arch: mem protect Kconfig cleanups

Adds a new CONFIG_MPU which is set if an MPU is enabled. This is a menuconfig will some MPU-specific options moved under it. MEMORY_PROTECTION and SRAM_REGION_PERMISSIONS have been merged. This configuration depends on an MMU or MPU. The protection test is updated accordingly. Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2020-11-05 14:30:20 -08:00 · 2020-11-05 14:30:20 -08:00 · 5a58ad508c
commit 5a58ad508c
parent 0652d926e3
6 changed files with 50 additions and 21 deletions
--- a/arch/Kconfig
+++ b/arch/Kconfig
@ -229,7 +229,7 @@ config USERSPACE
 	bool "User mode threads"
 	depends on ARCH_HAS_USERSPACE
 	depends on RUNTIME_ERROR_CHECKS
-	select SRAM_REGION_PERMISSIONS if MMU
+	depends on SRAM_REGION_PERMISSIONS
 	select THREAD_STACK_INFO
 	help
 	  When enabled, threads may be created or dropped down to user mode,
@ -564,6 +564,7 @@ config CPU_HAS_MMU
 	help
 	  This hidden option is selected when the CPU has a Memory Management Unit
 	  (MMU).
+
 menuconfig MMU
 	bool "Enable MMU features"
 	depends on CPU_HAS_MMU
@ -579,16 +580,6 @@ config MMU_PAGE_SIZE
 	  Size of memory pages. Varies per MMU but 4K is common. For MMUs that
 	  support multiple page sizes, put the smallest one here.

-config SRAM_REGION_PERMISSIONS
-	bool "Assign appropriate permissions to kernel areas in SRAM"
-	default y
-	help
-	  If enabled, the program text, rodata, and data parts of the kernel in
-	  the permanent mappings created at build time will have appropriate
-	  permissions set. Uses extra memory due to page-alignment constraints.
-	  If not enabled, all SRAM mappings will allow supervisor mode to
-	  read, write, and execute. User mode support requires this.
-
 config KERNEL_VM_BASE
 	hex "Base virtual address to link the kernel"
 	default $(dt_chosen_reg_addr_hex,$(DT_CHOSEN_Z_SRAM))
@ -655,13 +646,14 @@ config KERNEL_VM_SIZE

 endif   # MMU

-config MEMORY_PROTECTION
-	bool
+menuconfig MPU
+	bool "Enable MPU features"
+	depends on CPU_HAS_MPU
 	help
-	  This option is enabled when Memory Protection features are supported.
-	  Memory protection support is currently available on ARC, ARM, and x86
-	  architectures.
+	  This option, when enabled, indicates to the core kernel that an MPU
+	  is enabled.

+if MPU
 config MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT
 	bool
 	help
@ -699,6 +691,40 @@ config MPU_GAP_FILLING
 	  documentation for more information on how this option is
 	  used.

+endif # MPU
+
+config SRAM_REGION_PERMISSIONS
+	bool "Assign appropriate permissions to kernel areas in SRAM"
+	depends on MMU || MPU
+	default y
+	help
+	  This option indicates that memory protection hardware
+	  is present, enabled, and regions have been configured at boot for memory
+	  ranges within the kernel image.
+
+	  If this option is turned on, certain areas of the kernel image will
+	  have the following access policies applied for all threads, including
+	  supervisor threads:
+
+	  1) All program text will be have read-only, execute memory permission
+	  2) All read-only data will have read-only permission, and execution
+	     disabled if the hardware supports it.
+	  3) All other RAM addresses will have read-write permission, and
+	     execution disabled if the hardware supports it.
+
+	  Options such as USERSPACE or HW_STACK_PROTECTION may additionally
+	  impose additional policies on the memory map, which may be global
+	  or local to the current running thread.
+
+	  This option may consume additional memory to satisfy memory protection
+	  hardware alignment constraints.
+
+	  If this option is disabled, the entire kernel will have default memory
+	  access permissions set, typically read/write/execute. It may be desirable
+	  to turn this off on MMU systems which are using the MMU for demand
+	  paging, do not need memory protection, and would rather not use up
+	  RAM for the alignment between regions.
+
 menu "Floating Point Options"

 config FPU
--- a/arch/arc/core/mpu/Kconfig
+++ b/arch/arc/core/mpu/Kconfig
@ -27,9 +27,10 @@ config MPU_STACK_GUARD

 config ARC_MPU
 	bool "ARC MPU Support"
+	select MPU
+	select SRAM_REGION_PERMISSIONS
 	select ARC_CORE_MPU
 	select THREAD_STACK_INFO
-	select MEMORY_PROTECTION
 	select GEN_PRIV_STACKS if ARC_MPU_VER = 2
 	select MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT if ARC_MPU_VER = 2
 	select MPU_REQUIRES_NON_OVERLAPPING_REGIONS if ARC_MPU_VER = 3
--- a/arch/arm/core/aarch32/cortex_m/mpu/Kconfig
+++ b/arch/arm/core/aarch32/cortex_m/mpu/Kconfig
@ -7,7 +7,8 @@ if CPU_HAS_MPU

 config ARM_MPU
 	bool "ARM MPU Support"
-	select MEMORY_PROTECTION
+	select MPU
+	select SRAM_REGION_PERMISSIONS
 	select THREAD_STACK_INFO
 	select ARCH_HAS_EXECUTABLE_PAGE_BIT
 	select MPU_REQUIRES_POWER_OF_TWO_ALIGNMENT if !(CPU_HAS_NXP_MPU || ARMV8_M_BASELINE || ARMV8_M_MAINLINE)
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@ -117,7 +117,9 @@ menuconfig RISCV_PMP
 	bool "RISC-V PMP Support"
 	default n
 	select THREAD_STACK_INFO
-	select MEMORY_PROTECTION if !BOARD_QEMU_RISCV32
+	select CPU_HAS_MPU
+	select MPU
+	select SRAM_REGION_PERMISSIONS
 	select ARCH_MEM_DOMAIN_SYNCHRONOUS_API if USERSPACE
 	select PMP_POWER_OF_TWO_ALIGNMENT if USERSPACE
 	help
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@ -183,7 +183,6 @@ config X86_VERY_EARLY_CONSOLE

 config X86_MMU
 	bool "Enable Memory Management Unit"
-	select MEMORY_PROTECTION
 	select MMU
 	help
 	  This options enables the memory management unit present in x86
--- a/tests/kernel/mem_protect/protection/testcase.yaml
+++ b/tests/kernel/mem_protect/protection/testcase.yaml
@ -1,5 +1,5 @@
 tests:
  kernel.memory_protection.protection:
    platform_exclude: twr_ke18f
-    filter: CONFIG_MEMORY_PROTECTION
+    filter: CONFIG_SRAM_REGION_PERMISSIONS
    tags: kernel security ignore_faults