diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2016-02-11 15:19:48 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-02-12 15:33:54 -0800 |
| commit | 758ef07150359389288f32c86cabfb069fad266b (patch) | |
| tree | d1885eaf2813100cb126e7e276fd670b75faf115 | |
| parent | a0ee706819037df1107ba7498fe3bfbf8b59540b (diff) | |
| download | chrome-ec-758ef07150359389288f32c86cabfb069fad266b.tar.gz | |
cr50: write protect area where the code jumps to
The launcher should explicitly disable writes to the code space where
the loaded code is going to be running from.
BRANCH=None
BUG=chrome-os-partner:37554
TEST=with the rest of the patches applied firmware updates work as
expected.
Change-Id: I744f7016e4427188f53e8fa3302e8c06cf836e2e
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/327413
Reviewed-by: Marius Schilder <mschilder@chromium.org>
| -rw-r--r-- | chip/g/loader/launch.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/chip/g/loader/launch.c b/chip/g/loader/launch.c index 56314bb46b..54edc84268 100644 --- a/chip/g/loader/launch.c +++ b/chip/g/loader/launch.c @@ -221,11 +221,12 @@ void tryLaunch(uint32_t adr, size_t max_size) GREG32(GLOBALSEC, FLASH_REGION1_SIZE) = hdr->image_size - 1; GWRITE_FIELD(GLOBALSEC, FLASH_REGION1_CTRL, EN, 1); GWRITE_FIELD(GLOBALSEC, FLASH_REGION1_CTRL, RD_EN, 1); + GWRITE_FIELD(GLOBALSEC, FLASH_REGION1_CTRL, WR_EN, 0); /* TODO: lock FLASH_REGION 1? */ disarmRAMGuards(); - debug_printf("Valid image found at 0x%08x, jumping\n", hdr); + debug_printf("Valid image found at 0x%08x, jumping", hdr); uart_tx_flush(); _jump_to_address(&hdr[1]); |