16 Dec
2014
16 Dec
'14
10:11 a.m.
On 12/16/2014 10:27 AM, chirag garg wrote:
Hi Stefan,
On Tue, Dec 16, 2014 at 2:36 PM, Stefan Kalkowski <stefan.kalkowski@...1... mailto:stefan.kalkowski@...1...> wrote:
Hi, On 12/16/2014 08:39 AM, chirag garg wrote: > Hi all, > > I am trying to run *tz_vmm* script on the *imx6 platform*. In which I > have tried to put Genode (without trustzone) OS image instead of linux > image as a guest OS which is configured according to normal world. we > changed the CSU also according to imx6 security manual. So now we are > getting the following error : > > > Starting kernel ... > > kernel initialized > Genode 14.08 > int main(): --- create local services --- > Core virtual memory allocator > --------------------- > Allocator 101318e4 dump: > Block: [00001000,00002000) size=00001000 avail=00000000 max_avail=00000000 > Block: [00002000,00003000) size=00001000 avail=00000000 max_avail=00000000 > Block: [00003000,00004000) size=00001000 avail=00000000 max_avail=ef9c1000 > Block: [00004000,00005000) size=00001000 avail=00000000 max_avail=00000000 > Block: [00005000,00006000) size=00001000 avail=00000000 max_avail=00000000 > Block: [00006000,10001000) size=0fffb000 avail=0fffb000 max_avail=ef9c1000 > Block: [1062f000,ffff0000) size=ef9c1000 avail=ef9c1000 max_avail=ef9c1000 > => mem_size=4288417792 (4089 MB) / mem_avail=4288397312 (4089 MB) > > RAM memory allocator > --------------------- > Allocator 10130888 dump: > Block: [10000000,10001000) size=00001000 avail=00000000 max_avail=00000000 > Block: [1062f000,10630000) size=00001000 avail=00000000 max_avail=00000000 > Block: [10630000,10631000) size=00001000 avail=00000000 max_avail=00000000 > Block: [10631000,10632000) size=00001000 avail=00000000 max_avail=1f9cd000 > Block: [10632000,10633000) size=00001000 avail=00000000 max_avail=00000000 > Block: [10633000,30000000) size=1f9cd000 avail=1f9cd000 max_avail=1f9cd000 > => mem_size=530391040 (505 MB) / mem_avail=530370560 (505 MB) > > IO memory allocator > ------------------- > Allocator 1013294c dump: > Block: [00000000,00a00000) size=00a00000 avail=00a00000 max_avail=00a00000 > Block: [00a02000,020d0000) size=016ce000 avail=016ce000 max_avail=016ce000 > Block: [020d4000,021c0000) size=000ec000 avail=000ec000 max_avail=20000000 > Block: [021c1000,021e8000) size=00027000 avail=00027000 max_avail=00027000 > Block: [021ec000,10000000) size=0de14000 avail=0de14000 max_avail=20000000 > Block: [30000000,50000000) size=20000000 avail=20000000 max_avail=20000000 > => mem_size=805261312 (767 MB) / mem_avail=805261312 (767 MB) > > IRQ allocator > ------------------- > Allocator 101339a8 dump: > Block: [00000000,00000400) size=00000400 avail=00000400 max_avail=00000400 > => mem_size=1024 (0 MB) / mem_avail=1024 (0 MB) > > int main(): --- start init --- > int main(): transferred 505 MB to init > int main(): --- init created, waiting for exit condition --- > [init] Could not open file "ld.lib.so <http://ld.lib.so> <http://ld.lib.so>" > [init] parent provides > [init] service "ROM" > [init] service "RAM" > [init] service "IRQ" > [init] service "IO_MEM" > [init] service "CAP" > [init] service "PD" > [init] service "RM" > [init] service "CPU" > [init] service "LOG" > [init] service "SIGNAL" > [init] service "VM" > [init] child "tz_vmm" > [init] RAM quota: 3932160 > [init] ELF binary: tz_vmm > [init] priority: 0 > [init -> tz_vmm] Start virtual machine > [init -> tz_vmm] *Vm tried to access 30008040 which isn't allowed* > [init -> tz_vmm] Cpu state: > [init -> tz_vmm] Register Virt Phys > [init -> tz_vmm] --------------------------------- > [init -> tz_vmm] r0 = 00000000 [00000000] > [init -> tz_vmm] r1 = 00000eb9 [00000000] > [init -> tz_vmm] r2 = 30000100 [00000000] > [init -> tz_vmm] r3 = 00000000 [00000000] > [init -> tz_vmm] r4 = 00000000 [00000000] > [init -> tz_vmm] r5 = 00000000 [00000000] > [init -> tz_vmm] r6 = 00000000 [00000000] > [init -> tz_vmm] r7 = 00000000 [00000000] > [init -> tz_vmm] r8 = 00000000 [00000000] > [init -> tz_vmm] r9 = 00000000 [00000000] > [init -> tz_vmm] r10 = 00000000 [00000000] > [init -> tz_vmm] r11 = 00000000 [00000000] > [init -> tz_vmm] r12 = 00000000 [00000000] > [init -> tz_vmm] sp = 00000000 [00000000] > [init -> tz_vmm] lr = 00000000 [00000000] > [init -> tz_vmm] ip = 30008000 [00000000] > [init -> tz_vmm] cpsr = 00000093 > [init -> tz_vmm] sp_und = 00000000 [00000000] > [init -> tz_vmm] lr_und = 00000000 [00000000] > [init -> tz_vmm] spsr_und = 00000000 [00000000] > [init -> tz_vmm] sp_svc = 00000000 [00000000] > [init -> tz_vmm] lr_svc = 00000000 [00000000] > [init -> tz_vmm] spsr_svc = 00000000 [00000000] > [init -> tz_vmm] sp_abt = 00000000 [00000000] > [init -> tz_vmm] lr_abt = 00000000 [00000000] > [init -> tz_vmm] spsr_abt = 00000000 [00000000] > [init -> tz_vmm] sp_irq = 00000000 [00000000] > [init -> tz_vmm] lr_irq = 00000000 [00000000] > [init -> tz_vmm] spsr_irq = 00000000 [00000000] > [init -> tz_vmm] sp_fiq = 00000000 [00000000] > [init -> tz_vmm] lr_fiq = 00000000 [00000000] > [init -> tz_vmm] spsr_fiq = 00000000 [00000000] > [init -> tz_vmm] ttbr0 = 112a1041 > [init -> tz_vmm] ttbr1 = 93a2c043 > [init -> tz_vmm] ttbrc = 00000000 > [init -> tz_vmm] dfar = 00000000 [00000000] > [init -> tz_vmm] *exception = data_abort* > [init -> tz_vmm] *Could not handle data-abort will exit!* > [init -> tz_vmm] *Destructing undissolved signal context* > > I divided the RAM into two portions: 0x10000000-0x30000000 for secure > world and 0x30000000-0x50000000 for Normal world. > > After VM start, we are getting "*VM tried to access 30008040 which isn't > allowed" *error. Also, tried to compile the image by changing this > address to 0x10001000 in the file spec_hw_imx6.mk <http://spec_hw_imx6.mk> > <http://spec_hw_imx6.mk> file (for the normal world OS image). We get > the same error as above but only with the memory address changed in the > error message. > Kindly let us know the possible reasons behind getting this error. If you want to run Genode's hw kernel as normal world OS beside the secure world version, you have to link it to the right address. For doing so, use the LD_TEXT_ADDR variable in the spec file you already mentioned. Nevertheless, of course you have to set the instruction pointer according to the binary's entrypoint which is probably not 0x30008000 as long as you didn't linked the kernel to that address.Can we choose any random address in the Non-secure RAM region to link the Normal OS image ?
In principle yes, as long as there is enough space in between the link address and the end of the normal world's RAM to hold the binary. I think 0x30001000 will be fine, but ensure that the VMM then sets te instruction pointer to 0x30001000 too.
The next question would be: how do you load the Genode normal world guest? Do you use an ELF image, a raw binary, or an u-boot image? The original VMM implementation only handles a raw Linux kernel binary, no ELF nor u-boot image.I used a raw binary to load the Genode normal world guest instead of Linux raw binary file. Is this will work fine or we have to change other things to load the image ?
That's fine. When using a raw binary image the VMM just needs to copy the binary to the right offset in memory, which should be done by the current implementation.
I wonder what code base do you used for implementing the VMM for your example? In the mainline Genode repository there is one for i.MX53 and one for Versatile Express. Although both are looking quite similar they are using completely different TrustZone-aware devices of the related SoCs to provide protection. When looking at your print messages it seems you are using the Versatile Express code, do you?Yes, I used Versetile Express VMM, but I modified it according imx6 TrustZone aware devices.
Ok, I was wondering because the fault address shown in the message: "Vm tried to access XXX which isn't allowed" originally was gained by using the TrustZone Address Space Controller of the Versatile Express. A look into the i.MX6 reference manual showed me that they now use that device too. So I assume you programmed it accordingly.
Regards Stefan
Regards Stefan > > Thanks in advance. > > Regards > > Chirag Garg > IIT Madras , Rise Lab > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > > > > _______________________________________________ > genode-main mailing list > genode-main@lists.sourceforge.net <mailto:genode-main@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/genode-main > -- Stefan Kalkowski Genode Labs http://www.genode-labs.com/ · http://genode.org/ ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net <mailto:genode-main@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/genode-main
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.cl...
genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/