From cac84b49c3f20aef116e1e458a8006ab8eb7b3d5 Mon Sep 17 00:00:00 2001
From: Terraneo Federico <fede.tft@miosix.org>
Date: Thu, 9 Jan 2025 14:57:32 +0100
Subject: [PATCH] Better document how the MPU is used

---
 miosix/arch/common/cache/cortexMx_cache.cpp       |  5 +++++
 .../arch/cpu/armv7m/interfaces-impl/userspace.cpp | 15 ++++++++++-----
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/miosix/arch/common/cache/cortexMx_cache.cpp b/miosix/arch/common/cache/cortexMx_cache.cpp
index 560df9e3..5a09add1 100644
--- a/miosix/arch/common/cache/cortexMx_cache.cpp
+++ b/miosix/arch/common/cache/cortexMx_cache.cpp
@@ -64,6 +64,11 @@ static void IRQconfigureCacheability(unsigned int region, unsigned int base,
 
 void IRQconfigureCache(const unsigned int *xramBase, unsigned int xramSize)
 {
+    // NOTE: using regions 0 to 3 for the kernel because in the ARM MPU in case
+    // of overlapping regions the one with the highest number takes priority.
+    // The lower regions are used by the kernel and by default forbid access to
+    // unprivileged code, while the higher numbered ones are used by processes
+    // to override the default deny policy for the process-specific memory.
     IRQconfigureCacheability(0,0x00000000,0x20000000);
     IRQconfigureCacheability(1,0x20000000,0x20000000);
     if(xramSize)
diff --git a/miosix/arch/cpu/armv7m/interfaces-impl/userspace.cpp b/miosix/arch/cpu/armv7m/interfaces-impl/userspace.cpp
index 7efd4bf1..31bf533d 100644
--- a/miosix/arch/cpu/armv7m/interfaces-impl/userspace.cpp
+++ b/miosix/arch/cpu/armv7m/interfaces-impl/userspace.cpp
@@ -124,6 +124,11 @@ MPUConfiguration::MPUConfiguration(const unsigned int *elfBase, unsigned int elf
         const unsigned int *imageBase, unsigned int imageSize)
 {
     #if __MPU_PRESENT==1
+    // NOTE: using regions 6 and 7 for processes because in the ARM MPU in case
+    // of overlapping regions the one with the highest number takes priority.
+    // The lower regions are used by the kernel and by default forbid access to
+    // unprivileged code, thus we need higher numbered ones for processes to
+    // override the default deny policy for the process-specific memory.
     // NOTE: The ARM documentation is unclear about the effect of the shareable
     // bit on a single core architecture. Experimental evidence on an STM32F476
     // shows that setting it in IRQconfigureCache for the internal RAM region
@@ -131,15 +136,15 @@ MPUConfiguration::MPUConfiguration(const unsigned int *elfBase, unsigned int elf
     // For this reason, all regions are marked as not shareable
     regValues[0]=(reinterpret_cast<unsigned int>(elfBase) & (~0x1f))
                | MPU_RBAR_VALID_Msk | 6; //Region 6
-    regValues[2]=(reinterpret_cast<unsigned int>(imageBase) & (~0x1f))
-               | MPU_RBAR_VALID_Msk | 7; //Region 7
     regValues[1]=2<<MPU_RASR_AP_Pos //Privileged: RW, unprivileged: RO
-               | MPU_RASR_C_Msk
+               | MPU_RASR_C_Msk     //Cacheable, write through
                | 1 //Enable bit
                | sizeToMpu(elfSize)<<1;
+    regValues[2]=(reinterpret_cast<unsigned int>(imageBase) & (~0x1f))
+               | MPU_RBAR_VALID_Msk | 7; //Region 7
     regValues[3]=3<<MPU_RASR_AP_Pos //Privileged: RW, unprivileged: RW
-               | MPU_RASR_XN_Msk
-               | MPU_RASR_C_Msk
+               | MPU_RASR_XN_Msk    //Not executable
+               | MPU_RASR_C_Msk     //Cacheable, write through
                | 1 //Enable bit
                | sizeToMpu(imageSize)<<1;
     #else //__MPU_PRESENT==1
-- 
GitLab