Add a configuration file for the nRF52840 DK so that it uses RTT for
debugging and enables more protection measures.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
- Use the built-in mechanism for configuration overlays
(having a boards/ folder with <board>.conf fragments)
- Clean up variables that were giving warnings
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Avoid the HCI-USB race condition where HCI data and HCI events can be
re-ordered, and pairing information appears to be sent unencrypted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Fix to remove assertion failure check on detecting invalid
packet sequence used by peer central and that no non-empty
packet was transmitted.
Fixes#22967.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Set the size of the storage partition in flash used by the NVS example
to 3 times the erase-block-size for this SoC family. In this case a
total of 12KB (as 3 erase-block-sizes is the minimum).
Signed-off-by: Oane Kingma <o.kingma@interay.com>
A recent patch allowed an error code to be returned even though the
execution path treated it as a non-error condition. Clear the code
before returning.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Add qemu-cortex-a53 memory regions with proper attributes
to translation tables. Minimal regions to execute "hello_world"
are added as of now, More granular memory regions should be
added later as per the requirement.
Signed-off-by: Abhishek Shah <abhishek.shah@broadcom.com>
Add zephyr execution regions(text, rodata, data, noinit, bss, etc.)
with proper attributes to translation tables.
Linker script has been modified a little to align these sections to
minimum translation granule(4 kB).
With this in place, code cannot be overwritten accidently as it is
marked read only. Similarly, execution is prohibited from data/RW
section as it is marked execute-never.
Signed-off-by: Abhishek Shah <abhishek.shah@broadcom.com>
Add MMU support for ARMv8A. We support 4kB translation granule.
Regions to be mapped with specific attributes are required to be
at least 4kB aligned and can be provided through platform file(soc.c).
Signed-off-by: Abhishek Shah <abhishek.shah@broadcom.com>
Following changes are done:
- The vector table should be placed in text segment.
- Removed Vector relay table related entries as it is
only applicable to aarch32.
- irq_vector_table contains ISR pointers - should be placed
in rodata segment.
- put openocd_dbg in rodata and skip adding <linker_relocate.ld>
as CONFIG_CODE_DATA_RELOCATION is not defined for aarch64
currently (add later if needed).
Fixes: #22673
Signed-off-by: Abhishek Shah <abhishek.shah@broadcom.com>
plt and got sections are used for dynamic linking which
is not supported in Zephyr.
Reference: #11953
commit 3ba7097e73 ("linker: add orphan sections to linker script")
Signed-off-by: Abhishek Shah <abhishek.shah@broadcom.com>
Add a page describing the high-level design goals for how Zephyr
should use DT, with examples and counter-examples from current
practice.
Add a TBD section for code generation. It's not clear (to me at least)
where the discussion on that has landed.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
Combine various bits of information that were formerly scattered about
into a logical order, and fix a few mistakes.
Make some policy changes, e.g. discouraging the use of fixup macros.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
The one page on devicetree is too long. Split it into multiple pages
to make it easier to digest and more squintable. This is basically
just moving content around; minimal changes have been made apart from
redoing some transitions and adding a couple of introductory paragraphs.
Rename the 'device-tree' Sphinx :ref: target while we are here.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
Due to cleanups in west targeted at getting rid of zephyr-specific
code, extension commands can no longer rely on ZEPHYR_BASE being set
in the calling environment at import time (it's still set at run()
time for now, though, to keep west build working).
Add a new helper to make dealing with this easier from west sign.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
Refactor the code to support the new runners.yaml file created by the
build system.
Compared to fishing around in the CMake cache, this makes it trivial
to put all the command line arguments to a runner-based command on
equal footing, regardless of if they're defined in the runners package
proper or defined in run_common.py.
This allows board.cmake files to do things like this:
board_set_runner_args(foo
--bin-file=${PROJECT_BINARY_DIR}/my-signed.bin)
While at it, make some other cleanups:
- Stop using the obsolete and deprecated west.cmake module while we're
here in favor of the zcmake.py module which was added to Zephyr a long
time ago. Yikes. I had forgotten this was still here.
- Stop using west.util's wrap function in favor of raw use of
textwrap. The west function splits on hyphens, which is breaking
runner names like "em-starterkit".
- Clean up the --context output a bit
Fixes: #22563
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
The YAML contents mirror the values in the ZEPHYR_RUNNER_CONFIG
variables, but they are phrased in terms of command line arguments.
This makes it possible for Python to intermix them with
runner-specific arguments, which is a step towards being able to set
arguments like --bin-file via board_set_runner_args(). The next step
is to handle them in Python too.
Move the RUNNERS_VERBOSE setting closer to its use while at it, to
preserve readability.
Signed-off-by: Martí Bolívar <marti.bolivar@nordicsemi.no>
This commit contributes a simple test-suite which verifies the
internal (ARCH) implementation for user mode syscalls, as well
as the stack limit checking mechanism for ARMv8-M MCUS.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Hammer all CPUs with multiple threads all making system calls
that do memory allocations and buffer validation, in the hopes
that it will help smoke out concurrency issues.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We lock IRQs around writing to RNR and immediate reading of RBAR
RASR in ARMv7-M MPU driver. We do this for the functions invoked
directly or undirectly by arch_buffer_validate(). This locking
guarantees that
- arch_buffer_validate() calls by ISRs may safely preempt each
other
- arch_buffer_validate() calls by threads may safely preempt
each other (i.e via context switch -out and -in again).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When entering user mode, and before the privileged are dropped,
the thread switches back to using its default (user) stack. For
stack limit checking not to lead to a stack overflow, the PSPLIM
and PSP register updates need to be done with PendSV IRQ locked.
This is because context-switch (done in PendSV IRQ) reprograms
the stack pointer limit register based on the current PSP
of the thread. This commit enforces PendSV locking and
unlocking while reprogramming PSP and PSPLIM when switching to
user stack at z_arm_userspace_enter().
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Modifying the PSP via an MSR instruction is not subject to
stack limit checking so we can remove the relevant code
block in the begining of z_arm_userspace_enter(), which clears
PSPLIM. We add a comment when setting the PSP to the privilege
stack to stress that clearing the PSPLIM is not required and it
is always a safe operation.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When returning from a system call, the thread switches back
to using its default (user) stack. For stack limit checking
not to lead to a stack overflow, the updates of PSPLIM and
PSP registers need to be done with PendSV IRQ locked. This
is because context-switch (done in PendSV IRQ) reprograms
the stack pointer limit register based on the current PSP
of the thread. This commit enforces PendSV locking and
unlocking while reprogramming PSP and PSPLIM when returning
from a system call.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
In this commit we remove the PSPLIM clearing when entering
z_arm_do_syscall(), since we want PSPLIM to keep guarding
the user thread stack, until the thread has switched to its
privileged stack, for executing the system call.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Thread will be in privileged mode after returning from SCVall. It
will use the default (user) stack before switching to the privileged
stack to execute the system call. We need to protect the user stack
against stack overflows until this stack transition. We update the
note in z_arm_do_syscall(), stating clearly that it executing with
stack protection when building with stack limit checking support
(ARMv8-M only).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When configuring the built-in stack guard, via setting the
PSPLIM register, during thread context-switch, we shall only
set PSPLIM to "guard" the thread's privileged stack area when
the thread is actually using it (PSP is on this stack).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We do not need to have the PSPLIM clearing directly inside
the PendSV handler and outside the function that configures
it, configure_builtin_stack_guard(), since the latter is also
invoked inside the PendSV handler. This commit moves the
PSPLIM clearing inside configure_builtin_stack_guard(). The
patch is not introducing any behavioral change on the
stack limit checking mechanism for Cortex-M.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We add the mechanism to generate offset #defines for
thread stack info start, to be used directly in ASM.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
We introduce a macro to define the IRQ priority level for
PendsV, and use it in arch/arm/include/aarch32/exc.h
to set the PendSV IRQ level. The commit does not change
the behavior of PendSV interrupt.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit adds some documentation for the exception
priority scheme for 32-bit ARM architecture variants.
In addition we document that SVCall priority level for
ARMv6-M is implicitly set to highest (by leaving it as
default).
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Public arm/aarch32/exc.h header file is used by both
Cortex-M and Cortex-R; we update the header information
accordingly.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
If IO APIC is in logical destination mode, local APICs compare their
logical APIC ID defined in LDR (Logical Destination Register) with
the destination code sent with the interrupt to determine whether or not
to accept the incoming interrupt.
This patch programs LDR in xAPIC mode to support IO APIC logical mode.
The local APIC ID from local APIC ID register can't be used as the
'logical APIC ID' because LAPIC ID may not be consecutive numbers hence
it makes it impossible for LDR to encode 8 IDs within 8 bits.
This patch chooses 0 for BSP, and for APs, cpu_number which is the index
to x86_cpuboot[], which ultimately assigned in z_smp_init[].
Signed-off-by: Zide Chen <zide.chen@intel.com>
Currently IO APIC is working in physical destination mode, which
doesn't support interrupt to be delivered to multiple local APICs.
By definition only 4 bits [59:63] in IO APIC IOREDTBL register are
available for destination addresses and it contains an APIC ID only.
This patch changes it to logical destination mode so that IOREDTBL
can potentially define a set of processors and it's posible to deliver
interrupts to multiple APICs.
Also it changes delivery mode from fixed to lowest priority. The reason
being in fixed mode, the interrupt could be delivered to all CPUs
which put burden in software to handle repeated interrupts. While in
lowest priority mode, interrupt is delivered to one local APIC only.
Signed-off-by: Zide Chen <zide.chen@intel.com>
mcuboot.overlay is not used any more when BOOTLOADER_MCUBOOT Kconfig
option is selected. Update the documentation accordingly.
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
The method used to link code partition, as defined by
zephyr,code-partition has been modified in Zephyr 1.14. Update the
"Linking Zephyr Within a Partition" section to reflect the change.
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
The method used to link code partition, as defined by
zephyr,code-partition has been modified in Zephyr 1.14. Remove any
remaining, outdated documentation that was embedded in the board dts
files.
Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
The recent synchronization work required that the kernel guarantee
switch_handle is non-null, but it did it in a way that works for ARC
and x86_64 but would clobber the work xtensa had already done to
populate that field.
There's no point: just make this an assert, as it's always been the
arch layer's job.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
Distinguish between nRF51/nRF52 and nRF53 platforms in the
inline comments when definining the built-time asserts for
the test.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The commit fixes the test for nRF5340-based platforms by
customizing the ISR offset and the IRQ vector table.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When the length of the transfer is an exact multiple of IN endpoint MPS
in the ring buffer, transfer one byte less to avoid zero-length packet.
Otherwise the application running on the host may conclude that there
is no more data to be received (i.e. the transaction has completed),
hence not triggering another I/O Request Packet (IRP).
Fixes#21713.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>