summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2021-02-11 14:38:59 -0700
committerCommit Bot <commit-bot@chromium.org>2021-02-13 00:29:22 +0000
commitab1d9102b8a7f57f63e4ed21a08113f4e4cba6be (patch)
tree54290c2d0ba3cd7176b92e65bd99e0cc6e71562d
parentc56806bb8d262f003b92134fdc8987ac51f6824e (diff)
downloadchrome-ec-ab1d9102b8a7f57f63e4ed21a08113f4e4cba6be.tar.gz
zephyr: Add support for CONFIG_MPU
Add this option so that the Memory-Protection Unit (MPU) can be enabled. The implementation is still to be worked out. Note that CONFIG_PLATFORM_EC_EXTERNAL_STORAGE is not defined, as it should be. That work is ongoing elsewhere. BUG=b:180039888 BRANCH=none TEST=build zephyr volteer Build ECOS for volteer Signed-off-by: Simon Glass <sjg@chromium.org> Change-Id: Ie26e8ba4b3f0b8024930e42fbbb03f0f2a26f3da Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2691566 Reviewed-by: Keith Short <keithshort@chromium.org>
-rw-r--r--zephyr/Kconfig16
-rw-r--r--zephyr/linker/CMakeLists.txt3
-rw-r--r--zephyr/linker/iram_text.ld23
-rw-r--r--zephyr/shim/include/config_chip.h5
-rw-r--r--zephyr/shim/include/mpu.h35
-rw-r--r--zephyr/shim/src/CMakeLists.txt1
-rw-r--r--zephyr/shim/src/mpu.c73
7 files changed, 156 insertions, 0 deletions
diff --git a/zephyr/Kconfig b/zephyr/Kconfig
index 011219809b..fbeda8ac4b 100644
--- a/zephyr/Kconfig
+++ b/zephyr/Kconfig
@@ -501,6 +501,22 @@ config PLATFORM_EC_PANIC
The panic information is made available to the AP via the
EC_CMD_GET_PANIC_INFO host command and a 'panicinfo' console command
+config PLATFORM_EC_MPU
+ bool "Support Memory-Protection Unit (MPU)"
+ depends on CPU_CORTEX_M && CPU_HAS_MPU
+ default y
+ help
+ This enables support a Memory-Protection Unit which can limit access
+ to certain areas of memory. This can be used to protect code or data
+ from being written to improve security or to find bugs.
+
+ It causes any code in the iram.text section to be protected when
+ system jump is disabled (see system_disable_jump()). It also stops
+ execution of the image that is not currently being executed (read-only
+ or read-write). If internal storage is used, this is achieved by not
+ allowing code execution in that area. For external storage, it
+ disallows loading any code into RAM.
+
if PLATFORM_EC_PANIC
config PLATFORM_EC_SOFTWARE_PANIC
diff --git a/zephyr/linker/CMakeLists.txt b/zephyr/linker/CMakeLists.txt
index 4d8b26f631..3aa22c98e2 100644
--- a/zephyr/linker/CMakeLists.txt
+++ b/zephyr/linker/CMakeLists.txt
@@ -4,3 +4,6 @@
# Add the fixed sections to the output image.
zephyr_linker_sources(ROM_START SORT_KEY 1 fixed-sections.ld)
+
+# Support protection of part of the internal RAM
+zephyr_linker_sources(RWDATA SORT_KEY 1 iram_text.ld)
diff --git a/zephyr/linker/iram_text.ld b/zephyr/linker/iram_text.ld
new file mode 100644
index 0000000000..3ea3f4db7e
--- /dev/null
+++ b/zephyr/linker/iram_text.ld
@@ -0,0 +1,23 @@
+/* Copyright 2021 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef CONFIG_ARCH_POSIX
+
+/* This code taken from core/cortex-m/ec.lds.S */
+
+#if defined(CONFIG_PLATFORM_EC_MPU)
+/* MPU regions must be aligned to a 32-byte boundary */
+#define _IRAM_ALIGN 32
+#else
+#define _IRAM_ALIGN 4
+#endif
+
+ . = ALIGN(_IRAM_ALIGN);
+ __iram_text_start = .;
+ *(.iram.text)
+ . = ALIGN(_IRAM_ALIGN);
+ __iram_text_end = .;
+
+#endif /* CONFIG_ARCH_POSIX */
diff --git a/zephyr/shim/include/config_chip.h b/zephyr/shim/include/config_chip.h
index 0e61cf755a..c93b07add3 100644
--- a/zephyr/shim/include/config_chip.h
+++ b/zephyr/shim/include/config_chip.h
@@ -1088,4 +1088,9 @@ enum battery_type {
#define CONFIG_DEBUG_ASSERT_REBOOTS
#endif
+#undef CONFIG_MPU
+#ifdef CONFIG_PLATFORM_EC_MPU
+#define CONFIG_MPU
+#endif
+
#endif /* __CROS_EC_CONFIG_CHIP_H */
diff --git a/zephyr/shim/include/mpu.h b/zephyr/shim/include/mpu.h
new file mode 100644
index 0000000000..3555ef0db1
--- /dev/null
+++ b/zephyr/shim/include/mpu.h
@@ -0,0 +1,35 @@
+/* Copyright 2021 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __CROS_EC_MPU_H
+#define __CROS_EC_MPU_H
+
+/* This matches up with core/cortex-m/include/mpu.h */
+
+/* Location of iram.text */
+extern char __iram_text_start;
+extern char __iram_text_end;
+
+/** Enable MPU */
+void mpu_enable(void);
+
+/**
+ * Returns the value of MPU type register
+ *
+ * @returns 0 for now (always)
+ */
+uint32_t mpu_get_type(void);
+
+/** Protect RAM from code execution */
+int mpu_protect_data_ram(void);
+
+/** Protect code RAM from being overwritten */
+int mpu_protect_code_ram(void);
+
+/** Protect internal mapped flash memory from code execution */
+int mpu_lock_ro_flash(void);
+int mpu_lock_rw_flash(void);
+
+#endif /* __CROS_EC_CPU_H */
diff --git a/zephyr/shim/src/CMakeLists.txt b/zephyr/shim/src/CMakeLists.txt
index 997dcfdf6f..a6a0670b19 100644
--- a/zephyr/shim/src/CMakeLists.txt
+++ b/zephyr/shim/src/CMakeLists.txt
@@ -23,6 +23,7 @@ zephyr_sources_ifdef(CONFIG_PLATFORM_EC_HOSTCMD host_command.c)
zephyr_sources_ifdef(CONFIG_PLATFORM_EC_HOSTCMD_CONSOLE
console_buffer.c)
zephyr_sources_ifdef(CONFIG_PLATFORM_EC_MKBP_EVENT mkbp_event.c)
+zephyr_sources_ifdef(CONFIG_PLATFORM_EC_MPU mpu.c)
zephyr_sources_ifdef(CONFIG_PLATFORM_EC_PANIC panic.c)
zephyr_sources_ifdef(CONFIG_PLATFORM_EC_PWM pwm.c)
zephyr_sources_ifdef(CONFIG_PLATFORM_EC_RTC rtc.c)
diff --git a/zephyr/shim/src/mpu.c b/zephyr/shim/src/mpu.c
new file mode 100644
index 0000000000..10691c8a1c
--- /dev/null
+++ b/zephyr/shim/src/mpu.c
@@ -0,0 +1,73 @@
+/* Copyright 2021 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#include "config.h"
+#include "mpu.h"
+
+void mpu_enable(void)
+{
+ /* TODO(b/180039888): Implement this */
+}
+
+uint32_t mpu_get_type(void)
+{
+ /* TODO(b/180039888): Implement this */
+ return 0;
+}
+
+int mpu_protect_data_ram(void)
+{
+ /*
+ * TODO(b/180039888): Implement this
+ * Update:
+ * address CONFIG_RAM_BASE,
+ * size CONFIG_DATA_RAM_SIZE
+ * attr No-execute, but allow read/write
+ */
+
+ return 0;
+}
+
+#if defined(CONFIG_PLATFORM_EC_EXTERNAL_STORAGE) || \
+ !defined(CONFIG_FLASH_PHYSICAL)
+
+int mpu_protect_code_ram(void)
+{
+ /*
+ * TODO(b/180039888): Implement this
+ * Update:
+ * address CONFIG_PROGRAM_MEMORY_BASE + CONFIG_RO_MEM_OFF
+ * size CONFIG_CODE_RAM_SIZE
+ * attr read-only
+ */
+
+ return 0;
+}
+
+#else
+
+int mpu_lock_ro_flash(void)
+{
+ /* TODO(b/180039888): Implement this
+ * Update:
+ * address CONFIG_MAPPED_STORAGE_BASE + CONFIG_RO_MEM_OFF
+ * size CONFIG_RO_SIZE
+ * attr No-execute, but allow read/write
+ */
+
+ return 0;
+}
+
+int mpu_lock_rw_flash(void)
+{
+ /* TODO(b/180039888): Implement this
+ * Update multiple regions:
+ * attr No-execute, but allow read/write
+ */
+
+ return 0;
+}
+
+#endif