Gaurav-Aggarwal-AWS [Mon, 24 Feb 2025 16:24:15 +0000 (21:54 +0530)]
Disable stack overflow check for MPU ports (#1231)
Disable stack overflow check for MPU ports
Stack overflow check is not straight forward to implement for MPU ports
because of the following reasons:
1. The context is stroed in TCB and as a result, pxTopOfStack member
points to the context location in TCB.
2. System calls are executed on a separate privileged only stack.
It is still okay because an MPU region is used to protect task stack
which means task stack overflow will trigger an MPU fault.
Gaurav-Aggarwal-AWS [Wed, 12 Feb 2025 15:27:18 +0000 (20:57 +0530)]
Include current task runtime in ulTaskGetRunTimeCounter (#1234)
* Include current task runtime in ulTaskGetRunTimeCounter
Update ulTaskGetRunTimeCounter to include elapsed time since the last
context switch when called for the currently running task. Previously,
this time was not included in the calculation.
Bhoomika R S [Wed, 12 Feb 2025 09:27:03 +0000 (14:57 +0530)]
Add instruction to suppress SIGUSR1 in Posix with LLDB debugger (#1245)
While using the macOS default LLDB debugger, a call to vTaskEndScheduler results in an unhandled SIGUSR1 (aka SIGRESUME) when restoring the scheduler thread's signals with pthread_sigmask. This crashes the program.
Added instructions in portable/ThirdParty/GCC/Posix/port.c to suppress SIGUSR1 to prevent LLDB debugger interference when exiting xPortStartScheduler
Thanks to: @johnboiles for pointing it out in #1224
Jakub Tymejczyk [Fri, 7 Feb 2025 01:21:34 +0000 (02:21 +0100)]
Fix GCC/Posix port compilation on FreeBSD (#1239) (#1240)
On FreeBSD pthread_once_t is a struct and cast is required.
Otherwise there's compilation error:
../../mocks/freertos/port.c:261:23: error: expected expression
hSigSetupThread = PTHREAD_ONCE_INIT;
^
PTHREAD_ONCE_INIT is defined as: { PTHREAD_NEEDS_INIT, NULL } on FreeBSD
Co-authored-by: Jakub Tymejczyk <jakub.tymejczyk@enigma.com.pl>
Gaurav-Aggarwal-AWS [Wed, 29 Jan 2025 01:57:30 +0000 (07:27 +0530)]
Mark mutex as robust to prevent deadlocks (#1233)
Mark mutex as robust to prevent deadlocks
Prevent application hangs that occur when a thread dies while holding a
mutex, particularly during vTaskEndScheduler or exit calls. This is
achieved by setting the PTHREAD_MUTEX_ROBUST attribute on the mutex.
Fixes:
- GitHub issue: FreeRTOS/FreeRTOS-Kernel#1217
- Forum thread: freertos.org/t/22287
Kody Stribrny [Tue, 28 Jan 2025 17:13:17 +0000 (09:13 -0800)]
fix: SA violation fixes and simplification for idle task length restrictions (#1227)
fix: SA violation fixes and simplification for idle task length restrictions
This change:
* Removes the dependency on strings.h for the prvCreateIdleTask function
* Resolves several static analysis violations reported by tools like Parasoft
Builds off of - https://github.com/FreeRTOS/FreeRTOS-Kernel/pull/1203
Marouen Ghodhbane [Fri, 11 Oct 2024 13:36:42 +0000 (15:36 +0200)]
portable: aarch64_sre: Add support for vApplicationFPUSafeIRQHandler
The application writer needs to name their IRQ handler as:
1. vApplicationIRQHandler if the IRQ handler does not use FPU registers.
2. vApplicationFPUSafeIRQHandler is the IRQ handler uses FPU registers.
When the application uses vApplicationFPUSafeIRQHandler, a default
implementation of vApplicationIRQHandler is used which stores FPU
registers and then calls vApplicationFPUSafeIRQHandler.
Note that recent versions of GCC may use FP/SIMD registers to optimize 16-bytes
copy and especially when using va_start()/va_arg() functions (e.g printing some thing
in IRQ handlers may trigger usage of FPU registers)
This implementation is heavily inspired by both the ARM_CA9 port and the ARM_CRx_No_GIC
port done in [1]
Marouen Ghodhbane [Wed, 9 Oct 2024 15:31:45 +0000 (17:31 +0200)]
portable: aarch64_sre: add configUSE_TASK_FPU_SUPPORT support
This is a direct backport of upstream commit [1] for aarch64 (legacy operation port)
done under [2]
The same code can be applied on the aarch SRE port to be able to enable FPU context
saving on all tasks context switch to mitigate GCC optimization to use SIMD registers
for copy.
[1] "55eceb22: Add configUSE_TASK_FPU_SUPPORT to AARCH64 port (#1048)"
[2] https://github.com/FreeRTOS/FreeRTOS-Kernel/pull/1048
kzorer [Wed, 22 Jan 2025 09:23:35 +0000 (12:23 +0300)]
Add xQueueCreateSetStatic method for static allocation of Queue Sets (#1228)
Add xQueueCreateSetStatic method for static allocation of Queue Sets
This commit introduces the xQueueCreateSetStatic function, which allows for the static allocation of Queue Sets in FreeRTOS when both configUSE_QUEUE_SETS and configSUPPORT_STATIC_ALLOCATION are enabled.
Ahmed Ismail [Tue, 14 Jan 2025 05:20:52 +0000 (05:20 +0000)]
ARMv8.1-M: Add task dedicated PAC key support (#1195)
armv8.1-m: Add task dedicated PAC key
To harden the security, each task is assigned a dedicated PAC key, so that attackers needs to guess the all the tasks' PAC keys right to exploit the system using Return Oriented Programming.
The kernel is now updated to support the following:
* A PAC key set with a random number generated and is saved in the task's context when a task is created.
* As part of scheduling, the task's PAC key is stored/restored to/from the task's context when a task is unscheduled/scheduled from/to run.
When MPU wrapper v2 is used, the task's context is stored in TCB and `pxTopOfStack`` member of TCB points to the context location in TCB. We, therefore, need to read PSP to find the task's current top of stack.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
creiter64 [Mon, 13 Jan 2025 22:48:10 +0000 (23:48 +0100)]
Fix function parameter shadowing global variable. (#1221)
The function vApplicationFPUSafeIRQHandler gets the value of ICCIAR as
parameter, but a constant containing the address of ICCIAR was also
defined. Fix the name of the constant to align it with what it actually
holds.
Sudeep Mohanty [Fri, 20 Dec 2024 07:43:04 +0000 (13:13 +0530)]
fix(freertos): Limit idle task name length copy operation and ensure null-termination of the idle task name string (#1203)
* fix(freertos): Limit idle task name copy operation and ensure null termination
This commit:
- Limits the idle task name length copy operation to prevent
Out-of-bounds memory access warnings from static code analyzers.
- Fixes a bug where in the idle task name could be non null-terminated
string for SMP configuration.
wwhheerree [Mon, 16 Dec 2024 13:18:54 +0000 (21:18 +0800)]
Regression Bug Fix: Fix Incorrect Return of MSVC-MingW portYIELD_FROM_ISR (#1207)
There is a regression issue introduced in
https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/cfc268814a94a4deb8ddc8322b63ccae270a8669.
This PR was intended to update MIT licensed header from v9 to v10.
But it accidentally changed "portYIELD_FROM_ISR( x )" in MSVC-MingW/portmacro.h.
It caused "portYIELD_FROM_ISR( x )" does not return correct value to "prvProcessSimulatedInterrupts".
Kody Stribrny [Mon, 2 Dec 2024 19:29:36 +0000 (11:29 -0800)]
Update manifest to use 'V' (#1201)
Release tags use a capitalized V.
Our manifest tag is used by our SBOM
script to generate the URL and so
this needs to be capitalized to generate
a valid URL.
yh-sb [Mon, 25 Nov 2024 05:24:41 +0000 (07:24 +0200)]
Fix CMake build for RP2040 (#1197)
Add public dependency to hardware_sync because portable\ThirdParty\GCC\RP2040\include\portmacro.h exposes include "hardware/sync.h" to FreeRTOS.h which is PUBLIC.
Add private dependency to pico_multicore because of usage prvFIFOInterruptHandler() and sio_hw in portable/ThirdParty/GCC/RP2040/port.c.
The PACBTI is an optional hardware security feature,
the current implementation assumes that every SoC that
has Armv8.1-M architecture extension, has the PACBTI
hardware feature, which does not have to be the case.
Hence, the `portHAS_PACBTI_FEATURE` is removed
and the implementation is modified to rely on
`configENABLE_PAC` and `configENABLE_BTI` macros
that can either be set using CMake or FreeRTOSConfig.h
header file.
Enabling PAC and/or BTI on a port variant that
doesn't have the PACBTI hardware feature would be
caught by a `configASSERT` statement.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com> Co-authored-by: Tony Josi <tonyjosi@amazon.com>
Tomas Galbicka [Tue, 12 Nov 2024 04:28:38 +0000 (05:28 +0100)]
Heap: add new API to reset xMinimumEverFreeBytesRemaining. (#1189)
This commit adds new API functionality to reset xMinimumEverFreeBytesRemaining.
This functionality provides ability to get heap statistics during a particular period of time.
Signed-off-by: Tomas Galbicka <tomas.galbicka@nxp.com>
Vishwanath Martur [Mon, 4 Nov 2024 16:21:51 +0000 (21:51 +0530)]
Fix SMP debugging issue on rp2040 (#1174)
* Fix SMP debugging issue on rp2040
Related to #1172
Add `multicore_reset_core1` before `multicore_launch_core1` in `xPortStartScheduler` function to fix debugging issue on rp2040 with SMP enabled.
* Modify `portable/ThirdParty/GCC/RP2040/port.c` to include a call to `multicore_reset_core1` before `multicore_launch_core1` within the `#if portRUNNING_ON_BOTH_CORES` block.
* Recover comments back
---------
Co-authored-by: ActoryOu <jay2002824@gmail.com> Co-authored-by: Gaurav-Aggarwal-AWS <33462878+aggarg@users.noreply.github.com> Co-authored-by: Rahul Kar <118818625+kar-rahul-aws@users.noreply.github.com>
Vishwanath Martur [Mon, 4 Nov 2024 12:32:35 +0000 (18:02 +0530)]
Fix RISC-V configMTIMECMP_BASE_ADDRESS (64-bit) stored in 32-bit int (#1176)
Related to #189
Update `configMTIMECMP_BASE_ADDRESS` to be stored in a 64-bit integer.
* Change the type of `ullMachineTimerCompareRegisterBase` to `uint64_t` in `portable/GCC/RISC-V/port.c`.
* Change the type of `ullMachineTimerCompareRegisterBase` to `uint64_t` in `portable/IAR/RISC-V/port.c`.
* Update the initialization of `ullMachineTimerCompareRegisterBase` to use `configMTIMECMP_BASE_ADDRESS` in both files.
ActoryOu [Mon, 4 Nov 2024 09:23:28 +0000 (17:23 +0800)]
Follow GitHub recommendation to update release.yml (#1178)
GitHub recommends to store user inputs in environments variables
and then use them in scripts. This PR updates the code as per the
GitHub recommendation.
Details here - https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections.
We have removed the use of pthread_attr_setstack and as a result,
the task stack is no longer used as the corresponding pthread's stack.
There is no use of calling pthread_attr_setstacksize as the default is
always good enough and we don't need to handle OS specific cases.
This PR simplifies the code by removing the call to pthread_attr_setstacksize.
Signed-off-by: Paul Hollinsky <paulhollinsky@gmail.com>
Ahmed Ismail [Thu, 24 Oct 2024 06:25:16 +0000 (07:25 +0100)]
Armv8.1-m: Add pacbti support (#1147)
* copyright-checker: Add FreeRTOS Arm collab copyright
FreeRTOS Arm collab files shall have both Amazon's
and Arm's copyright headers. Hence, the copyright
checker is modified to check for both copyrights.
Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
* armv8-m: Add support for IAR with TFM FREERTOS PORT
As the case for ARMClang, and GCC toolchains, IAR
with TFM FreeRTOS Port support is added.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* armv8-m: Do not overwrite Control register value
The current ARMv8-M FreeRTOS-Kernel Port code
implementation is modified in a way that allows
the CONTROL register's value to be retained
rather than being overwritten.
This is needed for adding PACBTI support as
the special-purpose CONTROL register `PAC_EN`,
`UPAC_EN`, `BTI_EN`, and `UBTI_EN` PACBTI
enablement bits should be configured before calling
`vRestoreContextOfFirstTask()` function which currently
overwrite the value inside the CONTROL register.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* armv8.1-m: Add PACBTI support to kernel non-secure implementation
In this commit, Pointer Authentication, and Branch Target
Identification Extension (PACBTI) support is added for
Non-Secure and Non-TrustZone variants of Cortex-M85
FreeRTOS-Kernel Port.
The PACBTI support is added for Arm Compiler For
Embedded, and IAR toolchains only. The support in
the kernel is not yet enabled for GNU toolchain
due to known issues.
Signed-off-by: Ahmed Ismail <Ahmed.Ismail@arm.com>
* Fix CI check
kakkoko [Wed, 16 Oct 2024 09:36:20 +0000 (18:36 +0900)]
Fix incorrect error checking of prvCreateIdleTasks (#1158)
In environments that do not support static allocation
(configSUPPORT_STATIC_ALLOCATION == 0), at prvCreateIdleTasks(), call
xCreateTask() and compare its return value to pdFAIL to check whether
xCreateTask() failed. However, xCreateTask() returns
errCOULD_NOT_ALLOCATE_REQUIRED_MEMORY as the error value, so the
result of this comparison is always false.
This commit fixes this problem by changing the return value comparison
to pdPASS instead of pdFAIL.
The read and write of BaseType_t are atomic for a number of ports
and therefore, do not require taskENTER_CRITICAL/taskEXIT_CRITICAL.
This PR introduces portBASE_TYPE_ENTER_CRITICAL and
portBASE_TYPE_EXIT_CRITICAL which default to taskENTER_CRITICAL
and taskEXIT_CRITICAL. The APIs that read/write BaseType_t are updated
to use these new macros.
The next change would to be to define portBASE_TYPE_ENTER_CRITICAL and
portBASE_TYPE_EXIT_CRITICAL to nothing for ports where BaseType_t
read and write are atomic.
This commit address the following issues with MPU prototypes:
1. Fix the decorator according to which MPU wrapper is used.
2. Add the missing prototypes for v1.
3. Add the corresponding mapping to mpu_wrappers.h.
4. Update MPU v1 wrappers for vTaskList and vTaskGetRunTimeStats.
This was reported here - https://forums.freertos.org/t/cortex-m55-and-16-region-mpu-support/21470/5.
Remove error for 16 MPU resgion from IAR ports (#1149)
Support for 16 MPU regions was added to Cortex-M33, M35P, M55 and M85
ports was added but the compile time error check was not removed. This
results in compilation error when 16 MPU regions are used. This PR
removes the not needed compile time error check.
It was reported here - https://forums.freertos.org/t/cortex-m55-and-16-region-mpu-support/21470.
heap_5 is used for multiple separated memory spaces. In the
previous implementation, it only verifies the highest and
lowest addresses. A pointer may not be within heap regions,
but is still located between the highest and lowest addressed.
Add maco configVALIDATE_HEAP_BLOCK_POINTER to provide
customized heap block pointers detection based on the settings
of heap regions.
Event Groups: snapshot xEventGroupSetBits returning value while in vTaskSuspendAll (#1143)
Event Groups: snapshot xEventGroupSetBits returning value while in
vTaskSuspendAll. Fixes uxEventBits dereference after event group
deleted by higher priority thread.
Gaurav-Aggarwal-AWS [Thu, 29 Aug 2024 15:51:35 +0000 (21:21 +0530)]
Pend a yield in portPRE_TASK_DELETE_HOOK (#1132)
When a task deletes itself, it calls portPRE_TASK_DELETE_HOOK which
translates to vPortCloseRunningThread on the Windows port.
vPortCloseRunningThread never returns and as a result,
taskYIELD_WITHIN_API in vTaskDelete does not get called. As a result,
the next task is not scheduled when configUSE_PREEMPTION is set to 0.
This change records that a yield is pending so that the next tick
interrupt switches out the task that was deleted.
Tomas Galbicka [Thu, 29 Aug 2024 08:36:33 +0000 (10:36 +0200)]
GCC: ARM_CM0: Fix L6286E error on Keil MDK (#1131)
Change the .b instruction to .bx with higher range to solve error
reported by MDK descibed bellow.
Fix:
Error: L6286E: Relocation #REL:0 in portasm.o(.text.SVC_Handler) with respect to vPortSVCHandler_C. Value(0x1a04) out of range(-0x800 - 0x7fe) for (R_ARM_THM_JUMP11)
mayl [Mon, 19 Aug 2024 06:01:30 +0000 (02:01 -0400)]
Remove hardware dependence in portmacros.h (#1112)
* Remove hardware dependence in portmacros.h
The IAR MSP430X port `#include "msp430.h"` which pulls all the hardware
register definitions into anything which `#include "FreeRTOS.h"`. This
removes that hardware dependency "leak" by removing the header file
and re-defining the `portDISABLE_INTERRUPTS()` and
`portENABLE_INTERRUPTS()` macros in terms of `__asm`.
Rahul Kar [Thu, 8 Aug 2024 15:37:11 +0000 (21:07 +0530)]
Add support for vApplicationFPUSafeIRQHandler (#1113)
This PR adds support for vApplicationFPUSafeIRQHandler. The application
writer needs to name their IRQ handler as:
1. vApplicationIRQHandler if the IRQ handler does not use FPU registers.
2. vApplicationFPUSafeIRQHandler is the IRQ handler uses FPU registers.
When the application uses vApplicationFPUSafeIRQHandler, a default
implementation of vApplicationIRQHandler is used which stores FPU
registers and then calls vApplicationFPUSafeIRQHandler.
Gaurav-Aggarwal-AWS [Tue, 6 Aug 2024 05:19:48 +0000 (10:49 +0530)]
Reset xNextTaskUnblockTime in task notify FromISR APIs (#1111)
* Reset xNextTaskUnblockTime in task notify FromISR APIs
If a task is blocked waiting for a notification then
xNextTaskUnblockTime might be set to the blocked task's timeout time. If
the task is unblocked for a reason other than a timeout
xNextTaskUnblockTime is normally left unchanged, because it will
automatically get reset to a new value when the tick count equals
xNextTaskUnblockTime. However if tickless idle is used it is important
to enter sleep mode at the earliest possible time - so reset
xNextTaskUnblockTime here to ensure it is updated at the earliest
possible time.
This was reported here -
https://forums.freertos.org/t/the-vtaskgenericnotifygivefromisr-function-need-call-prvresetnexttaskunblocktime/21090
Rahul Kar [Mon, 22 Jul 2024 15:35:17 +0000 (21:05 +0530)]
Update ARM_CRx_No_GIC port (#1101)
This PR makes the following improvements to the ARM_CRx_No_GIC port-
1. Remove inline assembly and move all the assembly code to the portASM.S
file.
2. Add support for configUSE_TASK_FPU_SUPPORT -
- When configUSE_TASK_FPU_SUPPORT is defined to 1, tasks are created
without floating point context. Tasks that want to use floating point, need
to call portTASK_USES_FLOATING_POINT(). This is the current behavior.
- When configUSE_TASK_FPU_SUPPORT is defined to 2, each task is created
with a floating point context.
If left undefined, configUSE_TASK_FPU_SUPPORT defaults to 1 for backward compatibility.
3. The application writer can now implement vApplicationSVCHandler to handle the
SVC calls raised within the application. SVC 0 is used for the yield kernel operation
and the application can use all the SVC calls other than 0.
begriffs.com / projects / freertos / log