summaryrefslogtreecommitdiff
path: root/common/system.c
diff options
context:
space:
mode:
Diffstat (limited to 'common/system.c')
-rw-r--r--common/system.c53
1 files changed, 37 insertions, 16 deletions
diff --git a/common/system.c b/common/system.c
index 5a3e9f9e03..346496c087 100644
--- a/common/system.c
+++ b/common/system.c
@@ -225,32 +225,53 @@ void system_disable_jump(void)
disable_jump = 1;
#ifdef CONFIG_MPU
- /*
- * Lock down memory to prevent code execution from data areas.
- *
- * TODO(crosbug.com/p/16904): Also lock down the image which isn't
- * running (RO if RW, or vice versa), so a bad or malicious jump can't
- * execute code from that image.
- */
if (system_is_locked()) {
+ int ret;
+ int enable_mpu = 0;
+ enum system_image_copy_t copy;
+
+ CPRINTF("[%T MPU type: %08x]\n", mpu_get_type());
/*
- * Protect memory from code execution
+ * Protect RAM from code execution
*/
- int mpu_error = mpu_protect_ram();
- if (mpu_error == EC_SUCCESS) {
- mpu_enable();
+ ret = mpu_protect_ram();
+ if (ret == EC_SUCCESS) {
+ enable_mpu = 1;
CPRINTF("[%T RAM locked. Exclusion %08x-%08x]\n",
&__iram_text_start, &__iram_text_end);
} else {
- CPRINTF("[%T Failed to lock RAM (%d). mpu_type:%08x]\n",
- mpu_error, mpu_get_type());
+ CPRINTF("[%T Failed to lock RAM (%d)]\n", ret);
}
+
/*
- * Protect the other image from code execution
- * TODO: https://chromium-review.googlesource.com/#/c/169050/
+ * Protect inactive image (ie. RO if running RW, vice versa)
+ * from code execution.
*/
+ switch (system_get_image_copy()) {
+ case SYSTEM_IMAGE_RO:
+ ret = mpu_lock_rw_flash();
+ copy = SYSTEM_IMAGE_RW;
+ break;
+ case SYSTEM_IMAGE_RW:
+ ret = mpu_lock_ro_flash();
+ copy = SYSTEM_IMAGE_RO;
+ break;
+ default:
+ copy = SYSTEM_IMAGE_UNKNOWN;
+ ret = !EC_SUCCESS;
+ }
+ if (ret == EC_SUCCESS) {
+ enable_mpu = 1;
+ CPRINTF("[%T %s image locked]\n", image_names[copy]);
+ } else {
+ CPRINTF("[%T Failed to lock %s image (%d)]\n",
+ image_names[copy], ret);
+ }
+
+ if (enable_mpu)
+ mpu_enable();
} else {
- CPRINTF("[%T RAM not locked]\n");
+ CPRINTF("[%T System is unlocked. Skip MPU configuration\n");
}
#endif
}
View Lorry Controller Status