Modern microcontrollers offer mechanisms to protect memory regions from being inadvertently accessed, either by programmer error or by malice. Until recently, Zephyr was not making use of it. This talk will present the work performed to retrofit memory protection in the Zephyr kernel, discussing the constraints, design decisions (affecting portability, security, and performance), its current state, and the next steps. We will discuss details on a novel method of tracking and validating kernel objects, techniques for defining system calls with a minimal amount of boilerplate code, details on our APIs for managing memory permissions, and details on the implementation of the protection feature for the ARC architecture.
Wayne Ren is a senior software engineer at Synopsys and located at Wuhan, P.R. China. He is one of the maintainers for the ARC architecture in Zephyr, the architect of embARC project, special member of TOPPERS project, and contributor of several other open source project. His expertizes... Read More →
