Zephyr OS Memory Protection
In this presentation we describe the MPU-based memory protection features we have introduced in the Zephyr RTOS, showing novel techniques for working around the limitations of MPU hardware, implementi …
| Talk Title | Zephyr OS Memory Protection |
| Speakers | Andrew Boie (Sr. Software Engineer, Intel Corporation) |
| Conference | Open Source Summit + ELC Europe |
| Conf Tag | |
| Location | Lyon, France |
| Date | Oct 27-Nov 1, 2019 |
| URL | Talk Page |
| Slides | Talk Slides Talk Slides |
| Video | |
In this presentation we describe the MPU-based memory protection features we have introduced in the Zephyr RTOS, showing novel techniques for working around the limitations of MPU hardware, implementing security domains in a physical memory map (no virtual memory), and maintaining API compatibility with platforms that do not have an MPU. We will show the permission management system to control access to kernel objects and device driver instances, and how both static and dynamically allocated kernel objects are managed. There will be some discussion on how global objects are routed to application memory domains and how we automatically manage size/alignment constraints of common MPU hardware. We will show how simple it is to define system calls. We have implemented futex-like capabilities to implement IPC mechanisms with no system calls required for uncontended locks. We will conclude with ongoing areas of development.
