In embedded development environments, due to the lack of address isolation between processes,
fd may be passed between processes and lead to misuse,
We have designed an fd cross-process automatic detection tool,
fdcheck_protect returns the fd containing the pid information,
indicating that the ownership of the current fd belongs to the pid and is not allowed to be used by other processes.
fdcheck_restore will obtain the true fd and check if the ownership of the fd is legal
For ease of understanding, let's give an example where
the following information is represented in 32-bit binary format
fd 00000000 00000000 00000000 10001010
pid 00000000 00000000 00000011 01010101
ret 00000000 00000011 01010101 10001010
Signed-off-by: hujun5 <hujun5@xiaomi.com>
FD (file descriptor) is widely used in system software development,
and almost all implementations of posix os (including nuttx) use FD as an index.
the value of fd needs to be allocated starting from the minimum available value of 3, and each process has a copy,
so the same fd value is very easy to reuse in the program.
In multi threaded or multi process environments without address isolation,
If the ownership, global variables, and competition relationships of fd are not properly handled,
there may be issues with fd duplication or accidental closure.
Further leading to the following issues, which are difficult to troubleshoot.
1. Security vulnerability: the fd we wrote is not the expected fd and will be accessed by hackers to obtain data
2. Program exceptions or crashes: write or read fd failures, and program logic errors
3. The structured file XML or database is damaged: the data format written to the database is not the expected format.
The implementation principle of fdsan is based on the implementation of Android
https://android.googlesource.com/platform/bionic/+/master/docs/fdsan.md
Signed-off-by: hujun5 <hujun5@xiaomi.com>
sim/rpserver
NuttShell (NSH) NuttX-12.0.0
server> cu
_assert: Current Version: NuttX server 12.0.0 3ead669e7a-dirty Feb 2 2023 23:53:48 sim
_assert: Assertion failed : at file: libs/libc/misc/lib_mutex.c:303 task: cu 0x5662fff4
Signed-off-by: chao an <anchao@xiaomi.com>
NuttX kernel should not use the syscall functions, especially after
enabling CONFIG_SCHED_INSTRUMENTATION_SYSCALL, all system functions
will be traced to backend, which will impact system performance.
Signed-off-by: chao an <anchao@xiaomi.com>
This PR adds the driver for Allwinner A64's MIPI Display Serial Interface (DSI) and MIPI Display Physical Layer (D-PHY).
This driver will be used by the upcoming Display Driver for PINE64 PinePhone.
- `include/nuttx/crc16.h`: Added 16-bit CRC-CCITT
- `libs/libc/misc/Make.defs`: Added 16-bit CRC-CCITT to Makefile
- `arch/arm64/src/a64/Kconfig`: Added the Kconfig option for "A64 Peripheral Selection > MIPI DSI" (`CONFIG_A64_MIPI_DSI`), which enables the MIPI DSI Driver
- `arch/arm64/src/a64/hardware/a64_memorymap.h`: Added the Base Address for MIPI DSI
- `arch/arm64/src/a64/Make.defs`: Added the MIPI DSI Driver to the Makefile
- `libs/libc/misc/lib_crc16ccitt.c`: Compute 16-bit CRC-CCITT
- `arch/arm64/src/a64/mipi_dsi.c`, `mipi_dsi.h`: Compose MIPI DSI Packets (Long, Short, Short with Parameter)
- `arch/arm64/src/a64/a64_mipi_dsi.c`, `a64_mipi_dsi.h`: MIPI DSI Driver for Allwinner A64
- `arch/arm64/src/a64/a64_mipi_dphy.c`, `a64_mipi_dphy.h`: MIPI D-PHY Driver for Allwinner A64
- `platforms/arm/a64/boards/pinephone/index.rst`: Added MIPI DSI as supported peripheral for PinePhone
Co-Authored-By: Petro Karashchenko <petro.karashchenko@gmail.com>
arm-none-eabi-ld: nuttx/staging/libc.a(lib_impure.o):(.data.impure_data+0x4): undefined reference to `__sf'
arm-none-eabi-ld: nuttx/staging/libc.a(lib_impure.o):(.data.impure_data+0x8): undefined reference to `__sf'
arm-none-eabi-ld: nuttx/staging/libc.a(lib_impure.o):(.data.impure_data+0xc): undefined reference to `__sf'
Toolchain:
Version: GNU Arm Embedded Toolchain to Version 11.3.Rel1(August 8, 2022)
Tar: arm-gnu-toolchain-11.3.rel1-x86_64-arm-none-eabi.tar.xz
Break change:
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=b0cb9f85ca3626e0e68fd451c3090d253ceb4300
Signed-off-by: chao an <anchao@xiaomi.com>
to ensure the generated key is unique from each other since only
root pseduo file system really support st_ino field after:
commit d35fbf534d51f7ef72382d9666a1f19e07c6f00f
Author: Xiang Xiao <xiaoxiang@xiaomi.com>
Date: Fri Sep 16 14:24:55 2022 +0800
fs: Allocate unique serial number for the root pseduo file system node
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
some toolchain provider remove const qualifier from global_impure_ptr
(e.g. Espressif) but other provider keep it(e.g. ARM or Cadence), so
let's define const to empty macro to pass the compile and more safety.
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
* libs/libc/misc/lib_getrandom.c, in function getrandom():
We were assigning the return value of _NX_READ() to nbytes, a
variable of the unsigned type size_t. Note that _NX_READ() resolves
to either read() or nx_read(), both of which return the signed type
ssize_t to indicate either the number of bytes read successfully
(>= 0) or an error (< 0). Then we were testing for a negative
size_t value, a condition that can never occur. The end result is
that if an error occured in _NX_READ(), it would never be detected
and getrandom() would return some large positive value. This bug is
corrected by assigning the return value of _NX_READ() to a new local
variable, ret, of size ssize_t.
to fix the gcov link error:
arm-none-eabi-ld: /home/xiaoxiang/vela/prebuilts/gcc/linux/arm/bin/../lib/gcc/arm-none-eabi/10.3.1/thumb/v7e-m/nofp/libgcov.a(_gcov.o): in function `gcov_error_exit':
libgcov-driver.c:(.text+0x7c): undefined reference to `_impure_ptr'
arm-none-eabi-ld: /home/xiaoxiang/vela/prebuilts/gcc/linux/arm/bin/../lib/gcc/arm-none-eabi/10.3.1/thumb/v7e-m/nofp/libgcov.a(_gcov.o): in function `get_gcov_error_file':
libgcov-driver.c:(.text+0x1e0): undefined reference to `_impure_ptr'
arm-none-eabi-ld: /home/xiaoxiang/vela/prebuilts/gcc/linux/arm/bin/../lib/gcc/arm-none-eabi/10.3.1/thumb/v7e-m/nofp/libgcov.a(_gcov.o): in function `gcov_exit_open_gcda_file.isra.0':
libgcov-driver.c:(.text+0x660): undefined reference to `_impure_ptr'
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
each invocation of va_start() must be matched by a corresponding
invocation of va_end() in the same function
Signed-off-by: chao.an <anchao@xiaomi.com>