diff options
| author | Shawn Nematbakhsh <shawnn@chromium.org> | 2017-11-07 16:11:03 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2017-11-14 10:11:18 -0800 |
| commit | b6991dd96d8bf6cb86a39b3da590ccd8b4e1e036 (patch) | |
| tree | b4a83fa1cb9f38bd08c76aa5f56b3e2c12c721a5 /common | |
| parent | 2a62a3dfca91a3d8f755c1cf31fb3289f1511af3 (diff) | |
| download | chrome-ec-b6991dd96d8bf6cb86a39b3da590ccd8b4e1e036.tar.gz | |
cortex-m: mpu: Support unaligned regions and protect code RAM
Support protection of regions that aren't aligned to a power of 2 by
using two MPU entries, and taking advantage of the sub-region feature.
Also protect code RAM from being overwritten, on parts that use external
storage.
BUG=chromium:782244
BRANCH=None
TEST=On kevin, call:
mpu_protect_data_ram();
mpu_protect_code_ram();
mpu_enable();
Verify that first call results in the following update_region params:
addr: 0x200c2000 size: 0xc01d
Decoded: Protect 24K region
Verify that second call results in the following params:
addr: 0x100a8000 size: 0xc021
Decoded: Protect 96K region
addr: 0x100c0000 size: 0xf01b
Decoded: Protect remaining 8K region
Also verify that writes to beginning and end of code ram region trigger
data access violation after enabling protection.
Also verify that sysjump fails.
Change-Id: Ieb7a4ec3a089e8a2d29f231e1e3acf2e78e560a1
Signed-off-by: Shawn Nematbakhsh <shawnn@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/757721
Commit-Ready: Shawn N <shawnn@chromium.org>
Tested-by: Shawn N <shawnn@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'common')
| -rw-r--r-- | common/system.c | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/common/system.c b/common/system.c index cf72059465..741cec71f1 100644 --- a/common/system.c +++ b/common/system.c @@ -325,22 +325,33 @@ void system_disable_jump(void) #ifdef CONFIG_MPU if (system_is_locked()) { int ret; - int enable_mpu = 0; - enum system_image_copy_t copy; + enum system_image_copy_t __attribute__((unused)) copy; CPRINTS("MPU type: %08x", mpu_get_type()); /* - * Protect RAM from code execution + * Protect data RAM from code execution */ - ret = mpu_protect_ram(); + ret = mpu_protect_data_ram(); if (ret == EC_SUCCESS) { - enable_mpu = 1; - CPRINTS("RAM locked. Exclusion %08x-%08x", + CPRINTS("data RAM locked. Exclusion %08x-%08x", &__iram_text_start, &__iram_text_end); } else { - CPRINTS("Failed to lock RAM (%d)", ret); + CPRINTS("Failed to lock data RAM (%d)", ret); + return; } +#ifdef CONFIG_EXTERNAL_STORAGE + /* + * Protect code RAM from being overwritten + */ + ret = mpu_protect_code_ram(); + if (ret == EC_SUCCESS) { + CPRINTS("code RAM locked."); + } else { + CPRINTS("Failed to lock code RAM (%d)", ret); + return; + } +#else /* * Protect inactive image (ie. RO if running RW, vice versa) * from code execution. @@ -359,20 +370,21 @@ void system_disable_jump(void) ret = !EC_SUCCESS; } if (ret == EC_SUCCESS) { - enable_mpu = 1; CPRINTS("%s image locked", system_image_copy_t_to_string(copy)); } else { CPRINTS("Failed to lock %s image (%d)", system_image_copy_t_to_string(copy), ret); + return; } +#endif /* !CONFIG_EXTERNAL_STORAGE */ - if (enable_mpu) - mpu_enable(); + /* All regions were configured successfully, enable MPU */ + mpu_enable(); } else { CPRINTS("System is unlocked. Skip MPU configuration"); } -#endif +#endif /* CONFIG_MPU */ } test_mockable enum system_image_copy_t system_get_image_copy(void) |