OCEOS/oceos protection

From wiki
Jump to navigation Jump to search

OCEOS Memory Protection For GR716

Memory Protection provides directives to deal with the Error Detection and Correction (EDAC) features of the GR716 and directives to deal with memory write protection units.
The GR716 internal memory is protected by error detection and correction (EDAC) and associated scrubbing functionality and OCEOS provides directives to control and monitor this.
The GR716 memory controller for external memory provides EDAC capability and OCEOS has directives to control and monitor this and also the MEMSCRUB external scrubber unit.
The GR716 provides a number of memory protection units that provide some memory write protection capability. The OCEOS directives allow these registers be set to provide various levels of memory write protection.

Memory Protection Introduction

The two memory protection units in the GR716 can be used to restrict write access to memory segments by selected system bus masters (MEMPROT0) and by selected DMA bus masters (MEMPROT1). Each unit allows four memory segments be defined for write protection. In addition MEMPROT0 can restrict access via the system bus AHB to APB bridges by selected system bus masters and the four DMA units to selected APB bus devices.

MEMPROT0 can protect four segments in the range 0x40000000 to 0x4FFFFFFF or the range 0x80000000 to 0x8041ffff, as well as specific APB units.

MEMPROT1 can protect four segments in the range 0x30000000 to 0x31000000 and restrict the access of any master on the DMA bus.

An attempt to write to a protected area causes an AMBA ERROR response which can cause an interrupt from MEMSCRUB or from one of the AHBSTAT units.
The memory protection directives relate to the EDAC and memory protection features of the GR716.

The internal instruction RAM and data RAM of the GR716 each has its own EDAC and scrubber support internal to the GR716. The internal scrubbers use one 32-bit word per burst and an appropriate number of cycles between bursts should be specified for each scrubber. The scrubbers can be individually configured to cause an interrupt when an uncorrectable error occurs and if this is done an appropriate handler for Interrupt Line 63, default Int 19, should be set up in advance.
The GR716 internal RAM can also be protected from external write accesses by the memory protection unit on the DMA bus (MEMPROT1). The external RAM memory controllers (FTMCTRL0/1) provide EDAC support, with scrubbing provided by the MEMSCRUB unit on the main system bus.

As the main external memory (FTMCTRL0) uses an 8-bit data bus the high 20% of this RAM is used for the EDAC check bits and cannot be used for data when EDAC is enabled.

(The GR716-MINI board has 2 MiB of main external RAM accessed via FTMCTRL0 and with EDAC enabled only addresses 0x40000000 to 0x40199997 can be used for data, the check bits are stored at addresses 0x4019999a to 0x401FFFFF, and addresses 0x40199998 and 0x40199999 cannot be used).
When using MEMSCRUB this restriction must be taken into account in setting the high address of the scrubbing range. (The GR716-MINI external RAM scrubber range is 0x40000000 to 0x40199997.)
On the GR716 the MEMSCRUB unit works in bursts of two 32-bit words, and an appropriate number of cycles between bursts should be specified.
MEMSCRUB can be configured to cause an interrupt due to correctable or uncorrectable error counts exceeding a pre-set threshold, and if this is done an appropriate handler for Interrupt Line 63, default Int 19, should be set up in advance (the same interrupt as for the internal scrubbers).

Two memory protection (MEMPROT) units, one for the main system bus, one for the DMA bus, each allow up to four memory segments be defined and can be configured to prevent writes by a specific bus master to a segment.

MEMPROT0 controls memory writes via the main memory controller FTMCTRL0 by selected bus masters for addresses 0x40000000 to 0x4FFFFFFF.

Note

If EDAC is in use with FTMCTRL0 the memory area to which access is allowed must include the EDAC check bits as well as the data.

MEMPROT0 can also restrict writes to APB bus addresses in the range 0x80000000 to 0x8041FFFF and to specific devices on the APB bus.
MEMPROT1 controls memory writes to the GR716 internal RAM from the DMA bus for addresses in the range 0x30000000 to 0x31FFFFFF.

Write access permission can be specified on an individual basis for each bus master on the DMA bus.

MEMPROT0/1 do not themselves cause a trap/interrupt when an attempt is made to write to protected memory, but as well as preventing the write return an AMBA ERROR response which can give rise to an interrupt from AHBSTAT1/0 respectively. If this used an appropriate error handler for Interrupt Line 63, default Int 19, should be set up in advance (the same interrupt as for the scrubbers).

Note

The appropriate clock gating must be set for it to be possible to use FTMCTRL, MEMSCRUB, or the MEMPROT units, and the appropriate GPIO pin selection also configured.

The MEMPROT units themselves must be configured to allow access to the registers of the other devices.
A handler for Interrupt Line 63, default Int 19, should be set up in advance if required. The directives here assume this has already been done.

Note

Where a register contains read-only bits the values set for those bits in the input data used with the directives below must be 0, if not the input will be treated as invalid.

Memory Protection Configuration

API Functions

API Functions
Directive Description main task IRQ handler
oceos_protect_internal_EDAC_set() Internal EDAC control and scrubbing * * *
oceos_protect_internal_scrubber_set() Set the internal memory scrubber control and interrupt * * *
oceos_protect_internal_status_get() Return the internal EDAC and scrubber status * * *
oceos_protect_external_EDAC_set() External RAM EDAC control and scrubbing * * *
oceos_protect_external_status_get() Return the main external RAM EDAC status register * * *
oceos_protect_external_scrubber_set() Set the parameters for the external scrubber unit MEMSCRUB * * *
oceos_protect_external_scrubber_status_get() Get the status of the external scrubber MEMSCRUB * * *
oceos_protect_external_scrubber_position_get() Get the current value of the MEMSCRUB position register * * *
oceos_protect_unit_control() Enable/disable protection by a MEMPROT unit * * *
oceos_protect_segment_define() Define the range of addresses * * *
oceos_protect_memprot0_segment_control() Control access to MEMPROT0 segments * * *
oceos_protect_memprot1_segment_control() Control access to MEMPROT1 segments * * *
oceos_protect_APB_devices() Control access to APB devices * * *

oceos_protect_internal_EDAC_set()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_internal_scrubber_set()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_internal_status_get()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_external_EDAC_set()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_external_status_get()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_external_scrubber_set()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_external_scrubber_status_get()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_external_scrubber_position_get()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_unit_control()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_segment_define()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_memprot0_segment_control()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_memprot1_segment_control()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage

oceos_protect_APB_devices()

Header File
protection.h

Description

Prototype

Parameters

Parameter Description

Returns
This function returns enum DIRECTIVE_STATUS.

enum DIRECTIVE_STATUS Description
INCORRECT_STATE If system Meta pointer is NULL or

Init pointer is NULL or Start up phase check fail or Fixed data checksum failed (check log)

INVALID_NAME If Start Sentinel for fixed area is corrupt or

Start Sentinel for dynamic area is corrupt

INVALID_NUMBER If Configuration and actual parameters do not match

(In configuration file was defined 5 tasks, but created less)

SUCCESSFUL If All OK

Example Usage