removing MPU Hal - details in desc

since it impossible for me to debug NULL pointer dereference without flipper, blind developing went to its end
This commit is contained in:
MX 2022-08-06 05:35:14 +03:00
parent ffc3b634b8
commit 4bbec63f87
No known key found for this signature in database
GPG key ID: 6C4C311DFD4B4AB5
6 changed files with 16 additions and 180 deletions

View file

@ -32,7 +32,7 @@ extern uint32_t SystemCoreClock;
#define configUSE_16_BIT_TICKS 0 #define configUSE_16_BIT_TICKS 0
#define configUSE_MUTEXES 1 #define configUSE_MUTEXES 1
#define configQUEUE_REGISTRY_SIZE 0 #define configQUEUE_REGISTRY_SIZE 0
#define configCHECK_FOR_STACK_OVERFLOW 0 #define configCHECK_FOR_STACK_OVERFLOW 2
#define configUSE_RECURSIVE_MUTEXES 1 #define configUSE_RECURSIVE_MUTEXES 1
#define configUSE_COUNTING_SEMAPHORES 1 #define configUSE_COUNTING_SEMAPHORES 1
#define configENABLE_BACKWARD_COMPATIBILITY 0 #define configENABLE_BACKWARD_COMPATIBILITY 0
@ -145,7 +145,3 @@ standard names. */
#define USE_CUSTOM_SYSTICK_HANDLER_IMPLEMENTATION 1 #define USE_CUSTOM_SYSTICK_HANDLER_IMPLEMENTATION 1
#define configOVERRIDE_DEFAULT_TICK_CONFIGURATION \ #define configOVERRIDE_DEFAULT_TICK_CONFIGURATION \
1 /* required only for Keil but does not hurt otherwise */ 1 /* required only for Keil but does not hurt otherwise */
#define traceTASK_SWITCHED_IN() \
extern void furi_hal_mpu_set_stack_protection(uint32_t* stack); \
furi_hal_mpu_set_stack_protection((uint32_t*)pxCurrentTCB->pxStack)

View file

@ -1,5 +1,4 @@
#include <furi_hal.h> #include <furi_hal.h>
#include <furi_hal_mpu.h>
#include <stm32wbxx_ll_cortex.h> #include <stm32wbxx_ll_cortex.h>
@ -36,7 +35,6 @@ void furi_hal_deinit_early() {
} }
void furi_hal_init() { void furi_hal_init() {
furi_hal_mpu_init();
furi_hal_clock_init(); furi_hal_clock_init();
furi_hal_console_init(); furi_hal_console_init();
furi_hal_rtc_init(); furi_hal_rtc_init();
@ -82,6 +80,17 @@ void furi_hal_init() {
// FatFS driver initialization // FatFS driver initialization
MX_FATFS_Init(); MX_FATFS_Init();
FURI_LOG_I(TAG, "FATFS OK"); FURI_LOG_I(TAG, "FATFS OK");
// Partial null pointer dereference protection
LL_MPU_Disable();
LL_MPU_ConfigRegion(
LL_MPU_REGION_NUMBER0,
0x00,
0x0,
LL_MPU_REGION_SIZE_1MB | LL_MPU_REGION_PRIV_RO_URO | LL_MPU_ACCESS_BUFFERABLE |
LL_MPU_ACCESS_CACHEABLE | LL_MPU_ACCESS_SHAREABLE | LL_MPU_TEX_LEVEL1 |
LL_MPU_INSTRUCTION_ACCESS_ENABLE);
LL_MPU_Enable(LL_MPU_CTRL_PRIVILEGED_DEFAULT);
} }
void furi_hal_switch(void* address) { void furi_hal_switch(void* address) {

View file

@ -6,7 +6,6 @@
#include <stm32wbxx.h> #include <stm32wbxx.h>
#include <stm32wbxx_ll_tim.h> #include <stm32wbxx_ll_tim.h>
#include <stm32wbxx_ll_rcc.h> #include <stm32wbxx_ll_rcc.h>
#include <stm32wbxx_ll_cortex.h>
#define TAG "FuriHalInterrupt" #define TAG "FuriHalInterrupt"
@ -96,10 +95,6 @@ void furi_hal_interrupt_init() {
LL_SYSCFG_DisableIT_FPU_IDC(); LL_SYSCFG_DisableIT_FPU_IDC();
LL_SYSCFG_DisableIT_FPU_IXC(); LL_SYSCFG_DisableIT_FPU_IXC();
LL_HANDLER_EnableFault(LL_HANDLER_FAULT_USG);
LL_HANDLER_EnableFault(LL_HANDLER_FAULT_BUS);
LL_HANDLER_EnableFault(LL_HANDLER_FAULT_MEM);
FURI_LOG_I(TAG, "Init OK"); FURI_LOG_I(TAG, "Init OK");
} }
@ -246,20 +241,6 @@ void HardFault_Handler() {
} }
void MemManage_Handler() { void MemManage_Handler() {
if(FURI_BIT(SCB->CFSR, SCB_CFSR_MMARVALID_Pos)) {
uint32_t memfault_address = SCB->MMFAR;
if(memfault_address < (1024 * 1024)) {
// from 0x00 to 1MB, see FuriHalMpuRegionNULL
furi_crash("NULL pointer dereference");
} else {
// write or read of MPU region 1 (FuriHalMpuRegionStack)
furi_crash("MPU fault, possibly stack overflow");
}
} else if(FURI_BIT(SCB->CFSR, SCB_CFSR_MSTKERR_Pos)) {
// push to stack on MPU region 1 (FuriHalMpuRegionStack)
furi_crash("MemManage fault, possibly stack overflow");
}
furi_crash("MemManage"); furi_crash("MemManage");
} }

View file

@ -1,66 +0,0 @@
#include <furi_hal_mpu.h>
#include <stm32wbxx_ll_cortex.h>
#define FURI_HAL_MPU_ATTRIBUTES \
(LL_MPU_ACCESS_BUFFERABLE | LL_MPU_ACCESS_CACHEABLE | LL_MPU_ACCESS_SHAREABLE | \
LL_MPU_TEX_LEVEL1 | LL_MPU_INSTRUCTION_ACCESS_ENABLE)
#define FURI_HAL_MPU_STACK_PROTECT_REGION FuriHalMPURegionSize32B
void furi_hal_mpu_init() {
furi_hal_mpu_enable();
// NULL pointer dereference protection
furi_hal_mpu_protect_no_access(FuriHalMpuRegionNULL, 0x00, FuriHalMPURegionSize1MB);
}
void furi_hal_mpu_enable() {
LL_MPU_Enable(LL_MPU_CTRL_PRIVILEGED_DEFAULT);
}
void furi_hal_mpu_disable() {
LL_MPU_Disable();
}
void furi_hal_mpu_protect_no_access(
FuriHalMpuRegion region,
uint32_t address,
FuriHalMPURegionSize size) {
uint32_t size_ll = size;
size_ll = size_ll << MPU_RASR_SIZE_Pos;
furi_hal_mpu_disable();
LL_MPU_ConfigRegion(
region, 0x00, address, FURI_HAL_MPU_ATTRIBUTES | LL_MPU_REGION_NO_ACCESS | size_ll);
furi_hal_mpu_enable();
}
void furi_hal_mpu_protect_read_only(
FuriHalMpuRegion region,
uint32_t address,
FuriHalMPURegionSize size) {
uint32_t size_ll = size;
size_ll = size_ll << MPU_RASR_SIZE_Pos;
furi_hal_mpu_disable();
LL_MPU_ConfigRegion(
region, 0x00, address, FURI_HAL_MPU_ATTRIBUTES | LL_MPU_REGION_PRIV_RO_URO | size_ll);
furi_hal_mpu_enable();
}
void furi_hal_mpu_protect_disable(FuriHalMpuRegion region) {
furi_hal_mpu_disable();
LL_MPU_DisableRegion(region);
furi_hal_mpu_enable();
}
void furi_hal_mpu_set_stack_protection(uint32_t* stack) {
// Protection area address must be aligned to region size
uint32_t stack_ptr = (uint32_t)stack;
uint32_t mask = ((1 << (FURI_HAL_MPU_STACK_PROTECT_REGION + 2)) - 1);
stack_ptr &= ~mask;
if(stack_ptr < (uint32_t)stack) stack_ptr += (mask + 1);
furi_hal_mpu_protect_read_only(
FuriHalMpuRegionStack, stack_ptr, FURI_HAL_MPU_STACK_PROTECT_REGION);
}

View file

@ -1,86 +0,0 @@
/**
* @file furi_hal_light.h
* Light control HAL API
*/
#pragma once
#include <stdbool.h>
#include <stdint.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
FuriHalMpuRegionNULL = 0x00, // region 0 used to protect null pointer dereference
FuriHalMpuRegionStack = 0x01, // region 1 used to protect stack
FuriHalMpuRegion2 = 0x02,
FuriHalMpuRegion3 = 0x03,
FuriHalMpuRegion4 = 0x04,
FuriHalMpuRegion5 = 0x05,
FuriHalMpuRegion6 = 0x06,
FuriHalMpuRegion7 = 0x07,
} FuriHalMpuRegion;
typedef enum {
FuriHalMPURegionSize32B = 0x04U,
FuriHalMPURegionSize64B = 0x05U,
FuriHalMPURegionSize128B = 0x06U,
FuriHalMPURegionSize256B = 0x07U,
FuriHalMPURegionSize512B = 0x08U,
FuriHalMPURegionSize1KB = 0x09U,
FuriHalMPURegionSize2KB = 0x0AU,
FuriHalMPURegionSize4KB = 0x0BU,
FuriHalMPURegionSize8KB = 0x0CU,
FuriHalMPURegionSize16KB = 0x0DU,
FuriHalMPURegionSize32KB = 0x0EU,
FuriHalMPURegionSize64KB = 0x0FU,
FuriHalMPURegionSize128KB = 0x10U,
FuriHalMPURegionSize256KB = 0x11U,
FuriHalMPURegionSize512KB = 0x12U,
FuriHalMPURegionSize1MB = 0x13U,
FuriHalMPURegionSize2MB = 0x14U,
FuriHalMPURegionSize4MB = 0x15U,
FuriHalMPURegionSize8MB = 0x16U,
FuriHalMPURegionSize16MB = 0x17U,
FuriHalMPURegionSize32MB = 0x18U,
FuriHalMPURegionSize64MB = 0x19U,
FuriHalMPURegionSize128MB = 0x1AU,
FuriHalMPURegionSize256MB = 0x1BU,
FuriHalMPURegionSize512MB = 0x1CU,
FuriHalMPURegionSize1GB = 0x1DU,
FuriHalMPURegionSize2GB = 0x1EU,
FuriHalMPURegionSize4GB = 0x1FU,
} FuriHalMPURegionSize;
/**
* @brief Initialize memory protection unit
*/
void furi_hal_mpu_init();
/**
* @brief Enable memory protection unit
*/
void furi_hal_mpu_enable();
/**
* @brief Disable memory protection unit
*/
void furi_hal_mpu_disable();
void furi_hal_mpu_protect_no_access(
FuriHalMpuRegion region,
uint32_t address,
FuriHalMPURegionSize size);
void furi_hal_mpu_protect_read_only(
FuriHalMpuRegion region,
uint32_t address,
FuriHalMPURegionSize size);
void furi_hal_mpu_protect_disable(FuriHalMpuRegion region);
#ifdef __cplusplus
}
#endif

View file

@ -36,8 +36,10 @@ void* calloc(size_t count, size_t size) {
} }
char* strdup(const char* s) { char* strdup(const char* s) {
// arg s marked as non-null, so we need hack to check for NULL const char* s_null = s;
furi_check(((uint32_t)s << 2) != 0); if(s_null == NULL) {
return NULL;
}
size_t siz = strlen(s) + 1; size_t siz = strlen(s) + 1;
char* y = pvPortMalloc(siz); char* y = pvPortMalloc(siz);