scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-12-27 18:25:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
616e70998d2ea08cc480baac6aa3be5964241bef
OpenCellular/core
History
Daisuke Nojiri 3ec36e0160 Protect inactive EC image from code execution 
This change configures MPU to prevent instruction fetch from the flash image
that is not running at the time system_disable_jump is called. Violating
the protection causes instruction access violation, then the EC reboots.

RO image protection is tested as follows:
  ...
  [6.255696 MPU type: 00000800]
  [6.255874 RAM locked. Exclusion 20005680-200056a0]
  [6.256168 RO image locked]
  ...

  > sysjump 0
  Jumping to 0x00000000

  === PROCESS EXCEPTION: 03 ====== xPSR: 60000000 ===
  r0 :00000000 r1 :2000541c r2 :00001388 r3 :20007fe8
  r4 :200032f0 r5 :00000000 r6 :20002b70 r7 :20002df4
  r8 :0002d308 r9 :20002df4 r10:00000000 r11:00000000
  r12:00000002 sp :20002358 lr :0002a1a7 pc :00000000
  Instruction access violation, Forced hard fault
  mmfs = 1, shcsr = 70000, hfsr = 40000000, dfsr = 0

  =========== Process Stack Contents ===========
  200023c0: 00000098 00000000 00000000 0002a785
  200023d0: 00000002 20002dfd 00000007 20002b70
  200023e0: 00000002 00025777 00000000 20002dfd
  200023f0: 20002df4 20002dfc 00000000 00000000

  Rebooting...

Memory management fault status register has bit0 set, indicating there was an
instruction fetch volation. FYI, RAM protection is still working:

  > sysjump 0x20000000
  Jumping to 0x20000000

  === PROCESS EXCEPTION: 03 ====== xPSR: 60000000 ===
  r0 :00000000 r1 :2000541c r2 :00001388 r3 :20007fe8
  r4 :200032f0 r5 :20000000 r6 :20002b70 r7 :20002df4
  r8 :0002d308 r9 :20002df4 r10:00000000 r11:00000000
  r12:00000002 sp :20002358 lr :0002a1a7 pc :20000000
  Instruction access violation, Forced hard fault
  mmfs = 1, shcsr = 70000, hfsr = 40000000, dfsr = 0

  =========== Process Stack Contents ===========
  200023c0: 00000098 00000000 20000000 0002a785
  200023d0: 00000002 20002e06 00000007 20002b70
  200023e0: 00000002 00025777 00000000 20002e06
  200023f0: 20002df4 20002dfc 00000000 00000000

  Rebooting...

TEST=Booted Peppy. Tested lid close & open. Ran Flashrom from userspace to
update main firmware then software-synched an EC image.
BUG=chrome-os-partner:16904
BRANCH=none
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Id4f84d24325566a9f648194166bde0d94d1124dc
Reviewed-on: https://chromium-review.googlesource.com/169050
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Queue: Daisuke Nojiri <dnojiri@google.com>
Tested-by: Daisuke Nojiri <dnojiri@google.com>
2013-12-17 01:32:24 +00:00
..
cortex-m
Protect inactive EC image from code execution
2013-12-17 01:32:24 +00:00
host
Fake I2C device support for emulator
2013-09-17 03:22:12 +00:00
nds32
nds32: WORKAROUND for toolchain bug on rodata
2013-12-10 19:17:59 +00:00