non_secure/portmacrocommon.h | 5 -- .../IAR/ARM_CM33/non_secure/portmacrocommon.h | 5 -- .../ARM_CM33_NTZ/non_secure/portmacrocommon.h | 5 -- .../ARM_CM35P/non_secure/portmacrocommon.h | 5 -- .../non_secure/portmacrocommon.h | 5 -- .../IAR/ARM_CM55/non_secure/portmacrocommon.h | 5 -- .../ARM_CM55_NTZ/non_secure/portmacrocommon.h | 5 -- .../IAR/ARM_CM85/non_secure/portmacrocommon.h | 5 -- .../ARM_CM85_NTZ/non_secure/portmacrocommon.h | 5 -- 23 files changed, 40 insertions(+), 150 deletions(-) diff --git a/include/portable.h b/include/portable.h index c9b74453547..68e11e79311 100644 --- a/include/portable.h +++ b/include/portable.h @@ -93,10 +93,6 @@ #define portBASE_TYPE_EXIT_CRITICAL() taskEXIT_CRITICAL() #endif -#ifndef portGET_CURRENT_TOP_OF_STACK - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { pxCurrentTopOfStack = ( StackType_t * ) pxCurrentTCB->pxTopOfStack; } -#endif - #ifndef configSTACK_DEPTH_TYPE #define configSTACK_DEPTH_TYPE StackType_t #endif diff --git a/include/stack_macros.h b/include/stack_macros.h index 300be4cb3d2..625cc668a56 100644 --- a/include/stack_macros.h +++ b/include/stack_macros.h @@ -53,17 +53,23 @@ #define portSTACK_LIMIT_PADDING 0 #endif -#if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH < 0 ) ) +/* Stack overflow check is not straight forward to implement for MPU ports + * because of the following reasons: + * 1. The context is stroed in TCB and as a result, pxTopOfStack member points + * to the context location in TCB. + * 2. System calls are executed on a separate privileged only stack. + * + * It is still okay because an MPU region is used to protect task stack which + * means task stack overflow will trigger an MPU fault. + */ +#if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH < 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) /* Only the current stack state is to be checked. */ #define taskCHECK_FOR_STACK_OVERFLOW() \ do \ { \ - StackType_t * pxCurrentTopOfStack; \ - portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ); \ - \ /* Is the currently saved stack pointer within the stack limit? */ \ - if( pxCurrentTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) \ + if( pxCurrentTCB->pxTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) \ { \ char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ @@ -73,51 +79,46 @@ #endif /* configCHECK_FOR_STACK_OVERFLOW == 1 */ /*-----------------------------------------------------------*/ -#if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH > 0 ) ) +#if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH > 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) /* Only the current stack state is to be checked. */ - #define taskCHECK_FOR_STACK_OVERFLOW() \ - do \ - { \ - StackType_t * pxCurrentTopOfStack; \ - portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ); \ - \ - /* Is the currently saved stack pointer within the stack limit? */ \ - if( pxCurrentTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) \ - { \ - char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ - vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ - } \ + #define taskCHECK_FOR_STACK_OVERFLOW() \ + do \ + { \ + /* Is the currently saved stack pointer within the stack limit? */ \ + if( pxCurrentTCB->pxTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) \ + { \ + char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ + vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ + } \ } while( 0 ) #endif /* configCHECK_FOR_STACK_OVERFLOW == 1 */ /*-----------------------------------------------------------*/ -#if ( ( configCHECK_FOR_STACK_OVERFLOW > 1 ) && ( portSTACK_GROWTH < 0 ) ) - - #define taskCHECK_FOR_STACK_OVERFLOW() \ - do \ - { \ - const uint32_t * const pulStack = ( uint32_t * ) pxCurrentTCB->pxStack; \ - const uint32_t ulCheckValue = ( uint32_t ) 0xa5a5a5a5U; \ - StackType_t * pxCurrentTopOfStack; \ - portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ); \ - \ - if( ( pxCurrentTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) || \ - ( pulStack[ 0 ] != ulCheckValue ) || \ - ( pulStack[ 1 ] != ulCheckValue ) || \ - ( pulStack[ 2 ] != ulCheckValue ) || \ - ( pulStack[ 3 ] != ulCheckValue ) ) \ - { \ - char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ - vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ - } \ +#if ( ( configCHECK_FOR_STACK_OVERFLOW > 1 ) && ( portSTACK_GROWTH < 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) + + #define taskCHECK_FOR_STACK_OVERFLOW() \ + do \ + { \ + const uint32_t * const pulStack = ( uint32_t * ) pxCurrentTCB->pxStack; \ + const uint32_t ulCheckValue = ( uint32_t ) 0xa5a5a5a5U; \ + \ + if( ( pxCurrentTCB->pxTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) || \ + ( pulStack[ 0 ] != ulCheckValue ) || \ + ( pulStack[ 1 ] != ulCheckValue ) || \ + ( pulStack[ 2 ] != ulCheckValue ) || \ + ( pulStack[ 3 ] != ulCheckValue ) ) \ + { \ + char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ + vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ + } \ } while( 0 ) #endif /* #if( configCHECK_FOR_STACK_OVERFLOW > 1 ) */ /*-----------------------------------------------------------*/ -#if ( ( configCHECK_FOR_STACK_OVERFLOW > 1 ) && ( portSTACK_GROWTH > 0 ) ) +#if ( ( configCHECK_FOR_STACK_OVERFLOW > 1 ) && ( portSTACK_GROWTH > 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) #define taskCHECK_FOR_STACK_OVERFLOW() \ do \ @@ -128,12 +129,10 @@ tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, \ tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, \ tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE, tskSTACK_FILL_BYTE }; \ - StackType_t * pxCurrentTopOfStack; \ - portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ); \ \ pcEndOfStack -= sizeof( ucExpectedStackBytes ); \ \ - if( ( pxCurrentTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) || \ + if( ( pxCurrentTCB->pxTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) || \ ( memcmp( ( void * ) pcEndOfStack, ( void * ) ucExpectedStackBytes, sizeof( ucExpectedStackBytes ) ) != 0 ) ) \ { \ char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ diff --git a/portable/ARMv8M/non_secure/portmacrocommon.h b/portable/ARMv8M/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/ARMv8M/non_secure/portmacrocommon.h +++ b/portable/ARMv8M/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM23/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM23/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM23/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM23/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM23_NTZ/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM23_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM23_NTZ/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM23_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM33/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM33/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM33/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM33/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM33_NTZ/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM33_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM33_NTZ/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM33_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM35P/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM35P/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM35P/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM35P/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM35P_NTZ/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM35P_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM35P_NTZ/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM35P_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM55/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM55/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM55/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM55/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM55_NTZ/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM55_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM55_NTZ/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM55_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM85/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM85/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM85/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM85/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/GCC/ARM_CM85_NTZ/non_secure/portmacrocommon.h b/portable/GCC/ARM_CM85_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/GCC/ARM_CM85_NTZ/non_secure/portmacrocommon.h +++ b/portable/GCC/ARM_CM85_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM23/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM23/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM23/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM23/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM23_NTZ/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM23_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM23_NTZ/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM23_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM33/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM33/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM33/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM33/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM33_NTZ/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM33_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM33_NTZ/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM33_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM35P/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM35P/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM35P/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM35P/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM35P_NTZ/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM35P_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM35P_NTZ/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM35P_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM55/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM55/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM55/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM55/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM55_NTZ/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM55_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM55_NTZ/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM55_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM85/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM85/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM85/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM85/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ diff --git a/portable/IAR/ARM_CM85_NTZ/non_secure/portmacrocommon.h b/portable/IAR/ARM_CM85_NTZ/non_secure/portmacrocommon.h index e74fa825787..41c060f1dc8 100644 --- a/portable/IAR/ARM_CM85_NTZ/non_secure/portmacrocommon.h +++ b/portable/IAR/ARM_CM85_NTZ/non_secure/portmacrocommon.h @@ -217,11 +217,6 @@ extern void vClearInterruptMask( uint32_t ulMask ) /* __attribute__(( naked )) P #error configSYSTEM_CALL_STACK_SIZE must be defined to the desired size of the system call stack in words for using MPU wrappers v2. #endif - /* When MPU wrapper v2 is used, the task's context is stored in TCB and - * pxTopOfStack member of TCB points to the context location in TCB. We, - * therefore, need to read PSP to find the task's current top of stack. */ - #define portGET_CURRENT_TOP_OF_STACK( pxCurrentTopOfStack ) { __asm volatile ( "mrs %0, psp" : "=r" ( pxCurrentTopOfStack ) ); } - /** * @brief System call stack. */ From 53eb75624a1ed9371f4d1a587c97cb55d160d90e Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Fri, 31 Jan 2025 07:22:01 +0000 Subject: [PATCH 2/3] Fix formatting and spell check --- include/stack_macros.h | 50 +++++++++++++++++++++--------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/include/stack_macros.h b/include/stack_macros.h index 625cc668a56..ec76a93e81d 100644 --- a/include/stack_macros.h +++ b/include/stack_macros.h @@ -55,7 +55,7 @@ /* Stack overflow check is not straight forward to implement for MPU ports * because of the following reasons: - * 1. The context is stroed in TCB and as a result, pxTopOfStack member points + * 1. The context is stored in TCB and as a result, pxTopOfStack member points * to the context location in TCB. * 2. System calls are executed on a separate privileged only stack. * @@ -82,15 +82,15 @@ #if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH > 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) /* Only the current stack state is to be checked. */ - #define taskCHECK_FOR_STACK_OVERFLOW() \ - do \ - { \ - /* Is the currently saved stack pointer within the stack limit? */ \ - if( pxCurrentTCB->pxTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) \ - { \ - char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ - vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ - } \ + #define taskCHECK_FOR_STACK_OVERFLOW() \ + do \ + { \ + /* Is the currently saved stack pointer within the stack limit? */ \ + if( pxCurrentTCB->pxTopOfStack >= pxCurrentTCB->pxEndOfStack - portSTACK_LIMIT_PADDING ) \ + { \ + char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ + vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ + } \ } while( 0 ) #endif /* configCHECK_FOR_STACK_OVERFLOW == 1 */ @@ -98,21 +98,21 @@ #if ( ( configCHECK_FOR_STACK_OVERFLOW > 1 ) && ( portSTACK_GROWTH < 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) ) - #define taskCHECK_FOR_STACK_OVERFLOW() \ - do \ - { \ - const uint32_t * const pulStack = ( uint32_t * ) pxCurrentTCB->pxStack; \ - const uint32_t ulCheckValue = ( uint32_t ) 0xa5a5a5a5U; \ - \ - if( ( pxCurrentTCB->pxTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) || \ - ( pulStack[ 0 ] != ulCheckValue ) || \ - ( pulStack[ 1 ] != ulCheckValue ) || \ - ( pulStack[ 2 ] != ulCheckValue ) || \ - ( pulStack[ 3 ] != ulCheckValue ) ) \ - { \ - char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ - vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ - } \ + #define taskCHECK_FOR_STACK_OVERFLOW() \ + do \ + { \ + const uint32_t * const pulStack = ( uint32_t * ) pxCurrentTCB->pxStack; \ + const uint32_t ulCheckValue = ( uint32_t ) 0xa5a5a5a5U; \ + \ + if( ( pxCurrentTCB->pxTopOfStack <= pxCurrentTCB->pxStack + portSTACK_LIMIT_PADDING ) || \ + ( pulStack[ 0 ] != ulCheckValue ) || \ + ( pulStack[ 1 ] != ulCheckValue ) || \ + ( pulStack[ 2 ] != ulCheckValue ) || \ + ( pulStack[ 3 ] != ulCheckValue ) ) \ + { \ + char * pcOverflowTaskName = pxCurrentTCB->pcTaskName; \ + vApplicationStackOverflowHook( ( TaskHandle_t ) pxCurrentTCB, pcOverflowTaskName ); \ + } \ } while( 0 ) #endif /* #if( configCHECK_FOR_STACK_OVERFLOW > 1 ) */ From 2feb8bd8a9a54cee14a19684140b79daedb72a3b Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Mon, 24 Feb 2025 15:57:35 +0000 Subject: [PATCH 3/3] Address review feedback Signed-off-by: Gaurav Aggarwal --- include/stack_macros.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/stack_macros.h b/include/stack_macros.h index ec76a93e81d..6d0117722af 100644 --- a/include/stack_macros.h +++ b/include/stack_macros.h @@ -60,7 +60,9 @@ * 2. System calls are executed on a separate privileged only stack. * * It is still okay because an MPU region is used to protect task stack which - * means task stack overflow will trigger an MPU fault. + * means task stack overflow will trigger an MPU fault for unprivileged tasks. + * Additionally, architectures with hardware stack overflow checking support + * (such as Armv8-M) will trigger a fault when a task's stack overflows. */ #if ( ( configCHECK_FOR_STACK_OVERFLOW == 1 ) && ( portSTACK_GROWTH < 0 ) && ( portUSING_MPU_WRAPPERS != 1 ) )