Hello Tiago,
On 05/25/2016 04:56 PM, Tiago Brito wrote:
> Hi, I have an i.MX53 QSB development board and I want to experiment with
> ARM TrustZone.
>
> I'm a beginner with regards to genode and kernel development in general.
>
> I was able to run tz_vmm on the QSB and interact with the linux which runs
> in normal world. What I want to do next is a fairly simple system where
> inside linux I can call an SMC and switch to the secure world, then whilst
> in secure world print something (like "Hello From Secure World" and also
> print some argument from the normal world) and then go back to linux.
>
> I have read some of the messages in the mailing list and I noticed some of
> you (other mailing list subscribers) already achieved similar communication
> protocols but because I'm new to genode I don't know where to start.
Well, the very first pointer to gain more understanding of this concrete
scenario ist to read the detailed documentation of it:
http://genode.org/documentation/articles/trustzone
Most of your questions, e.g., how to build the Linux kernel?, or is it a
modified Linux kernel? are already answered there.
>
> I know I probably have to create a kernel module for the linux running in
> normal world so I can call SMC from a userspace application, but I don't
> know how to do that since I don't see where the linux is being compiled for
> genode [1]. Do I have to compile another linux? How do I incorporate this
> new linux version to work with genode?
Actually the Linux kernel version you are using when executing the
tz_vmm run-script already issues SMC calls that switch to the secure
world, where the VMM handles those calls and afterwards returns to the
normal world.
>
> Besides this I also don't know where to start modifying tz_vmm in order to
> achieve my goals. I know where tz_vmm's code is but I don't know where to
> start changing it. I have also seen some mailing list questions regarding
> the world switch from secure world to normal world. It seems that from
> normal to secure you should call an SMC, but from secure to normal the
> monitor mode implementation cannot handle entries from the secure world and
> thus no SMC can be called directly [2].
The typical activity flow is:
* Linux kernel issues an SMC call, e.g., to tell the VMM where its
framebuffer is located in physical memory [1]
* the HW kernel of Genode receives an exception, pauses the Linux VM,
and delivers a signal to the related VMM [2]
* the VMM receives the signal that the VM got paused due to an SMC
call [3]
* the VMM informs the HW kernel that the VM should be executed again
after handling the call [4]
* next time the scheduler of the HW kernel chooses the VM, it issues a
world-switch to it [5]
Regards
Stefan
[1]
https://github.com/skalk/linux/blob/bc1707a23a9770cf080a1b87b4f553a2a39ac636/drivers/video/mxc/mxc_ipuv3_fb.c#L339
[2]
https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc#L52
[3]
https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/spec/imx53/main.cc#L95
[4]
https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/spec/imx53/main.cc#L119
[5]
https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc#L72
>
> Can you give my some feedback on how to achieve these things on the i.MX53
> QSB?
>
> Thanks in advance, Tiago
>
> [1] - https://sourceforge.net/p/genode/mailman/message/33244107/
> [2] - https://sourceforge.net/p/genode/mailman/message/34244066/
>