May I know why remove pvPortMalloc()/pvPortFree() from MPU_wrappers.h?

Hi all,

Sorry that I haven’t worked with FreeRTOS for a while. Recently when I re-picked up the latest FreeRTOS, I found out that the MPU wrappers of pvPortMalloc()/vPortFree() are removed from MPU_wrappers.h, even though MPU_pvPortMalloc()/MPU_vPortFree() still exist in mpu_wrappers.c

I didn’t found out the description in the change log. Could anyone tell me the purpose of this removal? If I have to malloc() with MPU configuration, does it mean that I shall directly call MPU_pvPortMalloc(), rather than pvPortMalloc()?

Thank you.

pvPortMalloc() is a privileged function, so if the calling task is privileged then you can call it directly. I don’t recall why the wrappers were removed, maybe because an unprivileged task would not have access to the memory returned from the heap anyway?

Thanks Richard.

It confuses me a little since I always thought that malloc() family was specially for application-level heap management.

Assumed that an unprivileged thread requires to dynamically allocate buffers whose size can vary, how should this thread be implemented?
Since MPU_pvPortMalloc() is still available, can I call MPU_pvPortMalloc() in this unprivileged thread to ask for heap memory?

I am also confused that if the unprivileged task can not access the memory dedicated for allocation how the unprivileged task allocate a memory. And also, similar APIs such as MPU_vQueueDelete, can be called by a unprivileged task. I see no difference between pvPortMalloc and other APIs in the mpu_wrappers.h.

Remember that an unprivileged task can only directly access memory from a limited number of segments, and has full access to memory in any of those segments.

If an unprivileged task could call pvPortMalloc, then for it to be able to use that memory, the entire heap would need to be in unprivileged memory (as pvPortMalloc doesn’t know if the request is from a privileged or unprivileged task. That means that none of the memory given to a privileged task would be protected from unprivileged tasks, which sort of defeats the purpose of making tasks unprivileged.

One solution would be to take the desired heap function file, make a copy of it, and change the function name and the name of the globals in it to let it provide for unprivileged memory. Note, that you will then need to make sure that the block of memory assigned to the heap is made accessible to all the unprivileged tasks that use that heap (so two unprivileged tasks could interfere with each other).

So what about MPU_pvPortMalloc()? Can unprivileged task call it or not, according to current FreeRTOS design?

Yes, an unprivileged task can call it.

Got it. Thanks for the answer.

Hi Richard,
So two heaps should be prepared. One should be configured as privileged access only by the MPU and is for the privileged tasks. The other should be configured as unprivileged access and privileged access by the MPU and is for the unprivileged tasks. So that the tasks can access their dedicated heap and the unprivileged tasks can not access the privileged tasks’ memory.
Is my understanding right?
If so, the MPU_pvPortMalloc should not exist. Because it raises to privileged to access the heap. An unprivileged task can still access the privileged tasks’ heap by calling MPU_pvPortMalloc.

Thanks,
Sherry