begriffs open source - freertos/commit

author	Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com>
	Mon, 7 Dec 2020 17:53:22 +0000 (09:53 -0800)
committer	GitHub <noreply@github.com>
	Mon, 7 Dec 2020 17:53:22 +0000 (09:53 -0800)
commit	b5020cb3d8be05ecb45019a9196fe6c3b2ac3a38
tree	c9c58b5a396ae6543a5c669ca91e2d7935e6d131	tree \| snapshot
parent	68ca3a9b2a5d6067e26d3e1cf535327b2f9e0b76	commit \| diff

Prevent unprivileged task from altering MPU configuration (#227)

This change removes the FreeRTOS System Calls (aka MPU wrappers) for the
following kernel APIs:
- xTaskCreateRestricted
- xTaskCreateRestrictedStatic
- vTaskAllocateMPURegions

A system call allows an unprivileged task to execute a kernel API which
is otherwise accessible to privileged software only. The above 3 APIs
can create a new task with a different MPU configuration or alter the
MPU configuration of an existing task. This an be (mis)used by an
unprivileged task to grant itself access to a region which it does not
have access to.

Removing the system calls for these APIs ensures that an unprivileged
task cannot execute this APIs. If an unprivileged task attempts to
execute any of these API, it will result in a Memory Fault.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>

include/mpu_prototypes.h		diff \| blob \| history
include/mpu_wrappers.h		diff \| blob \| history
portable/Common/mpu_wrappers.c		diff \| blob \| history