RTOS is running with uVisor privileges

[Patater]

When we integrated uVisor and an RTOS in the 'dev' branch, we did not yet de-privilege the RTOS. All RTOS-specific code, like mutexes, the scheduler, timers, and so forth currently run with uVisor privileges. Some uVisor-to-RTOS glue code in uvisor-lib also runs with uVisor privileges. This is not final and we must fix it.

Ideally, no code would run privileged outside the reproducibly built uVisor binary. This enables us to make security promises because all privileged code would run inside a the reproducible uVisor binary.

Furthermore, removing uVisor privileges from the RTOS will reduce the attack surface of systems built with uVisor.

[jdfarm]

This is particularly critical because much of the RTOS makes no effort at security whatsoever. For example, SVC_Handler trusts r12 as a function pointer to branch to while privileged. PoC below.

box_main:
    ldr r12, = privileged
    svc 0
[...]
privileged:
    // muhahahaha
    mov r0, 0
    ldr r1, = MPU_CTRL
    str r0, r1

[jdfarm]

(Also, just for reference, note the massive security hole in the form of the unprotected osEventObs function pointers in rt_osEventObserver.c)