Memory Protection
This module uses the MPU to protect the safety relevant data. The memory is divided into 5 parts, The region descriptors from 1 to 5 are used to configure these memory regions. The region descriptor 2 defines the data memory area in RAM(Protected-RAM) and region descriptor 4 defines the safety task stack. The write access is disabled for Protected-RAM and enabled for safety task stack initially. And, the other regions defined by MPU region descriptors 1,3 and 5 are given full access. The linker links all safety relevant symbols into the section mpu_bss. Preinitialized variables are linked into the mpu_data section. Safety relevant modules shall not contain preinitialized variables. The linker aborts the linking process if mpu_data section is not empty.
Public API
The public API of MemoryProtection consists of following methods:
/**
* Defines the memory regions with distinct attributes and access permissions by setting
* the region descriptors.
*/
static void init();
/**
* Changes the access permission for protected RAM region(FUSA_REGION) to full
* access(read/write/execute).
*/
static void fusaGateOpen();
/**
* Changes the access permission for protected RAM region(FUSA_REGION) to read only
* access(read/no write/no execute).
*/
static void fusaGateClose();
/**
* Returns the access permission status of protected RAM region(FUSA_REGION) and provides
* full access(read/write/execute).
* \return true if FUSA_REGION has read only access
* \return false if FUSA_REGION has full access
*/
static bool fusaGateGetLockAndUnlock();
/**
* Restores the previous access right of the FUSA_REGION.
* \param gateLocked stores the old access permission of FUSA_REGION
*/
static void fusaGateRestoreLock(bool gateLocked);
/**
* Checks whether the FUSA_REGION has read only access(read/no write/no execute).
* \return true if region is locked
* \return false if region has full access
*/
static bool fusaGateIsLocked();
static void fusaTaskStackCloseIsr();
static void fusaTaskStackOpenIsr();
/**
* Verifies whether all the memory regions are configured correctly.
* \return true if the region is configured correctly
* \return false if there is a deviation in configuration of the region
*/
static bool areRegionsConfiguredCorrectly(uint8_t& failed_region);