Hi Yevgeny,
In general, I can recommend you to have a look at the article [3]. It gives information regarding nearly all the topics that you address.
Am 16.05.2016 um 11:27 schrieb Yevgeny Lavrov:
So I was able to run Genode on USB Armory, and ssh into it, and it appears to me that I’m interacting with Linux Virtual Machine. If it is a Virtual Machine,
No, it is the Normal World of ARM Trustzone. It might be misleading that we use the Genode VM-Session interface to control the Normal World but the underlying Trustzone technology is still no Virtualization but merely a hardware separation.
then are there any tools available within that VM that I can use to talk to the outside of the Linux VM, or at least somehow prove/demonstrate that the Linux VM I’m currently in is running atop of Genode?
Yes, there are. You can use the Secure Monitor Call or SMC instruction of ARM for that. Actually, it is already used by your Linux for the para-virtualized SD-card [1] and UART [2]. Using SMCs, you can also install shared buffers as done in [1].
The other question is about the Kernel. It appears as ARM Linux Kernel during boot. Is it a standard Linux Kernel or especially customized one to support Genode? I just need to verify this.
Just to be really clear, do you mean the initial Kernel that boots the Genode hypervisor or the Kernel that is started by Genode in the Normal World ([init -> tz_vmm] [vm] ...) ?
Assuming you mean the one in the Normal World, it is a patched Linux 4.2.3. You can see my two Armory patches here [4].
Can you provide any tips on how to bring up any other microkernels fully supported by Genode that I can run on USB Armory?
There are generally three main building sites when porting another kernel to the Normal World of tz_vmm. First, the monitor component [5] acts as bootloader for the Normal World OS. This bootloader behavior would have to be adapted to the new OS's expectations.
Second, the Normal World OS currently has to cooperate in some ways with the Secure World. Mainly, it must not modify clock or power controls in a way that affects the Genode hypervisor because these controls are not protected yet.
Third, you have to check whether your OS attempts to use devices that are protected. If they are mandatory, i.e. you can't skip them, you can para-virtualize them. As mentioned above, for SDHC and UART, Genode already provides a para-virtualized interface.
If there are no other options available besides using the default Linux kernel that comes with the tz_vmm, then is there any other board that you can recommend me to use to run Genode with fully supported microkernels, as preparation for seL4?
Could you please explain this a bit further? I don't know what seL4 has to do with a Trustzone scenario. What is your final goal?
Cheers, Martin
[1] https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/bl...
[2] https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/tt... https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/arch/arm/i...
[3] https://genode.org/documentation/articles/usb_armory
[4] https://github.com/m-stein/linux/commits/genode_hw_usb_armory_tz_vmm
[5] https://github.com/genodelabs/genode/tree/master/repos/os/src/server/tz_vmm