3.2.3 Restricting System Call Invocation
The protection levels at which a system call is invokable can be restricted. In this case, if a system call is issued from a task (task portion) running at lower than the specified protection level, the error code E_OACV is returned. Extended SVC calling cannot be restricted.
If, for example, system call issuing from a protection level lower than 1 is prohibited, system calls cannot be made from tasks running at protection levels 2 and 3. Tasks running at those levels will only be able to make extended SVC calls, and are programmed using subsystem functions only. This kind of restriction is used when T-Kernel is combined with an upper OS, to prevent tasks based on the upper OS speci.cation from directly accessing T-Kernel functions. It allows T-Kernel to be used as a micro-kernel.
The protection level restriction on system call invocation is set using the system con.guration information management functions (see 5.7 on page 255).
Comments