diff options
author | Yilun Lin <yllin@google.com> | 2019-03-20 17:26:49 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2019-05-02 05:38:25 -0700 |
commit | 4ffa4bb861612f9debffc9088bac72a1ac611ff5 (patch) | |
tree | 6b381e78bdec26297d8d04d9f3767f07cd322e3e /board/kukui_scp | |
parent | 19915c08ec2828235d5db7b0d3a990ab165649cd (diff) | |
download | chrome-ec-4ffa4bb861612f9debffc9088bac72a1ac611ff5.tar.gz |
kukui_scp: Enable MPU to protect code RAM and data RAM in RW image.
kukui_scp is loaded into SRAM. We would like to protect
the memory from a modified code RAM content and executing injected
code in data RAM.
BRANCH=None
BUG=b:123269246
TEST=Apply MPU test patch https://crrev.com/c/1530265.
Test data ram XN:
1. mpu 0 # disable MPU
2. mpu_test # see it prints
3. mpu 1 # enable MPU
4. mpu_test # memory access violation, and reset.
5. mpu_test # memory access violation, and reset
# again. (MPU enabled by default)
Test code ram RO:
1. rw 0x8 0x5566 # Write to code RAM and see memory
# access violation and reset.
2. mpu 0 # disable MPU
3. rw 0x8 0x5566 # Nothing happended
4. rw 0x8 # Read 0x5566
5. mpu 1 # enable MPU
6. rw 0x8 0x5566 # memory access violation.
Change-Id: I6af5029d8c55d795543d4759b2c9168a06eb9ff1
Signed-off-by: Yilun Lin <yllin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/1530264
Commit-Ready: Yilun Lin <yllin@chromium.org>
Tested-by: Yilun Lin <yllin@chromium.org>
Reviewed-by: Rong Chang <rongchang@chromium.org>
Diffstat (limited to 'board/kukui_scp')
-rw-r--r-- | board/kukui_scp/board.h | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/board/kukui_scp/board.h b/board/kukui_scp/board.h index 56eb59909e..faab336061 100644 --- a/board/kukui_scp/board.h +++ b/board/kukui_scp/board.h @@ -34,6 +34,8 @@ #define CONFIG_RAM_BASE 0x10000 #define CONFIG_ROM_SIZE (CONFIG_RAM_BASE - CONFIG_ROM_BASE) #define CONFIG_RAM_SIZE (CONFIG_IPC_SHARED_OBJ_ADDR - CONFIG_RAM_BASE) +#define CONFIG_CODE_RAM_SIZE CONFIG_RAM_BASE +#define CONFIG_DATA_RAM_SIZE (ICACHE_BASE - CONFIG_RAM_BASE) #define CONFIG_RO_MEM_OFF 0 /* Access DRAM through cached access */ @@ -87,11 +89,6 @@ #undef UART0_PINMUX_11_12 #undef UART0_PINMUX_110_112 -/* - * Allow dangerous commands all the time, since we don't have a write protect - * switch. - */ -#define CONFIG_SYSTEM_UNLOCKED /* Debugging features */ #define CONFIG_DEBUG_EXCEPTIONS #define CONFIG_DEBUG_STACK_OVERFLOW |