Dynamic kernel objects no longer is hard-coded to use the kernel
heap. Instead, objects will now be drawn from the calling thread's
resource pool.
Since we now have a reference counting mechanism, if an object
loses all its references and it was dynamically allocated, it will
be automatically freed.
A parallel dlist is added for efficient iteration over the set of
all dynamic objects, allowing deletion during iteration.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Forthcoming patches will dual-purpose an object's permission
bitfield as also reference tracking for kernel objects, used to
handle automatic freeing of resources.
We do not want to allow user thread A to revoke thread B's access
to some object O if B is in the middle of an API call using O.
However we do want to allow threads to revoke their own access to
an object, so introduce a new API and syscall for that.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Adding a new kernel object type or driver subsystem requires changes
in various different places. This patch makes it easier to create
those devices by generating as much as possible in compile time.
No behavior change.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Driver APIs might not implement all operations, making it possible for
a user thread to get the kernel to execute a function at 0x00000000.
Perform runtime checks in all the driver handlers, checking if they're
capable of performing the requested operation.
Fixes#6907.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This patch adds documentation on the design and implementation of stack
objects for architectures which utilize MPU backed stack and memory
protection.
Signed-off-by: Andy Gross <andy.gross@linaro.org>
Remove thread from memory domain API (k_mem_domain_remove_thread())has
only one argument which is thread ID as per the implementation whereas
documentation says there has to be two arguments, memory domain and
thread ID.Memory domain argument is not required as a thread belongs
to single memory domain at any point in time. Also memory domain
initialisation function (k_mem_domain_init()) should accept only 3
arguments i.e, memory domain name, number of parts and array of
pointers to the memory domain, instead of 4.
Signed-off-by: Spoorthi K <spoorthi.k@intel.com>
The expected order for heading levels in our ReST documents is # for H1,
* for H2, = for H3, and - for H4. Some documents snuck in without
following this guideline.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
The existing docs immediately dive into the details without providing
the user with any kind of high level overview or description of the
threat model.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit fixes
https://github.com/zephyrproject-rtos/zephyr/issues/5008.
It does so by splitting up gen_syscalls.py into two scripts with a
json metadata file to communicate syscall metadata between them. The
parsing script parses header files from include/ and writes syscall
metadata to a file if the contents changed. The generation script
reads from the json file and generates syscall code.
The build system DAG now looks like this:
always_rebuild -> json -> syscalls -> offset.o
The script for generating json will do so only if the content changes,
this ensures that the entire DAG does not always do a full rebuild.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
This gives more detail on how system calls with large argument
lists, or large return value types should be handled.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This initial batch of documentation describes policies and
mechanism related to kernel objects and system calls.
Some details on porting user mode to a new arch have been
provided in the architecture porting guide.
Thread documentation updated with some user mode consideration.
This is not the final documentation, more to come in subsequent
patches.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
