A user space buffer must be validated before required operation
can proceed. This API will check the current MMU
configuration to determine if the buffer held by the user is valid.
Jira: ZEP-2326
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
We can use the chosen property "zephyr,console" to determine what uart
should be used as the console and find its name to generate a define for
CONFIG_UART_CONSOLE_ON_DEV_NAME.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This breaks too easily, for example if &some_linker_variable
is used. The names don't matter at all, use preprocessor
__COUNTER__.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Previously we were instantiating QEMU with 32MB of RAM but
only enabling a small fraction of it.
Now we boot with 8MB of ram. We ignore the first 4K so we can
make that an unmapped paged to catch NULL pointer dereferences.
If XIP is enabled, the "ROM" region will be the first half of
memory, the "RAM" region the latter.
Move the IDT_LIST and MMU_LIST regions elsewhere so they don't
overlap the new memory arrangement.
Use !XIP to fix a problem where CONFIG_RAM_SIZE was set incorrectly
for XIP case.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The defaults of 0x100000 for ROM and 0x400000 for RAM are intended
to 'fake' a XIP configuration, this all takes place in just RAM.
The gap between these two values is 3 megabytes, specify this
properly.
Fixes numerous test cases on qemu_x86 if CONFIG_XIP is enabled.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This patch allows more generic USB configuration in the samples
and removes platform dependent driver configuration.
Signed-off-by: Johann Fischer <j.fischer@phytec.de>
patch adds necessary files and does the modification to the existing
files to add device support for x86 based intel quark microcontroller
Signed-off-by: Savinay Dharmappa <savinay.dharmappa@intel.com>
1. Changed _tsc_read() to k_cycles_get_32(). Thus reading the
time stamp will be agnostic of the architecutre used.
2. Changed the variable names from *_tsc to *_time_stamp.
JIRA: ZEP-1426
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Add a separate section in the linker to place the MMU configuration
information. This location is read by the gen_mmu.py script to
create the actual page tables.
JIRA: ZEP-2095
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
In crt0.S the MMU is initialized. It uses the statically build
page tables. Here 32-bit paging scheme is used, thereby each page
table entry maps to a 4KB page. The valid regions of the memory are
specified by SOC specific file(soc.c).
JIRA: ZEP-2099
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Makefile rule to create the MMU page tables at boot time. This
rule invokes the gen_mmu.py script to create a binary which is
then placed into the kernel image using objcopy.
Makefile.mmu is included only when CONFIG_X86_MMU is enabled.
JIRA: ZEP-2095
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Macro is used to create a structure to specify the boot time
page table configuration. Needed by the gen_mmu.py script to generate
the actual page tables.
Linker script is needed for the following:
1. To place the MMU page tables at 4KByte boundary.
2. To keep the configuration structure created by
the Macro(mentioned above).
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Kconfig definition for enabling the memory management Unit
on x86 based platforms.
JIRA: ZEP-2093
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
Stack sentinel doesn't prevent corruption, it just notices when
it happens. Any memory could be in a bad state and it's more
appropriate to take the entire system down rather than just kill
the thread.
Fatal testcase will still work since it installs its own
_SysFatalErrorHandler.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
One of the stack sentinel policies was to check the sentinel
any time a cooperative context switch is done (i.e, _Swap is
called).
This was done by adding a hook to _check_stack_sentinel in
every arch's __swap function.
This way is cleaner as we just have the hook in one inline
function rather than implemented in several different assembly
dialects.
The check upon interrupt is now made unconditionally rather
than checking if we are calling __swap, since the check now
is only called on cooperative _Swap(). The interrupt is always
serviced first.
Issue: ZEP-2244
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The kernel tracks time slice usage with the _time_slice_elapsed global.
Every time the timer interrupt goes off and the timer driver calls
_nano_sys_clock_tick_announce() with the elapsed time, this is added to
_time_slice_elapsed. If it exceeds the total time slice, the thread is
moved to the back of the queue for that priority level and
_time_slice_elapsed is reset to zero.
In a non-tickless kernel, this is the only time _time_slice_elapsed is
reset. If a thread uses up a partial time slice, and then cooperatively
switches to another thread, the next thread will inherit the remaining
time slice, causing it not to be able to run as long as it ought to.
There does exist code to properly reset the elapsed count, but it was
only compiled in a tickless kernel. Now it is built any time
CONFIG_TIMESLICING is enabled.
Issue: ZEP-2107
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This reverts commit 37f4178f58.
This change builds gen_idt in the zephyr project tree instead of
building it in outdir of the application. The build process should all
happen inside outdir and no binaries should be placed in the zephyr
tree.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This places a sentinel value at the lowest 4 bytes of a stack
memory region and checks it at various intervals, including when
servicing interrupts or context switching.
This is implemented on all arches except ARC, which supports stack
bounds checking directly in hardware.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
For various reasons its often necessary to generate certain
complex data structures at build-time by separate tools outside
of the C compiler. Data is populated to these tools by way of
special binary sections not intended to be included in the final
binary. We currently do this to generate interrupt tables, forthcoming
work will also use this to generate MMU page tables.
The way we have been doing this is to generatea "kernel_prebuilt.elf",
extract the metadata sections with objcopy, run the tool, and then
re-link the kernel with the extra data *and* use objcopy to pull
out the unwanted sections.
This doesn't scale well if multiple post-build steps are needed.
Now this is much simpler; in any Makefile, a special
GENERATED_KERNEL_OBJECT_FILES variable may be appended to containing
the filenames to the generated object files, which will be generated
by Make in the usual fashion.
Instead of using objcopy to pull out, we now create a linker-pass2.cmd
which additionally defines LINKER_PASS2. The source linker script
can #ifdef around this to use the special /DISCARD/ section target
to not include metadata sections in the final binary.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
None of this is currently necessary, the spurious interrupt
stubs and exception entry code is included in the binary just
fine. To make matters worse, some data referenced lives in the
.intList section which is completely stripped out of the binary.
If in the future we find certain essential functions are being
garbage collected when they should not be, the proper way to
mitigate this is with KEEP() directives in the linker script.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Unline k_thread_spawn(), the struct k_thread can live anywhere and not
in the thread's stack region. This will be useful for memory protection
scenarios where private kernel structures for a thread are not
accessible by that thread, or we want to allow the thread to use all the
stack space we gave it.
This requires a change to the internal _new_thread() API as we need to
provide a separate pointer for the k_thread.
By default, we still create internal threads with the k_thread in stack
memory. Forthcoming patches will change this, but we first need to make
it easier to define k_thread memory of variable size depending on
whether we need to store coprocessor state or not.
Change-Id: I533bbcf317833ba67a771b356b6bbc6596bf60f5
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This was more or less transplanted from old Viper codebase (Zephyr's
ancestor which supported paging) and adapted to current coding style.
Change-Id: I203e631f1dcd5f2fb4e9a2fa9339fc7521c7962d
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Adds event based scheduling logic to the kernel. Updates
management of timeouts, timers, idling etc. based on
time tracked at events rather than periodic ticks. Provides
interfaces for timers to announce and get next timer expiry
based on kernel scheduling decisions involving time slicing
of threads, timeouts and idling. Uses wall time units instead
of ticks in all scheduling activities.
The implementation involves changes in the following areas
1. Management of time in wall units like ms/us instead of ticks
The existing implementation already had an option to configure
number of ticks in a second. The new implementation builds on
top of that feature and provides option to set the size of the
scheduling granurality to mili seconds or micro seconds. This
allows most of the current implementation to be reused. Due to
this re-use and co-existence with tick based kernel, the names
of variables may contain the word "tick". However, in the
tickless kernel implementation, it represents the currently
configured time unit, which would be be mili seconds or
micro seconds. The APIs that take time as a parameter are not
impacted and they continue to pass time in mili seconds.
2. Timers would not be programmed in periodic mode
generating ticks. Instead they would be programmed in one
shot mode to generate events at the time the kernel scheduler
needs to gain control for its scheduling activities like
timers, timeouts, time slicing, idling etc.
3. The scheduler provides interfaces that the timer drivers
use to announce elapsed time and get the next time the scheduler
needs a timer event. It is possible that the scheduler may not
need another timer event, in which case the system would wait
for a non-timer event to wake it up if it is idling.
4. New APIs are defined to be implemented by timer drivers. Also
they need to handler timer events differently. These changes
have been done in the HPET timer driver. In future other timers
that support tickles kernel should implement these APIs as well.
These APIs are to re-program the timer, update and announce
elapsed time.
5. Philosopher and timer_api applications have been enabled to
test tickless kernel. Separate configuration files are created
which define the necessary CONFIG flags. Run these apps using
following command
make pristine && make BOARD=qemu_x86 CONF_FILE=prj_tickless.conf qemu
Jira: ZEP-339 ZEP-1946 ZEP-948
Change-Id: I7d950c31bf1ff929a9066fad42c2f0559a2e5983
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
Future tickless kernel patches would be inserting some
code before call to Swap. To enable this it will create
a mcro named as the current _Swap which would call first
the tickless kernel code and then call the real __swap()
Jira: ZEP-339
Change-Id: Id778bfcee4f88982c958fcf22d7f04deb4bd572f
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
Historically, space for struct k_thread was always carved out of the
thread's stack region. However, we want more control on where this data
will reside; in memory protection scenarios the stack may only be used
for actual stack data and nothing else.
On some platforms (particularly ARM), including kernel_arch_data.h from
the toplevel kernel.h exposes intractable circular dependency issues.
We create a new per-arch header "kernel_arch_thread.h" with very limited
scope; it only defines the three data structures necessary to instantiate
the arch-specific bits of a struct k_thread.
Change-Id: I3a55b4ed4270512e58cf671f327bb033ad7f4a4f
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
When calling scripts/gen_idt, if we don't have $ZEPHYR_BASE/scripts in
the path, it will fail, so we can call it with its full path to avoid
such need.
Change-Id: I47b340c9f3204ad8740c29e663e12082208bb13b
Signed-off-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
We reserve a specific vector in the IDT to trigger when we want to
enter a fatal exception state from software.
Disabled for drivers/build_all tests as we were up to the ROM limit
on Quark D2000.
Issue: ZEP-843
Change-Id: I4de7f025fba0691d07bcc3b3f0925973834496a0
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Unlike assertions, these APIs are active at all times. The kernel will
treat these errors in the same way as fatal CPU exceptions. Ultimately,
the policy of what to do with these errors is implemented in
_SysFatalErrorHandler.
If the archtecture supports it, a real CPU exception can be triggered
which will provide a complete register dump and PC value when the
problem occurs. This will provide more helpful information than a fake
exception stack frame (_default_esf) passed to the arch-specific exception
handling code.
Issue: ZEP-843
Change-Id: I8f136905c05bb84772e1c5ed53b8e920d24eb6fd
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We do the same thing on all arch's right now for thread_monitor_init so
lets put it in a common place. This also should fix an issue on xtensa
when thread monitor can be enabled (reference to _nanokernel.threads).
Change-Id: If2f26c1578aa1f18565a530de4880ae7bd5a0da2
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
We do a bit of the same stuff on all the arch's to setup a new thread.
So lets put that code in a common place so we unify it for everyone and
reduce some duplicated code.
Change-Id: Ic04121bfd6846aece16aa7ffd4382bdcdb6136e3
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
There are a few places that we used an naked unsigned type, lets be
explicit and make it 'unsigned int'.
Change-Id: I33fcbdec4a6a1c0b1a2defb9a5844d282d02d80e
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types. This handles the remaining includes and kernel, plus
touching up various points that we skipped because of include
dependancies. We also convert the PRI printf formatters in the arch
code over to normal formatters.
Jira: ZEP-2051
Change-Id: Iecbb12601a3ee4ea936fd7ddea37788a645b08b0
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types. There are few places we dont convert over to the new
types because of compatiability with ext/HALs or for ease of transition
at this point. Fixup a few of the PRI formatters so we build with newlib.
Jira: ZEP-2051
Change-Id: I7d2d3697cad04f20aaa8f6e77228f502cd9c8286
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This is a start to move away from the C99 {u}int{8,16,32,64}_t types to
Zephyr defined u{8,16,32,64}_t and s{8,16,32,64}_t. This allows Zephyr
to define the sized types in a consistent manor across all the
architectures we support and not conflict with what various compilers
and libc might do with regards to the C99 types.
We introduce <zephyr/types.h> as part of this and have it include
<stdint.h> for now until we transition all the code away from the C99
types.
We go with u{8,16,32,64}_t and s{8,16,32,64}_t as there are some
existing variables defined u8 & u16 as well as to be consistent with
Zephyr naming conventions.
Jira: ZEP-2051
Change-Id: I451fed0623b029d65866622e478225dfab2c0ca8
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This reverts commit da8bff6b20.
We revert this as we intent to move away from {u}int{8,16,32,64}_t types
to our own internal types for sized variables so we shouldn't need the
PRI macros anymore.
Change-Id: Ibb1fae7500bddb4772b8830d497a0e5f78b44bcc
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
To allow for various libc implementations (like newlib) in which the way
various {u}int{8,16,32}_t types are defined vary between both libc
implementations and across architectures we need to utilize the PRI
defines.
Change-Id: Ic4e65db52c8d693228cf80584283d4d06e68b5ad
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
