FreeRTOS Support Archive
The FreeRTOS support forum is used to obtain active support directly from Real
Time Engineers Ltd. In return for using our top quality software and services for
free, we request you play fair and do your bit to help others too! Sign up
to receive notifications of new support topics then help where you can.
This is a read only archive of threads posted to the FreeRTOS support forum.
The archive is updated every week, so will not always contain the very latest posts.
Use these archive pages to search previous posts. Use the Live FreeRTOS Forum
link to reply to a post, or start a new support thread.
[FreeRTOS Home] [Live FreeRTOS Forum] [FAQ] [Archive Top] [August 2013 Threads] FreeRTOS-MPU security (privileges)Posted by Stefano Cristalli on August 16, 2013 Hello, I am currently testing FreeRTOS-MPU on STM32F4, and it has occured to me that a restricted task could call library functions xTaskCreate or xTaskCreateRestricted in order to spawn other tasks, perhaps with malicious code inside them. Is that a behavior that should be blocked? How would someone prevent such tasks from calling xTaskCreate?
Thanks in advance.
RE: FreeRTOS-MPU security (privileges)Posted by Richard on August 16, 2013 Currently there is no way of preventing a non-privileged task from creating a privileged task, but it could conceivable done relatively simply by updating the implementation of MPU_xTaskGenericCreate() in the MPU port layer's port.c file. The update would check to see if the scheduler was running, and if so, only allow a privileged task to be created if the MCU was already running in the privileged mode when MPU_xTaskGenericCreate() was called (that information is already known because it is stored in the xRunningPrivileged variable within the function).
However...in statically linked small systems there is an assumption that the system architecture is familiar with all the code s/he is building into the project. It is therefore unlikely to include malicious code, so any additional safe guards would primarily safe guard against simple design mistakes.
Regards.
Copyright (C) Amazon Web Services, Inc. or its affiliates. All rights reserved.
|