Skip to content

Thread class tz #6486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 23, 2018
Merged

Thread class tz #6486

merged 3 commits into from
Apr 23, 2018

Conversation

deepikabhavnani
Copy link

@deepikabhavnani deepikabhavnani commented Mar 27, 2018
edited
Loading

Description

tz_module Thread attribute for trustzone identifier is added in RTX, to allow non-secure thread to access secure functions. Adding access of this parameter in Thread class constructor.

Pull request type

[ ] Fix
[ ] Refactor
[ ] New target
[X] Feature
[ ] Breaking change

@ccli8 @cyliangtw

@deepikabhavnani deepikabhavnani force-pushed the thread_class_tz branch 2 times, most recently from dd3b64c to 0bdaaee Compare March 27, 2018 19:06
@deepikabhavnani
Copy link
Author

@0xc0170 - Optional parameter uint32_t tz_module is added to thread constructor. Is that considered as breaking change?

@cmonr cmonr requested review from bulislaw, sg- and SenRamakri March 28, 2018 03:33
@cmonr
Copy link
Contributor

cmonr commented Mar 28, 2018

@deepikabhavnani It's definitely considered a feature, but I don't think this would be considered a breaking change, especially since its an optional addition.

bulislaw
bulislaw reviewed Mar 28, 2018
View reviewed changes
Copy link
Member

@bulislaw bulislaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm very concerned with not having docs for that:

  • doxygen
  • Some proper technology page in handbook explaining what is it tz_module

@0xc0170
Copy link
Contributor

0xc0170 commented Mar 28, 2018

@deepikabhavnani It's definitely considered a feature, but I don't think this would be considered a breaking change, especially since its an optional addition.

it is a binary breakage so would be careful , as odin might be affected. To have it in constructor method OK, but Thread - why not overload it and add it there?

@deepikabhavnani
Copy link
Author

@bulislaw - Will add docs for sure.

@0xc0170 - All thread parameters are optional, if I add additional optional parameter then it will complain of multiple definitions found. I can have this as mandatory first parameter in case of overload, will that be fine?

@deepikabhavnani deepikabhavnani force-pushed the thread_class_tz branch 2 times, most recently from 5cffb24 to 52caf5e Compare March 28, 2018 18:22
@deepikabhavnani
Copy link
Author 

./mbed-os/targets/TARGET_STM/TARGET_STM32F4/TARGET_STM32F439xI/TARGET_MODULE_UBLOX_ODIN_W2/sdk/TOOLCHAIN_GCC_ARM/libublox-odin-w2-driver.a(cb_main.o): In function `cbMAIN_startOS()':
cb_main.cpp:(.text._Z14cbMAIN_startOSv+0x3a): undefined reference to `rtos::Thread::constructor(osPriority_t, unsigned long, unsigned char*, char const*)'
./mbed-os/targets/TARGET_STM/TARGET_STM32F4/TARGET_STM32F439xI/TARGET_MODULE_UBLOX_ODIN_W2/sdk/TOOLCHAIN_GCC_ARM/libublox-odin-w2-driver.a(cb_ticker_wrapper.o): In function `cbTICKER_WRAPPER_attach':
cb_ticker_wrapper.cpp:(.text.cbTICKER_WRAPPER_attach+0x44): undefined reference to `rtos::Thread::constructor(osPriority_t, unsigned long, unsigned char*, char const*)'

Trust zone module identifier added to thread class
044dfb1 
Non-Secure threads can access secure calls only when tz_module attribute is set
as 1(OS_SECURE_CALLABLE_THREAD), while thread creation.
Hence adding tz_module as an argument to ctor.
@deepikabhavnani deepikabhavnani requested a review from pan- March 29, 2018 21:57
pan-
pan- reviewed Apr 4, 2018
View reviewed changes
rtos/Thread.h
Thread(osPriority priority=osPriorityNormal,
uint32_t stack_size=OS_STACK_SIZE,
unsigned char *stack_mem=NULL, const char *name=NULL) {
constructor(priority, stack_size, stack_mem, name);
}

/** Allocate a new thread without starting execution
@param tz_module trustzone thread identifier (osThreadAttr_t::tz_module)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's a trustzone thread identifier ? How a user gets one and how does it alter a thread behavior ?

It would be interesting to have pointers to those answers in the function documentation.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@0xc0170 @pan- I have added description after this comment. Description is below this line, hence the comment is not outdated.
Does below description explain enough?

Context of RTOS threads in non-secure state must be saved when calling secure functions. tz_module ID is used to allocate context memory for threads, and it can be safely set to zero for threads not using secure calls at all. See "TrustZone RTOS Context Management" for more details.

rtos/Thread.h Outdated
@@ -73,6 +73,15 @@ namespace rtos {
* and underlying RTOS objects (static or dynamic RTOS memory pools are not being used).
* Additionally the stack memory for this thread will be allocated on the heap, if it wasn't supplied to the constructor.
*/

/* This flag can be used to change the default access of all threads in non-secure mode.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason to have this in the Thread header file ? Looks to me that it is only used as the default tz_module value used in implementation file.

If this value is useful for users; could you move this block above the thread documentation and doxygen it ?

Could you also indicates what it means if MBED_TZ_DEFAULT_ACCESS is set to 0 ?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason to have this in the Thread header file ?

I wanted to leave the description in header file, since different target devices can use it the way they want. In case of Nuvoton few of there peripherals are in secure mode, hence they need all user threads to have secure access (specially for green-tea testing). But some other target device might keep it as no secure access for user threads.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For compatibility and minimized impact, this is the better way for target specific setting and we could pass all green-tea & CI-Test on Nuvoton Cortex-M23 chip based on this change.

@0xc0170
Copy link
Contributor

0xc0170 commented Apr 10, 2018

@ccli8 @cyliangtw @SenRamakri

please review (approve/change requested)

0xc0170
0xc0170 approved these changes Apr 10, 2018
View reviewed changes
Copy link
Contributor

@0xc0170 0xc0170 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks fine to me, but have similar question to what @pan- asked here https://github.com/ARMmbed/mbed-os/pull/6486/files#r179068247

@0xc0170
Copy link
Contributor

0xc0170 commented Apr 16, 2018

/morph build

@mbed-ci
Copy link

mbed-ci commented Apr 16, 2018

Build : SUCCESS

Build number : 1757
Build artifacts/logs : http://mbed-os.s3-website-eu-west-1.amazonaws.com/?prefix=builds/6486/

Triggering tests

/morph test
/morph uvisor-test
/morph export-build
/morph mbed2-build

@mbed-ci
Copy link

mbed-ci commented Apr 16, 2018

Exporter Build : SUCCESS

Build number : 1394
Build artifacts/logs : http://mbed-os.s3-website-eu-west-1.amazonaws.com/?prefix=builds/exporter/6486/

@mbed-ci
Copy link

mbed-ci commented Apr 16, 2018

Test : SUCCESS

Build number : 1564
Test logs :http://mbed-os-logs.s3-website-us-west-1.amazonaws.com/?prefix=logs/6486/1564

@cmonr
Copy link
Contributor

cmonr commented Apr 17, 2018

@sg- @bulislaw @SenRamakri Care to review/re-review?

@0xc0170
Copy link
Contributor

0xc0170 commented Apr 17, 2018
edited
Loading

@deepikabhavnani One check - isn't this dependent on the CMSIS update that is currently under review? If yes, should be referenced and let us know about this.

@deepikabhavnani
Copy link
Author

@0xc0170 - This PR is not dependent on CMSIS update, required CMSIS changes are already part of master branch. https://github.com/ARMmbed/mbed-os/blob/master/rtos/TARGET_CORTEX/rtx5/RTX/Include/rtx_os.h#L129
https://github.com/ARMmbed/mbed-os/blob/master/rtos/TARGET_CORTEX/rtx5/RTX/Source/rtx_thread.c#L606

@cmonr cmonr merged commit 5fcc961 into ARMmbed:master Apr 23, 2018
@deepikabhavnani deepikabhavnani deleted the thread_class_tz branch April 23, 2018 18:38
@cyliangtw cyliangtw mentioned this pull request May 22, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bulislaw bulislaw bulislaw left review comments

@pan- pan- pan- approved these changes

@0xc0170 0xc0170 0xc0170 approved these changes

@cyliangtw cyliangtw cyliangtw approved these changes

@ccli8 ccli8 ccli8 approved these changes

@SenRamakri SenRamakri SenRamakri approved these changes

@sg- sg- Awaiting requested review from sg-

Assignees
No one assigned
Labels
release-version: 5.9.0-rc1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@deepikabhavnani @cmonr @0xc0170 @mbed-ci @bulislaw @pan- @cyliangtw @ccli8 @SenRamakri