Hello Devashish,

in its currently used form on ARMv8: if Genode's own kernel variant
"base-hw" gets booted into TrustZone's secure mode at all, it leaves
it without doing any additional setup into the normal world resp.
directly into EL2 hypervisor mode to prepare that.

With other words, without modifications you can't use the secure world
right now. On most platforms this is actually already in use by ARM's
Trusted Firmware (ATF), which implements things like multi-processor
wakeup, suspend etc., so we can't make use of it without replacing the
whole ATF.

In general it is however possible to do so, but you'll need to do
several in-depth modifications to make that work. First you need to
find out whether on Qemu the kernel gets started in secure mode. If
yes you would need at least to setup an exception vector for the EL3
secure-monitor mode, so that you handle for instance SMC-calls.
Probably you'll need to setup the MMU for the EL3 mode.
To sum it up it is some serious work to do. If you are interested in
exploring that, please have a look into the current CPU and exception-level
(EL) setup in file: repos/base-hw/src/bootstrap/spec/arm_64/cortex_a53_mmu.cc
That would be a good starting point to hook in.

Regards
Stefan

On Wed, Feb 22, 2023 at 01:40:13PM +0530, Devashish Dewangan cs21m017 wrote:
> Dear Genodians,
> I am working with virt_qemu_arm_v8a, and I read the extensive documentation
> on how Genode has experimented with the Trustzone of ARM. I want to explore
> the Trustzone and run an application in the secure mode, but I wanted to
> know if it is possible to do with virt_qemu_arm.
>
> --
> Regards,
> Devashish Dewangan
> CS21M017

> _______________________________________________
> Genode users mailing list
> users@lists.genode.org
> https://lists.genode.org/listinfo/users


--
Stefan Kalkowski
Genode labs

https://github.com/skalk | https://genode.org

_______________________________________________
Genode users mailing list
users@lists.genode.org
https://lists.genode.org/listinfo/users