Hi Stefan,
Thank you very much for your detailed explication. I am really lucky beacause it seems you are working right now on that matter (last genode/staging branch update was yesterday :)).
well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.
Now I am able to see files on ./base-hw/src/core/imx53/trustzone.
To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.
So, I assume the linux image on http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a normal linux image for imx53_loco but neither a L4Linux (since the example is running without Fiasco.OC). Is there any repository where we could take that linux code?
About the example I only can say "Great work". I was able to run it on hardware. Some little details that could help people:
After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'
The resulting image is on elf, if you want to run it with uboot you should create a valid uImage using mkimage tool.
Now, I go to play!
Best regards Pablo Antón.
El 27.11.2013 22:47, Stefan Kalkowski escribió:
Hi Pablo,
On 11/26/2013 06:11 PM, panton wrote:
Hello,
I want to create a virtualized system with Genode in my imx53 board. At the moment, I am able to run Genode on the board with base-foc and also directly on hardware (base-hw). Thus, my plan was to run a linux kernel as a child node and hopefully run it into trustzone NS. Looking into Genode code I found base-hw/include/vm_session that seems to deal with virtualization. Furthermore there is a trustzone.cc into base-hw/src/core.., but without real useful code.
well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.
I was wondering if there are implemented virtualization capabilities using trustzone or even without trustzone?
In fact, there is some kind of virtualization support using TrustZone. Although, TrustZone isn't designed to be a virtualization solution. Therefore, the "guest" needs to be aware what devices it is allowed to use. In contrast to the CPU (including MMU, Caches, etc.), there is no support to virtualize physical memory (including memory mapped I/O) for the non-secure "guest". That means guest physical addresses are in fact physical addresses. Dependent on the concrete platform, it might be possible to deny non-secure access to certain physical memory regions, like I/O memory of certain devices, and then use a trap-emulate approach. But in general this approach isn't guaranteed to work. Dependent on where the unit, which controls peripheral device memory (if existent at all), is located in the bus hierarchy of the SoC, it might provoke asynchronous external data-aborts in the CPU core, instead of synchronous ones. Thereby, it is impossible to recover the state, in which the protection fault was raised. To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.
On ARM platforms, apart from the TrustZone "virtualization", Genode includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC kernel. ARM's virtualization extensions aren't supported yet, but we'll investigate it certainly.
If so, it would be great to have an example of how to use it.
A working basic example is available on Genode's current staging branch, and will be available in Genode's upcoming release 13.11, that will be announced this week. The example should work out of the box for ARM's Versatile Express Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to create a build directory for 'hw_imx53'. After creating the build directory, you've to adapt the 'etc/specs.conf' file, and add the following SPEC variable:
SPECS += trustzone
After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'. The example scenario starts Genode's hw kernel, core, init, and the virtual machine monitor, which will boot Linux with a small busybox initramfs on the non-secure side.
A more sophisticated example, which runs on the i.MX53 SABRE tablet only, can be found on this topic branch:
https://github.com/skalk/genode/tree/i.MX53_tablet_demo
That example include virtual touchscreen support for the non-secure guest, so that you can interact with the secure Genode system, and the non-secure Android guest side-by-side.
Thanks in advance for answers!
You're welcome.
Best Regards Stefan
Best regards, Pablo Anton
Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
-- Stefan Kalkowski Genode Labs
http://www.genode-labs.com/ · http://genode.org/
Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main