> My student started work today. I have asked him to post on the group.
> I am defining the scope of work for him for the next 1 year. Basically I
> want
> him to complete the trustzone integration on the i.MX6 board. Do you
> think there is 6-8 months of work left for 1 person in this effort ?
degree of trustzone support you want to achieve. Given that base-hw
support trustzone on the Cortex-A9 already (for the Versatile Express
platform) and also the i.MX53 SoC, I don't expect any difficulties to
get the TZ world switch running in principle.
If you really care about thoroughly protecting the secure world from the
normal world, however, there is much more work to do. E.g., in our
current demo scenario, we cut some corners, which might not be good idea
in a real product. E.g. we grant the normal world access to the
system-and-clock management unit. Revoking access to this unit from the
normal world is easy. But to get Linux running w/o access to it is quite
difficult. We'd need to either provide a virtualized version of the
device (using a trap-and-emulate scheme) or change the Linux kernel to
use custom smc "hypercalls" to the TZ VMM instead of accessing the
device directly.
Also, as an additional challenge, it would be worthwhile to investigate
a solution for the problem described in the last paragraphs of the
Section "Additional device drivers" of our article:
http://genode.org/documentation/articles/trustzone#Additional_device_drivers
The DMA problem (GPU and IPU are using the same DMA channel) is quite
serious. It would be interesting to investigate if i.MX6 has fixed that.
To sum it up, the task can be scaled from a few months (just
experimenting with the world switch and granting most devices to the
normal world) to more than a year (when revoking devices from the normal
world while still making Linux happy to run in the normal world).
---------------------------------------------------------------------------------Madhu