Add in-line documentation describing the process of register
preservation and exception handling on Cortex-R.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
The interrupt exit and swap service routines for Cortex-R
unnecessarily preserve r0 and lr registers when making function calls
using bl instruction.
In case of _IntExit in exc_exit.S, the r0 register containing the
caller mode is preserved at the top, and the lr register can safely be
assumed to have been saved into the system mode stack by the interrupt
service routine.
In case of __svc in swap_helper.S, since the function saves lr to the
system mode stack at the top and exits through _IntExit, it is not
necessary to preserve lr register when executing bl instructions.
Signed-off-by: Stephanos Ioannidis <root@stephanos.io>
This patch re-namespaces global variables and functions
that are used only within the arch/arm/ code to be
prefixed with z_arm_.
Some instances of CamelCase have been corrected.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Various C and Assembly modules
make function calls to z_sys_trace_*. These merely call
corresponding functions sys_trace_*. This commit
is to simplify these by making direct function calls
to the sys_trace_* functions from these modules.
Subsequently, the z_sys_trace_* functions are removed.
Signed-off-by: Mrinal Sen <msen@oticon.com>
We need to correct the inline comment in swap_helper.S,
which is suggesting that system call attempts with
invalid syscall IDs (i.e. above the limit) do not force
the CPU to elevate privileges. This is in fact not true,
since the execution flow moves into valid syscall ID
handling.
In other words, all we do for system calls with invalid
ID numbers is to treat them as valid syscalls with the
K_SYSCALL_BAD ID value.
We fix the inline documentation to reflect the actual
execution flow.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
System call arguments are indexed from 1 to 6, so arg0
is corrected to arg1 in two occasions. In addition, the
ARM function for system calls is now called z_arm_do_syscall,
so we update the inline comment in __svc handler.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
When in Sharing Floating Point Services mode we want to
dynamically save and restore the FP registers in thread
context switch, depending on whether the swapped-in and
swapped-out threads are currently using the FP registers.
This commit adds this functionality to the ARM context
switch mechanism. The logic consists of inspecting the
corresponding status flag (present in thread.arch.mode)
to decide whether to save or restore the FP registers.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The compiler generates errors of the form
error: "CONFIG_IRQ_OFFLOAD" is not defined, evaluates to 0
[-Werror=undef]
when -Wundef is used and the config option was turned off. Change
check to if defined().
Signed-off-by: Bradley Bolen <bbolen@lexmark.com>
The compiler generates errors of the form
error: "CONFIG_USERSPACE" is not defined, evaluates to 0 [-Werror=undef]
when -Wundef is used and the config option was turned off. Change
check to if defined().
Signed-off-by: Bradley Bolen <bbolen@lexmark.com>
When performing thread context-switch it is not necessary to
have IRQs locked while saving the current thread's callee-saved
(and possibly floating point) registers. We only need to lock
the interrupts when accessing the thread ready queue cache.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Rename reserved function names in arch/ subdirectory. The Python
script gen_priv_stacks.py was updated to follow the 'z_' prefix
naming.
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
This commit updates the thread.mode variable, in system
calls, whenever we modify the execution privilege level.
We need to do this, in order to be able to properly handle
context-switching triggered by ISRs, while doing the system
calls. The commit ensures that a context-switch, triggered
by an ISR during or after,a system call will preserve the
right privilege level.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The ARM Cortex-M 321 application note is stressing that if
we disable interrupts by executing CPSID i(f), or by MSR
instructions (on PRIMASK, FAULTMASK registers), there is no
requirement to add barrier instructions after disabling
interupts. However, in ARMv7-M (and ARMv8-M Mainline) we use
BASEPRI, instead. Therefore, if we need the effect of disabling
interrupts to be recongnized immediately we should add barrier
instructions. This commit adds DSB and ISB barriers when
disabling interrupt using BASEPRI in the generic
arm _irq_lock() function as well as in the PendSV handler,
where we need to access kernel globals right after the interrups
are disabled.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
The clang ARM assembler is a bit stricter than GNU as, make a few
changes so things build with both
Signed-off-by: Peter Smith <peter.smith@linaro.org>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Update reserved function names starting with one underscore, replacing
them as follows:
'_k_' with 'z_'
'_K_' with 'Z_'
'_handler_' with 'z_handl_'
'_Cstart' with 'z_cstart'
'_Swap' with 'z_swap'
This renaming is done on both global and those static function names
in kernel/include and include/. Other static function names in kernel/
are renamed by removing the leading underscore. Other function names
not starting with any prefix listed above are renamed starting with
a 'z_' or 'Z_' prefix.
Function names starting with two or three leading underscores are not
automatcally renamed since these names will collide with the variants
with two or three leading underscores.
Various generator scripts have also been updated as well as perf,
linker and usb files. These are
drivers/serial/uart_handlers.c
include/linker/kobject-text.ld
kernel/include/syscall_handler.h
scripts/gen_kobject_list.py
scripts/gen_syscall_header.py
Signed-off-by: Patrik Flykt <patrik.flykt@intel.com>
This commit fixes several essential inline comments in the
core assembly code for ARM, improving code readability.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Fixing the documentation for ARM core __svc function, which was
outdated and present only for the ARMv7-M version.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Stacking r3 at this point is not required as the register value
is not used afterwards, therefore, it does not need to be
retained.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Due to code re-organization inside __pendSV(), the stacking
and unstacking of scratch registers around the invocation of
read_timer_end_of_swap() is no longer required.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This patch adjusts the way we are doing push/pop operations before
making function calls inside of assembly routines. ARM requires 8
byte aligned stack operations across public interfaces. This means
that we need to be sure to push multiples of 2 registers.
Fixes#2108
Signed-off-by: Andy Gross <andy.gross@linaro.org>
This commit introduces an ARM API that allows the user to
program a set of dynamic MPU regions at run-time. The API
function is invoked every time the memory map needs to be
re-programmed (for example at thread context-switch). The
functionality is implementated in arm_core_mpu.c.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This commit extends the support of built-in thread stack
protection (i.e. based on the stack pointer limit registers)
in ARMv8-M, so that it works with user mode. The commit
does the following:
- enables and disables the stack limit checking on the
privileged stack, inside thread system calls, and upon
entering user mode,
- does not enable stack limit checking in context switch,
if the thread is in user mode.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
Move to more generic tracing hooks that can be implemented in different
ways and do not interfere with the kernel.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Define generic interface and hooks for tracing to replace
kernel_event_logger and existing tracing facilities with something more
common.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
There exist two symbols that became equivalent when PR #9383 was
merged; _SYSCALL_LIMIT and K_SYSCALL_LIMIT. This patch deprecates the
redundant _SYSCALL_LIMIT symbol.
_SYSCALL_LIMIT was initally introduced because before PR #9383 was
merged K_SYSCALL_LIMIT was an enum, which couldn't be included into
assembly files. PR #9383 converted it into a define, which can be
included into assembly files, making _SYSCALL_LIMIT redundant.
Likewise for _SYSCALL_BAD.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
In some kernel configurations, the offset can be greater
than the maximum of 124 for ldr/str immediate offsets.
Fixes: #9113
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The PendSV handler sits below the priority of other OS interrupts, but
it was inspecting kernel state before masking those interrupts out!
Move the locking to the top.
Signed-off-by: Andy Ross <andrew.j.ross@intel.com>
The r7 register is used as a frame pointer on ARM Thumb. As result, it
cannot be modified by the assembly code in functions using stack frame.
This commit replaces r7 by r8, which is a general purpose register.
Also it fixes#7704.
Signed-off-by: Piotr Zięcik <piotr.ziecik@nordicsemi.no>
Remove unused context switch code from the helper assembly file that
manages the SuperVisor Call invocations (SVCs). This is no longer in use
in the code, since all calls to __swap() now go through PendSV directly.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
This commit activates the built-in stack guard on the main_thread
before jumping to it upon system initialization. Stack guard is
activated if BUILTIN_STACK_GUARD is enabled by the user. The
commit also activates built-in thread stack guards at every
context switch, if BUILTIN_STACK_GUARD enabled by the user.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
This patch changes the ARM system calls to use registers for passing
or arguments. This removes the possibility of stack issues when
callers do not adhere to the AAPCS.
Fixes#6802
Signed-off-by: Andy Gross <andy.gross@linaro.org>
During the transition of privilege levels while performing syscalls,
the ARM documentation recommends flushing the pipeline to avoid
pre-fetched instructions from being executed with the previous
privilege level.
The manual says:
4.16 CONTROL register
(...) after programming the CONTROL register, an ISB instruction
should be used.
(...) This is not implemented in the Cortex M0 processor.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This patch reworks the current ARM __swap() function into a C function.
Due to some issues with using svc calls withing fault handlers, we
needed to change the way we initiate a swap by removing the dependence
on svc #0.
Before __swap() is called, the system has already done an irq_lock().
Upon return from __swap(), the equivalent of an irq_lock() is done due
to restoration of the key value from the irq_lock preceeding the call.
For ARM V6M (M0/M0+), the pendsv bit is toggled and the irqs are
enabled. There is no priority masking in v6m, so it's just a global
enable. For ARM V7M, the priority mask has to be set to 0x0 to allow
for the pendsv IRQ to be taken. This is done for both via a call to
irq_unlock(0).
After this unlock, a pendsv irq will be taken, either at the tail end
of the current irq handling if we are in handler mode, or immediately
due to the pendsv being asserted (no other outstanding irqs). The next
thread will be scheduled.
Upon return from the context switch to the original
thread, the priority mask will already be correct due to the pendsv
processing.
Signed-off-by: Andy Gross <andy.gross@linaro.org>