From 331362d45ac226c29060524dc8732e382d9106b1 Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Wed, 7 Sep 2022 14:58:52 +0530 Subject: [PATCH] Restrict unpriv task to invoke code with privilege It was possible for an unprivileged task to invoke any function with privilege by passing it as a parameter to MPU_xTaskCreate, MPU_xTaskCreateStatic, MPU_xTimerCreate, MPU_xTimerCreateStatic, or MPU_xTimerPendFunctionCall. This commit ensures that MPU_xTaskCreate and MPU_xTaskCreateStatic can only create unprivileged tasks. It also removes the following APIs: 1. MPU_xTimerCreate 2. MPU_xTimerCreateStatic 3. MPU_xTimerPendFunctionCall We thank Huazhong University of Science and Technology for reporting this issue. Signed-off-by: Gaurav Aggarwal --- include/mpu_wrappers.h | 3 -- portable/Common/mpu_wrappers.c | 96 +++------------------------------- 2 files changed, 6 insertions(+), 93 deletions(-) diff --git a/include/mpu_wrappers.h b/include/mpu_wrappers.h index 5a2611305..b355ae44a 100644 --- a/include/mpu_wrappers.h +++ b/include/mpu_wrappers.h @@ -120,13 +120,10 @@ #endif /* Map standard timer.h API functions to the MPU equivalents. */ - #define xTimerCreate MPU_xTimerCreate - #define xTimerCreateStatic MPU_xTimerCreateStatic #define pvTimerGetTimerID MPU_pvTimerGetTimerID #define vTimerSetTimerID MPU_vTimerSetTimerID #define xTimerIsTimerActive MPU_xTimerIsTimerActive #define xTimerGetTimerDaemonTaskHandle MPU_xTimerGetTimerDaemonTaskHandle - #define xTimerPendFunctionCall MPU_xTimerPendFunctionCall #define pcTimerGetName MPU_pcTimerGetName #define vTimerSetReloadMode MPU_vTimerSetReloadMode #define uxTimerGetReloadMode MPU_uxTimerGetReloadMode diff --git a/portable/Common/mpu_wrappers.c b/portable/Common/mpu_wrappers.c index 6207d3880..c8aed16df 100644 --- a/portable/Common/mpu_wrappers.c +++ b/portable/Common/mpu_wrappers.c @@ -65,6 +65,9 @@ portRAISE_PRIVILEGE(); portMEMORY_BARRIER(); + uxPriority = uxPriority & ~( portPRIVILEGE_BIT ); + portMEMORY_BARRIER(); + xReturn = xTaskCreate( pvTaskCode, pcName, usStackDepth, pvParameters, uxPriority, pxCreatedTask ); portMEMORY_BARRIER(); @@ -97,6 +100,9 @@ portRAISE_PRIVILEGE(); portMEMORY_BARRIER(); + uxPriority = uxPriority & ~( portPRIVILEGE_BIT ); + portMEMORY_BARRIER(); + xReturn = xTaskCreateStatic( pxTaskCode, pcName, ulStackDepth, pvParameters, uxPriority, puxStackBuffer, pxTaskBuffer ); portMEMORY_BARRIER(); @@ -1708,67 +1714,6 @@ } /*-----------------------------------------------------------*/ - #if ( ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) - TimerHandle_t MPU_xTimerCreate( const char * const pcTimerName, - const TickType_t xTimerPeriodInTicks, - const UBaseType_t uxAutoReload, - void * const pvTimerID, - TimerCallbackFunction_t pxCallbackFunction ) /* FREERTOS_SYSTEM_CALL */ - { - TimerHandle_t xReturn; - - if( portIS_PRIVILEGED() == pdFALSE ) - { - portRAISE_PRIVILEGE(); - portMEMORY_BARRIER(); - - xReturn = xTimerCreate( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction ); - portMEMORY_BARRIER(); - - portRESET_PRIVILEGE(); - portMEMORY_BARRIER(); - } - else - { - xReturn = xTimerCreate( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction ); - } - - return xReturn; - } - #endif /* if ( ( configSUPPORT_DYNAMIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) */ -/*-----------------------------------------------------------*/ - - #if ( ( configSUPPORT_STATIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) - TimerHandle_t MPU_xTimerCreateStatic( const char * const pcTimerName, - const TickType_t xTimerPeriodInTicks, - const UBaseType_t uxAutoReload, - void * const pvTimerID, - TimerCallbackFunction_t pxCallbackFunction, - StaticTimer_t * pxTimerBuffer ) /* FREERTOS_SYSTEM_CALL */ - { - TimerHandle_t xReturn; - - if( portIS_PRIVILEGED() == pdFALSE ) - { - portRAISE_PRIVILEGE(); - portMEMORY_BARRIER(); - - xReturn = xTimerCreateStatic( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction, pxTimerBuffer ); - portMEMORY_BARRIER(); - - portRESET_PRIVILEGE(); - portMEMORY_BARRIER(); - } - else - { - xReturn = xTimerCreateStatic( pcTimerName, xTimerPeriodInTicks, uxAutoReload, pvTimerID, pxCallbackFunction, pxTimerBuffer ); - } - - return xReturn; - } - #endif /* if ( ( configSUPPORT_STATIC_ALLOCATION == 1 ) && ( configUSE_TIMERS == 1 ) ) */ -/*-----------------------------------------------------------*/ - #if ( configUSE_TIMERS == 1 ) void * MPU_pvTimerGetTimerID( const TimerHandle_t xTimer ) /* FREERTOS_SYSTEM_CALL */ { @@ -1870,35 +1815,6 @@ #endif /* if ( configUSE_TIMERS == 1 ) */ /*-----------------------------------------------------------*/ - #if ( ( INCLUDE_xTimerPendFunctionCall == 1 ) && ( configUSE_TIMERS == 1 ) ) - BaseType_t MPU_xTimerPendFunctionCall( PendedFunction_t xFunctionToPend, - void * pvParameter1, - uint32_t ulParameter2, - TickType_t xTicksToWait ) /* FREERTOS_SYSTEM_CALL */ - { - BaseType_t xReturn; - - if( portIS_PRIVILEGED() == pdFALSE ) - { - portRAISE_PRIVILEGE(); - portMEMORY_BARRIER(); - - xReturn = xTimerPendFunctionCall( xFunctionToPend, pvParameter1, ulParameter2, xTicksToWait ); - portMEMORY_BARRIER(); - - portRESET_PRIVILEGE(); - portMEMORY_BARRIER(); - } - else - { - xReturn = xTimerPendFunctionCall( xFunctionToPend, pvParameter1, ulParameter2, xTicksToWait ); - } - - return xReturn; - } - #endif /* if ( ( INCLUDE_xTimerPendFunctionCall == 1 ) && ( configUSE_TIMERS == 1 ) ) */ -/*-----------------------------------------------------------*/ - #if ( configUSE_TIMERS == 1 ) void MPU_vTimerSetReloadMode( TimerHandle_t xTimer, const UBaseType_t uxAutoReload ) /* FREERTOS_SYSTEM_CALL */