diff options
| author | Daisuke Nojiri <dnojiri@google.com> | 2013-10-10 11:51:44 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2013-12-05 04:02:57 +0000 |
| commit | b45f3b9f348c550a7389973d916b8b7cb6b25a88 (patch) | |
| tree | d54865e20ba5a814768ac37b3acbc8260404ecce | |
| parent | 90d83d2a6743a48d7ec8209781c4e820e8bdf296 (diff) | |
| download | chrome-ec-b45f3b9f348c550a7389973d916b8b7cb6b25a88.tar.gz | |
Disable EC jump after RW image startsstabilize-5062.B
Remove jumped_to_image check in system_run_image_copy because it's redundant.
disable_jump will be set by VbExEcDisableJump explicitly, whether the EC stays
in RO or jumps to RW.
TEST=Built and booted Peppy. Ran flashrom from user space and verified
the EC firmware was updated after reboot.
BRANCH=none
BUG=none
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: If1a3cf6158b3bc97c965298d2ab958b5fa7a5d7e
Reviewed-on: https://chromium-review.googlesource.com/172651
Reviewed-by: Daisuke Nojiri <dnojiri@google.com>
Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Tested-by: Daisuke Nojiri <dnojiri@google.com>
| -rw-r--r-- | common/system.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/common/system.c b/common/system.c index 6e1c8c99ac..287fd15b42 100644 --- a/common/system.c +++ b/common/system.c @@ -232,16 +232,25 @@ void system_disable_jump(void) * running (RO if RW, or vice versa), so a bad or malicious jump can't * execute code from that image. */ - { + if (system_is_locked()) { + /* + * Protect memory from code execution + */ int mpu_error = mpu_protect_ram(); if (mpu_error == EC_SUCCESS) { mpu_enable(); - CPRINTF("RAM locked. Exclusion %08x-%08x\n", + CPRINTF("[%T RAM locked. Exclusion %08x-%08x]\n", &__iram_text_start, &__iram_text_end); } else { - CPRINTF("Failed to lock RAM. mpu_type:%08x. error:%d\n", - mpu_get_type(), mpu_error); + CPRINTF("[%T Failed to lock RAM (%d). mpu_type:%08x]\n", + mpu_error, mpu_get_type()); } + /* + * Protect the other image from code execution + * TODO: https://chromium-review.googlesource.com/#/c/169050/ + */ + } else { + CPRINTF("[%T RAM not locked]\n"); } #endif } @@ -419,10 +428,6 @@ int system_run_image_copy(enum system_image_copy_t copy) if (copy != SYSTEM_IMAGE_RW) return EC_ERROR_ACCESS_DENIED; - /* Can't have already jumped between images */ - if (jumped_to_image) - return EC_ERROR_ACCESS_DENIED; - /* Jumping must still be enabled */ if (disable_jump) return EC_ERROR_ACCESS_DENIED; |