uITRON4.0 Specification Memory Protection Extension (Page11)

Inside the extended service routine called from task, the calling task is TSK_SELF. With this, as for the extended service routine called from task, [protection domain belonging to the executing processing unit] is different from [protection domain belonging to TSK_SELF]. This applies to when CPU exception handler is executed from Task context.

 

(4)   Protection Domain

 

Protection domain is closure of kernel objects for providing the protection functionality.

Processing unit belongs to any one of protection domain. Kernel objects except the processing unit belongs to any one of protection domains or does not belong to any protection domain.

By this specification, the access rights are managed by protection domain, not by each processing unit. Namely, processing units belonging to same protection domain will have same access rights. Because of that, if we strictly describe the above description about the protection functionality [the processing unit belonging to which protection domain does what kind of operation/access permission to which kernel object]. From now on, the operation/access performed by processing units belonging to protection domain will be described as protection domain performs the operation/access.

 

Kernel object belonging to a protection domain can be operated/accessed only from the same protection domain by default. By each kernel object, the default setting can be changed, and the set of protection domains from where the operation/access is possible can be set. Therefore, even if the kernel objects belong to same protection domain, it is not necessarily to have been protected in the same way.

Moreover, though the protection domain is independent of link units by kernel specification, when building the configuration environment, it is necessary to associate with link units. Please refer to paragraph 5.1 about the relation between link units and protection domain.

(5)   Access permission pattern and access permission vector

 

Access permission pattern specifies the set of protection domains allowed to perform a particular operation/access over a particular kernel object.

 

The operation/access over the kernel objects has been classified into 4 (Normal operation 1, Normal operation 2, Management Operation, Reference operation). The Access Permission Vector is bundle of the 4 of the Access Permission Patterns.

However, the service calls corresponding to uITRON4.0 standard profile are classified into Normal operation 1, Normal operation 2. Therefore, when implementing only the functionality corresponding to the standard profile, Access Permission vector will have only 2 access permission vectors.

Furthermore, it is also permissible to put together all the operation/access rights of a single kernel object into single access permission pattern without classifying the operation/access rights. In that case, access permission vector will have only one access permission pattern.