Memory Protection

This module uses the MPU to protect the safety relevant data. The memory is divided into 5 parts, The region descriptors from 1 to 5 are used to configure these memory regions. The region descriptor 2 defines the data memory area in RAM(Protected-RAM) and region descriptor 4 defines the safety task stack. The write access is disabled for Protected-RAM and enabled for safety task stack initially. And, the other regions defined by MPU region descriptors 1,3 and 5 are given full access. The linker links all safety relevant symbols into the section mpu_bss. Preinitialized variables are linked into the mpu_data section. Safety relevant modules shall not contain preinitialized variables. The linker aborts the linking process if mpu_data section is not empty.

Public API

The public API of MemoryProtection consists of following methods:

    /**
     * Defines the memory regions with distinct attributes and access permissions by setting
     * the region descriptors.
     */
    static void init();
    /**
     * Changes the access permission for protected RAM region(FUSA_REGION) to full
     * access(read/write/execute).
     */
    static void fusaGateOpen();
    /**
     * Changes the access permission for protected RAM region(FUSA_REGION) to read only
     * access(read/no write/no execute).
     */
    static void fusaGateClose();
    /**
     * Returns the access permission status of protected RAM region(FUSA_REGION) and provides
     * full access(read/write/execute).
     * \return true if FUSA_REGION has read only access
     * \return false if FUSA_REGION has full access
     */
    static bool fusaGateGetLockAndUnlock();
    /**
     * Restores the previous access right of the FUSA_REGION.
     * \param gateLocked stores the old access permission of FUSA_REGION
     */
    static void fusaGateRestoreLock(bool gateLocked);
    /**
     * Checks whether the FUSA_REGION has read only access(read/no write/no execute).
     * \return true if region is locked
     * \return false if region has full access
     */
    static bool fusaGateIsLocked();
    static void fusaTaskStackCloseIsr();
    static void fusaTaskStackOpenIsr();
    /**
     * Verifies whether all the memory regions are configured correctly.
     * \return true if the region is configured correctly
     * \return false if there is a deviation in configuration of the region
     */
    static bool areRegionsConfiguredCorrectly(uint8_t& failed_region);