Hi John,
On 02/25/2016 12:58 AM, John David wrote:
Hi Stefan,
thank you so much for your response.
On Mon, Feb 22, 2016 at 11:18 AM, Stefan Kalkowski < stefan.kalkowski@...1...> wrote:
Hi John,
sorry for my late response, I was in holidays.
On 02/13/2016 12:54 AM, John David wrote:
Hi Stefan,
Thanks a lot.
I have tried to configure and run the tz_vmm example according to your explanation, but only the Linux penguin is displayed on left corner of
the
LVDS display kit and then it hangs.
Ok, that means Linux succeeds in using the LVDS display. When you write: "it hangs" do you get any message from the Genode side, e.g. a VM exception dump?
no VM exception dump if i disable the serial port (CONFIG_SERIAL_MXC and CONFIG_SERIAL_MXC_CONSOLE) in the Linux configuration file. FYI, i use imx53_android_deconfig in /arch/arm/configs for building the Linux kernel.
Otherwise you need to inspect the Linux kernel messages, did you enabled earlyprintk, and removed the serial console redirection of the kernel messages within the kernel commandline parameters?
I changed the kernel commandline parameters to *"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0*" and also enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the Linux penguin logo on top left conner of the LVDS display, and hangs. Do i still miss something? Would you please let me know? However, If i set the UART device as UNSECURED and enable the the serial port in the configuration file, the Linux boots properly without an error and i get a shell in the serial console.
I wonder that you do not see any kernel messages when not redirecting the kernel console to serial line. However, potentially your Linux setup boots successfully, but there the only TTY that is started refers to the serial console. At least if you use the unmodified initramfs archive of our i.MX53 TrustZone example setup this would be the case. So you have to unpack the initramfs, patch the init's configuration so that it will start a (login) shell on tty1.
If that does not help, you need to find out why the kernel does not show anything (kernel messages) on screen by setting up the same scenario without Genode with an unmodified Linux kernel and thereby tweaking the kernel/initramfs until you see the kernel messages on screen.
regards stefan
BTW, is it possible to run the guest OS unmodified in the normal world while Genode in the secure world using this 'tz_vmm' run example? i have a prebuilt Android/Linux uImage for imx53 QSB from the www.freeescale.com. Is it possible to run this uImage if i put it manually in place of Linux uImage in Genode build directory? if not, how do i modify if i get the source code? Do you have any other experiment for ARM TrustZone on imx53 QSB?
No it is not possible to run an unmodified kernel in the normal world. TrustZone is _no_ virtualization technology. The "guest" kernel always needs to be aware what resources it is able to access and which not. It is hard, or in general impossible to virtualize via trap-and-emulate. Please, have a look at our TrustZone article for further details, including our Android scenario:
http://genode.org/documentation/articles/trustzone
Currently, we do not have any out-of-the-box example scenarios for the i.MX53 QSB, which make use of TrustZone. Other examples are using either the i.MX53 SABRE Tablet, or the USB armory. For the latest, please have a look at the development story and presentation of Martin Stein:
http://genode.org/documentation/articles/usb_armory
http://mirrors.dotsrc.org/fosdem/2016/k4601/genodes-trustzone-demo-on-the-us...
Regards Stefan
Thanks!
As you mentioned, I removed the last four patches from this branch ( https://github.com/skalk/linux/commits/imx53-tz) and re-compiled the
Linux
kernel. I also changed the kernel cmdline argument value in genode/os/src/server/tz_vmm/imx53/main.cc file to
*console=ttymxc0,115200
gpu_nommu video=mxcdi0fb:RGB666,XGA di0_primary ldb=di0*. I wonder if you could tell me what is missing?
Thanks!
On Wed, Feb 10, 2016 at 2:52 PM, Stefan Kalkowski < stefan.kalkowski@...1...> wrote:
Hi John,
On 02/03/2016 10:51 PM, John David wrote:
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit attached to the board. I want the Linux (non secure world) to be
displayed
on the LVDS while the Genode uses the serial console. I wonder if you
could
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world (Genode) and non-secure world (Linux). This is primarily done via the CSU (Central Security Unit) of this Freescale SoC. You can find the relevant configuration hardcoded within:
repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
just reset mostly all devices except the UART to belong to the non-secure world, and set the DMA channel of the GPU (line 222) to be unsecure. Remove the relevant patches of the Linux guest OS from this branch (I think the last 4 commits):
https://github.com/skalk/linux/commits/imx53-tz
and then re-build the Linux kernel and Genode scenario.
Regards Stefan
Thanks!
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
-- Stefan Kalkowski Genode Labs
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
-- Stefan Kalkowski Genode Labs
http://www.genode-labs.com/ · http://genode.org/
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main