diff --git a/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_DYNAMIC/main.c b/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_DYNAMIC/main.c index 7a94f1b3f..0200c6cbe 100644 --- a/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_DYNAMIC/main.c +++ b/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_DYNAMIC/main.c @@ -27,7 +27,7 @@ sb_class_t sbx1, sbx2; /*===========================================================================*/ -/* VHAL-related. */ +/* VIO-related. */ /*===========================================================================*/ static vio_gpio_units_t gpio_units1 = { @@ -116,8 +116,19 @@ static const drv_streams_element_t streams[] = { /* SB-related. */ /*===========================================================================*/ +/* Working areas for sandboxes.*/ +static THD_WORKING_AREA(waUnprivileged1, 512); +static THD_WORKING_AREA(waUnprivileged2, 512); + /* Sandbox 1 configuration.*/ static const sb_config_t sb_config1 = { + .thread = { + .name = "sbx1", + .wsp = waUnprivileged1, + .size = sizeof (waUnprivileged1), + .prio = NORMALPRIO - 10, + .vrq_prio = NORMALPRIO - 1 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -152,6 +163,13 @@ static const sb_config_t sb_config1 = { /* Sandbox 2 configuration.*/ static const sb_config_t sb_config2 = { + .thread = { + .name = "sbx2", + .wsp = waUnprivileged2, + .size = sizeof (waUnprivileged2), + .prio = NORMALPRIO - 20, + .vrq_prio = NORMALPRIO - 2 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -202,9 +220,6 @@ static const char *sbx2_envp[] = { NULL }; -static THD_WORKING_AREA(waUnprivileged1, 512); -static THD_WORKING_AREA(waUnprivileged2, 512); - /*===========================================================================*/ /* Main and generic code. */ /*===========================================================================*/ @@ -213,9 +228,7 @@ static void start_sb1(void) { thread_t *utp; /* Starting sandboxed thread 1.*/ - utp = sbStartThread(&sbx1, "sbx1", - waUnprivileged1, sizeof (waUnprivileged1), - NORMALPRIO - 1, sbx1_argv, sbx1_envp); + utp = sbStartThread(&sbx1, sbx1_argv, sbx1_envp); if (utp == NULL) { chSysHalt("sbx1 failed"); } @@ -238,9 +251,7 @@ static void start_sb2(void) { vfsClose(np); /* Starting sandboxed thread 2.*/ - utp = sbStartThread(&sbx2, "sbx2", - waUnprivileged2, sizeof (waUnprivileged2), - NORMALPRIO - 2, sbx2_argv, sbx2_envp); + utp = sbStartThread(&sbx2, sbx2_argv, sbx2_envp); if (utp == NULL) { chSysHalt("sbx2 failed"); } diff --git a/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_STATIC/main.c b/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_STATIC/main.c index 3a6203fcf..acd14b91f 100644 --- a/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_STATIC/main.c +++ b/demos/STM32/RT-STM32G474RE-NUCLEO64-SB_HOST_STATIC/main.c @@ -27,7 +27,7 @@ sb_class_t sbx1, sbx2; /*===========================================================================*/ -/* VHAL-related. */ +/* VIO-related. */ /*===========================================================================*/ static vio_gpio_units_t gpio_units1 = { @@ -116,8 +116,19 @@ static const drv_streams_element_t streams[] = { /* SB-related. */ /*===========================================================================*/ +/* Working areas for sandboxes.*/ +static THD_WORKING_AREA(waUnprivileged1, 512); +static THD_WORKING_AREA(waUnprivileged2, 512); + /* Sandbox 1 configuration.*/ static const sb_config_t sb_config1 = { + .thread = { + .name = "sbx1", + .wsp = waUnprivileged1, + .size = sizeof (waUnprivileged1), + .prio = NORMALPRIO - 10, + .vrq_prio = NORMALPRIO - 1 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -138,6 +149,13 @@ static const sb_config_t sb_config1 = { /* Sandbox 2 configuration.*/ static const sb_config_t sb_config2 = { + .thread = { + .name = "sbx2", + .wsp = waUnprivileged2, + .size = sizeof (waUnprivileged2), + .prio = NORMALPRIO - 20, + .vrq_prio = NORMALPRIO - 2 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -174,9 +192,6 @@ static const char *sbx2_envp[] = { NULL }; -static THD_WORKING_AREA(waUnprivileged1, 512); -static THD_WORKING_AREA(waUnprivileged2, 512); - /*===========================================================================*/ /* Main and generic code. */ /*===========================================================================*/ @@ -185,9 +200,7 @@ static void start_sb1(void) { thread_t *utp; /* Starting sandboxed thread 1.*/ - utp = sbStartThread(&sbx1, "sbx1", - waUnprivileged1, sizeof (waUnprivileged1), - NORMALPRIO - 1, sbx1_argv, sbx1_envp); + utp = sbStartThread(&sbx1, sbx1_argv, sbx1_envp); if (utp == NULL) { chSysHalt("sbx1 failed"); } @@ -210,9 +223,7 @@ static void start_sb2(void) { vfsClose(np); /* Starting sandboxed thread 2.*/ - utp = sbStartThread(&sbx2, "sbx2", - waUnprivileged2, sizeof (waUnprivileged2), - NORMALPRIO - 2, sbx2_argv, sbx2_envp); + utp = sbStartThread(&sbx2, sbx2_argv, sbx2_envp); if (utp == NULL) { chSysHalt("sbx2 failed"); } diff --git a/demos/STM32/RT-STM32L4R9-DISCOVERY-RAM_SB_HOST_DYNAMIC/main.c b/demos/STM32/RT-STM32L4R9-DISCOVERY-RAM_SB_HOST_DYNAMIC/main.c index ce3c02702..66638c3d0 100644 --- a/demos/STM32/RT-STM32L4R9-DISCOVERY-RAM_SB_HOST_DYNAMIC/main.c +++ b/demos/STM32/RT-STM32L4R9-DISCOVERY-RAM_SB_HOST_DYNAMIC/main.c @@ -64,8 +64,21 @@ static const drv_streams_element_t sb1_streams[] = { /* SB-related. */ /*===========================================================================*/ +/* Sandbox objects.*/ +sb_class_t sbx1; + +/* Working areas for sandboxes.*/ +static THD_WORKING_AREA(waUnprivileged1, 2048); + /* Sandbox 1 configuration.*/ static const sb_config_t sb_config1 = { + .thread = { + .name = "sbx1", + .wsp = waUnprivileged1, + .size = sizeof (waUnprivileged1), + .prio = NORMALPRIO - 10, + .vrq_prio = NORMALPRIO - 1 + }, .code_region = 0U, .data_region = 0U, .regions = { @@ -94,9 +107,6 @@ static const sb_config_t sb_config1 = { .vfs_driver = (vfs_driver_c *)&sb1_root_overlay_driver }; -/* Sandbox objects.*/ -sb_class_t sbx1; - static const char *sbx1_argv[] = { "msh", NULL @@ -109,8 +119,6 @@ static const char *sbx1_envp[] = { NULL }; -static THD_WORKING_AREA(waUnprivileged1, 2048); - /*===========================================================================*/ /* Main and generic code. */ /*===========================================================================*/ @@ -244,9 +252,7 @@ int main(void) { /* * Running the sandbox. */ - ret = sbExec(&sbx1, "/bin/msh.elf", - waUnprivileged1, sizeof (waUnprivileged1), NORMALPRIO - 1, - sbx1_argv, sbx1_envp); + ret = sbExec(&sbx1, "/bin/msh.elf", sbx1_argv, sbx1_envp); if (CH_RET_IS_ERROR(ret)) { chprintf((BaseSequentialStream *)&SD2, "SBX1 launch failed (%08lx)\r\n", ret); } diff --git a/demos/STM32/RT-STM32L4R9-DISCOVERY-SB_HOST_STATIC/main.c b/demos/STM32/RT-STM32L4R9-DISCOVERY-SB_HOST_STATIC/main.c index 1b66c0c63..fd9efc735 100644 --- a/demos/STM32/RT-STM32L4R9-DISCOVERY-SB_HOST_STATIC/main.c +++ b/demos/STM32/RT-STM32L4R9-DISCOVERY-SB_HOST_STATIC/main.c @@ -74,8 +74,22 @@ static const drv_streams_element_t sb2_streams[] = { /* SB-related. */ /*===========================================================================*/ +/* Sandbox objects.*/ +sb_class_t sbx1, sbx2; + +/* Working areas for sandboxes.*/ +static THD_WORKING_AREA(waUnprivileged1, 2048); +static THD_WORKING_AREA(waUnprivileged2, 2048); + /* Sandbox 1 configuration.*/ static const sb_config_t sb_config1 = { + .thread = { + .name = "sbx1", + .wsp = waUnprivileged1, + .size = sizeof (waUnprivileged1), + .prio = NORMALPRIO - 10, + .vrq_prio = NORMALPRIO - 1 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -95,6 +109,13 @@ static const sb_config_t sb_config1 = { /* Sandbox 2 configuration.*/ static const sb_config_t sb_config2 = { + .thread = { + .name = "sbx2", + .wsp = waUnprivileged2, + .size = sizeof (waUnprivileged2), + .prio = NORMALPRIO - 20, + .vrq_prio = NORMALPRIO - 2 + }, .code_region = 0U, .data_region = 1U, .regions = { @@ -112,9 +133,6 @@ static const sb_config_t sb_config2 = { .vfs_driver = (vfs_driver_c *)&sb2_root_overlay_driver }; -/* Sandbox objects.*/ -sb_class_t sbx1, sbx2; - static const char *sbx1_argv[] = { "ls", NULL @@ -139,9 +157,6 @@ static const char *sbx2_envp[] = { NULL }; -static THD_WORKING_AREA(waUnprivileged1, 2048); -static THD_WORKING_AREA(waUnprivileged2, 2048); - /*===========================================================================*/ /* Main and generic code. */ /*===========================================================================*/ @@ -327,17 +342,13 @@ int main(void) { MPU_RASR_ENABLE); /* Starting sandboxed thread 1.*/ - tp = sbStartThread(&sbx1, "sbx1", - waUnprivileged1, sizeof (waUnprivileged1), NORMALPRIO - 1, - sbx1_argv, sbx1_envp); + tp = sbStartThread(&sbx1, sbx1_argv, sbx1_envp); if (tp == NULL) { chSysHalt("sbx1 failed"); } /* Starting sandboxed thread 2.*/ - tp = sbStartThread(&sbx2, "sbx2", - waUnprivileged2, sizeof (waUnprivileged2), NORMALPRIO - 1, - sbx2_argv, sbx2_envp); + tp = sbStartThread(&sbx2, sbx2_argv, sbx2_envp); if (tp == NULL) { chSysHalt("sbx2 failed"); } diff --git a/os/sb/host/sb.h b/os/sb/host/sb.h index 14885e728..6c853e774 100644 --- a/os/sb/host/sb.h +++ b/os/sb/host/sb.h @@ -238,6 +238,31 @@ typedef struct { * @brief Type of a sandbox configuration structure. */ typedef struct { + /** + * @brief Thread-related configurations. + */ + struct { + /** + * @brief Thread name. + */ + const char *name; + /** + * @brief Thread working area. + */ + void *wsp; + /** + * @brief Working area size. + */ + size_t size; + /** + * @brief Thread priority. + */ + tprio_t prio; + /** + * @brief Thread priority while serving a VRQ. + */ + tprio_t vrq_prio; + } thread; /** * @brief Memory region for code. * @note It is used to locate the startup header. diff --git a/os/sb/host/sbhost.c b/os/sb/host/sbhost.c index 26c8d17e8..8c6c2660f 100644 --- a/os/sb/host/sbhost.c +++ b/os/sb/host/sbhost.c @@ -204,18 +204,14 @@ void sbObjectInit(sb_class_t *sbp, const sb_config_t *config) { * @brief Starts a sandboxed thread. * * @param[in] sbp pointer to a @p sb_class_t structure - * @param[in] name name to be assigned to the thread - * @param[out] wsp pointer to a working area dedicated to the thread stack - * @param[in] size size of the working area - * @param[in] prio the priority level for the new thread * @param[in] argv array of parameters for the sandbox * @param[in] envp array of environment variables for the sandbox * @return The thread pointer. * @retval NULL if the sandbox thread creation failed. */ -thread_t *sbStartThread(sb_class_t *sbp, const char *name, - void *wsp, size_t size, tprio_t prio, - const char *argv[], const char *envp[]) { +thread_t *sbStartThread(sb_class_t *sbp, + const char *argv[], + const char *envp[]) { thread_t *utp; const sb_config_t *config = sbp->config; void *usp, *uargv, *uenvp; @@ -281,10 +277,11 @@ thread_t *sbStartThread(sb_class_t *sbp, const char *name, *((uint32_t *)usp + 0) = (uint32_t)uargc; unprivileged_thread_descriptor_t utd = { - .name = name, - .wbase = (stkalign_t *)wsp, - .wend = (stkalign_t *)wsp + (size / sizeof (stkalign_t)), - .prio = prio, + .name = config->thread.name, + .wbase = (stkalign_t *)config->thread.wsp, + .wend = (stkalign_t *)config->thread.wsp + + (config->thread.size / sizeof (stkalign_t)), + .prio = config->thread.prio, .u_pc = sbp->sbhp->hdr_entry, .u_psp = (uint32_t)usp, .arg = (void *)sbp @@ -336,7 +333,6 @@ bool sbIsThreadRunningX(sb_class_t *sbp) { * @api */ msg_t sbExec(sb_class_t *sbp, const char *pathname, - void *wsp, size_t size, tprio_t prio, const char *argv[], const char *envp[]) { const sb_config_t *config = sbp->config; memory_area_t ma = config->regions[0].area; @@ -410,10 +406,11 @@ msg_t sbExec(sb_class_t *sbp, const char *pathname, /* Everything OK, starting the unprivileged thread inside the sandbox.*/ unprivileged_thread_descriptor_t utd = { - .name = pathname, - .wbase = (stkalign_t *)wsp, - .wend = (stkalign_t *)wsp + (size / sizeof (stkalign_t)), - .prio = prio, + .name = config->thread.name, + .wbase = (stkalign_t *)config->thread.wsp, + .wend = (stkalign_t *)config->thread.wsp + + (config->thread.size / sizeof (stkalign_t)), + .prio = config->thread.prio, .u_pc = sbp->sbhp->hdr_entry, .u_psp = (uint32_t)usp, .arg = (void *)sbp diff --git a/os/sb/host/sbhost.h b/os/sb/host/sbhost.h index b4b7dc16a..454adaa97 100644 --- a/os/sb/host/sbhost.h +++ b/os/sb/host/sbhost.h @@ -65,13 +65,12 @@ extern "C" { size_t sb_check_pointers_array(sb_class_t *sbp, const void *pp[], size_t max); size_t sb_check_strings_array(sb_class_t *sbp, const char *pp[], size_t max); void sbObjectInit(sb_class_t *sbp, const sb_config_t *config); - thread_t *sbStartThread(sb_class_t *sbp, const char *name, - void *wsp, size_t size, tprio_t prio, - const char *argv[], const char *envp[]); + thread_t *sbStartThread(sb_class_t *sbp, + const char *argv[], + const char *envp[]); bool sbIsThreadRunningX(sb_class_t *sbp); #if SB_CFG_ENABLE_VFS == TRUE msg_t sbExec(sb_class_t *sbp, const char *pathname, - void *wsp, size_t size, tprio_t prio, const char *argv[], const char *envp[]); void sbRegisterDescriptor(sb_class_t *sbp, int fd, vfs_node_c *np); #endif