scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-12-29 10:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
552c17543fb1e85e2143025a2dc9fdd560da5abb
OpenCellular/core/cortex-m/include/mpu.h
Daisuke Nojiri 3ec36e0160 Protect inactive EC image from code execution 
This change configures MPU to prevent instruction fetch from the flash image
that is not running at the time system_disable_jump is called. Violating
the protection causes instruction access violation, then the EC reboots.

RO image protection is tested as follows:
  ...
  [6.255696 MPU type: 00000800]
  [6.255874 RAM locked. Exclusion 20005680-200056a0]
  [6.256168 RO image locked]
  ...

  > sysjump 0
  Jumping to 0x00000000

  === PROCESS EXCEPTION: 03 ====== xPSR: 60000000 ===
  r0 :00000000 r1 :2000541c r2 :00001388 r3 :20007fe8
  r4 :200032f0 r5 :00000000 r6 :20002b70 r7 :20002df4
  r8 :0002d308 r9 :20002df4 r10:00000000 r11:00000000
  r12:00000002 sp :20002358 lr :0002a1a7 pc :00000000
  Instruction access violation, Forced hard fault
  mmfs = 1, shcsr = 70000, hfsr = 40000000, dfsr = 0

  =========== Process Stack Contents ===========
  200023c0: 00000098 00000000 00000000 0002a785
  200023d0: 00000002 20002dfd 00000007 20002b70
  200023e0: 00000002 00025777 00000000 20002dfd
  200023f0: 20002df4 20002dfc 00000000 00000000

  Rebooting...

Memory management fault status register has bit0 set, indicating there was an
instruction fetch volation. FYI, RAM protection is still working:

  > sysjump 0x20000000
  Jumping to 0x20000000

  === PROCESS EXCEPTION: 03 ====== xPSR: 60000000 ===
  r0 :00000000 r1 :2000541c r2 :00001388 r3 :20007fe8
  r4 :200032f0 r5 :20000000 r6 :20002b70 r7 :20002df4
  r8 :0002d308 r9 :20002df4 r10:00000000 r11:00000000
  r12:00000002 sp :20002358 lr :0002a1a7 pc :20000000
  Instruction access violation, Forced hard fault
  mmfs = 1, shcsr = 70000, hfsr = 40000000, dfsr = 0

  =========== Process Stack Contents ===========
  200023c0: 00000098 00000000 20000000 0002a785
  200023d0: 00000002 20002e06 00000007 20002b70
  200023e0: 00000002 00025777 00000000 20002e06
  200023f0: 20002df4 20002dfc 00000000 00000000

  Rebooting...

TEST=Booted Peppy. Tested lid close & open. Ran Flashrom from userspace to
update main firmware then software-synched an EC image.
BUG=chrome-os-partner:16904
BRANCH=none
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Id4f84d24325566a9f648194166bde0d94d1124dc
Reviewed-on: https://chromium-review.googlesource.com/169050
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Tested-by: Daisuke Nojiri <dnojiri@google.com>
2013-12-17 01:32:24 +00:00

79 lines
2.0 KiB
C
Raw Blame History

/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
/* MPU module for Cortex-M3 */
#ifndef __CROS_EC_MPU_H
#define __CROS_EC_MPU_H
#include "common.h"
#define MPU_TYPE REG32(0xe000ed90)
#define MPU_CTRL REG32(0xe000ed94)
#define MPU_NUMBER REG32(0xe000ed98)
#define MPU_BASE REG32(0xe000ed9c)
#define MPU_SIZE REG16(0xe000eda0)
#define MPU_ATTR REG16(0xe000eda2)
#define MPU_CTRL_PRIVDEFEN (1 << 2)
#define MPU_CTRL_HFNMIENA (1 << 1)
#define MPU_CTRL_ENABLE (1 << 0)
/*
* XN (execute never) bit. It's bit 12 if accessed by halfword.
* 0: XN off
* 1: XN on
*/
#define MPU_ATTR_XN (1 << 12)
/* AP bit. See table 3-5 of Stellaris LM4F232H5QC datasheet for details */
#define MPU_ATTR_NO_NO (0 << 8) /* previleged no access, unprev no access */
#define MPU_ATTR_RW_RW (3 << 8) /* previleged ReadWrite, unprev ReadWrite */
#define MPU_ATTR_RO_NO (5 << 8) /* previleged Read-only, unprev no access */
/* Suggested value for TEX S/C/B bit. See table 3-6 of Stellaris LM4F232H5QC
* datasheet and table 38 of STM32F10xxx Cortex-M3 programming manual. */
#define MPU_ATTR_INTERNAL_SRAM 6 /* for Internal SRAM */
#define MPU_ATTR_FLASH_MEMORY 2 /* for flash memory */
/**
* Enable MPU
*/
void mpu_enable(void);
/**
* Returns the value of MPU type register
*
* Bit fields:
* [15:8] Number of the data regions implemented or 0 if MPU is not present.
* [1] 0: unified (no distinction between instruction and data)
* 1: separated
*/
uint32_t mpu_get_type(void);
/* Location of iram.text */
extern char __iram_text_start;
extern char __iram_text_end;
/**
* Protect RAM from code execution
*/
int mpu_protect_ram(void);
/**
* Protect flash memory from code execution
*/
int mpu_lock_ro_flash(void);
int mpu_lock_rw_flash(void);
/**
* Initialize MPU.
* It disables all regions if MPU is implemented. Otherwise, returns
* EC_ERROR_UNIMPLEMENTED.
*/
int mpu_pre_init(void);
#endif /* __CROS_EC_MPU_H */
Reference in New Issue View Git Blame Copy Permalink