Compare commits

...

2 Commits

Author SHA1 Message Date
d8f884a7b5 runtime: add memory protection for both core0+1 2020-06-29 00:52:22 +02:00
d62a89281d runtime: add mem_protect 2020-06-28 22:27:16 +02:00
4 changed files with 82 additions and 3 deletions

View File

@ -17,19 +17,23 @@ MEMORY
SECTIONS SECTIONS
{ {
.text : .text : ALIGN(0x1000000)
{ {
__text_start = .;
KEEP(*(.text.exceptions)); KEEP(*(.text.exceptions));
*(.text.boot); *(.text.boot);
*(.text .text.*); *(.text .text.*);
__text_end = .;
} > SDRAM } > SDRAM
.rodata : ALIGN(4) .rodata : ALIGN(0x1000000)
{ {
__rodata_start = .;
*(.rodata .rodata.*); *(.rodata .rodata.*);
__rodata_end = .;
} > SDRAM } > SDRAM
.data : ALIGN(4) .data : ALIGN(0x1000000)
{ {
*(.data .data.*); *(.data .data.*);
} > SDRAM } > SDRAM

View File

@ -9,6 +9,7 @@ use libsupport_zynq::boot::Core1;
use dyld; use dyld;
use crate::rpc; use crate::rpc;
use crate::rtio; use crate::rtio;
use crate::mem_protect;
#[derive(Debug)] #[derive(Debug)]
@ -316,6 +317,7 @@ pub fn main_core1() {
// Flush data cache entries for the image in DDR, including // Flush data cache entries for the image in DDR, including
// Memory/Instruction Symchronization Barriers // Memory/Instruction Symchronization Barriers
dcci_slice(library.image.data); dcci_slice(library.image.data);
mem_protect::setup_core1(&library.image.data);
core1_tx.send(Message::LoadCompleted); core1_tx.send(Message::LoadCompleted);
}, },

View File

@ -11,6 +11,7 @@ use log::{info, error};
use libboard_zynq::{timer::GlobalTimer, logger, devc}; use libboard_zynq::{timer::GlobalTimer, logger, devc};
use libsupport_zynq::ram; use libsupport_zynq::ram;
mod mem_protect;
mod sd_reader; mod sd_reader;
mod config; mod config;
mod proto_core_io; mod proto_core_io;
@ -44,6 +45,7 @@ pub fn main_core0() {
log::set_max_level(log::LevelFilter::Debug); log::set_max_level(log::LevelFilter::Debug);
info!("NAR3/Zynq7000 starting..."); info!("NAR3/Zynq7000 starting...");
mem_protect::setup_core0();
ram::init_alloc_linker(); ram::init_alloc_linker();
match config::Config::new() { match config::Config::new() {

View File

@ -0,0 +1,71 @@
use libcortex_a9::mmu::{AccessPermissions, L1_PAGE_SIZE, L1Table};
/// Symbols defined by the linker script
extern "C" {
static __text_start: usize;
static __text_end: usize;
static __rodata_start: usize;
static __rodata_end: usize;
}
/// Apply basic memory protection to the regions defined by the linker
/// script for the runtime on core 0.
///
/// Therefore these regions need to be aligned to 1 MB.
pub fn setup_core0() {
let text_start = unsafe { &__text_start as *const _ as usize };
let text_end = unsafe { &__text_end as *const _ as usize };
let rodata_start = unsafe { &__rodata_start as *const _ as usize };
let rodata_end = unsafe { &__rodata_end as *const _ as usize };
let l1table = L1Table::get();
for addr in (0..0xFFFF_FFFF).step_by(L1_PAGE_SIZE) {
l1table.update(addr as *const usize, |l1section| {
if addr >= text_start && addr < text_end {
// Code: R-X
l1section.access = AccessPermissions::ReadOnly;
l1section.exec = true;
} else if addr >= rodata_start && addr < rodata_end {
// Data: R--
l1section.access = AccessPermissions::ReadOnly;
l1section.exec = false;
} else {
// Everything else: RW-
l1section.access = AccessPermissions::FullAccess;
l1section.exec = false;
}
});
}
}
pub fn setup_core1(kernel_data: &[u8]) {
let kernel_start = (&kernel_data[0] as *const _ as usize) & !(L1_PAGE_SIZE - 1);
let kernel_end = ((&kernel_data[kernel_data.len() - 1] as *const _ as usize) | (L1_PAGE_SIZE - 1)) + 1;
let text_start = unsafe { &__text_start as *const _ as usize };
let text_end = unsafe { &__text_end as *const _ as usize };
let rodata_start = unsafe { &__rodata_start as *const _ as usize };
let rodata_end = unsafe { &__rodata_end as *const _ as usize };
let l1table = L1Table::get();
for addr in (0..0xFFFF_FFFF).step_by(L1_PAGE_SIZE) {
l1table.update(addr as *const usize, |l1section| {
if addr >= kernel_start && addr < kernel_end {
// Kernel code/data: RWX
l1section.access = AccessPermissions::FullAccess;
l1section.exec = true;
} else if addr >= text_start && addr < text_end {
// Runtime code: R-X
l1section.access = AccessPermissions::ReadOnly;
l1section.exec = true;
} else if addr >= rodata_start && addr < rodata_end {
// Data: R--
l1section.access = AccessPermissions::ReadOnly;
l1section.exec = false;
} else {
// Everything else: RW-
l1section.access = AccessPermissions::FullAccess;
l1section.exec = false;
}
});
}
}