Hello ,Genode Community I have written an email before which has a similar question to this email, but I haven't receive any response yet. Because solving this problem is very important to my work , so I decide to put it out again and hope to receive some help. The thing is I want to use sd_card driver in i.mx53 quick start board with trustzone. I know Martin said " you should not run 'sd_card' with Genodes Trustzone feature-set (platform 'hw_imx53_qsb_tz'), because Genode will then declare the ESDHC-IRQ to be unsecure to enable Linux to drive SD cards."[1]. But unfortunately, my work is just needs to use sd_card driver with trustzone. So I wonder is this possible? I am now using the latest Genode version(18.08). Form my point of view, if ESDHC-IRQ is still to be unsecure, this's two ways to solve this problem: 1. set ESDHC-IRQ to be secure. In this way ,Genode OS in secure world can directly drive the SD card. Also, the linux in the normal world must be modified to the stat that could not drive SD card. If this is right, could you provide me some hint to this method? 2. forward the sd card request to linux in the normal world.So all the sd card operation will be performed by linux. However, I think this will introduce more world switch between two worlds and you should provide a linux driver to serve for Genode's file operation. I will be grateful if you could give me some help, thanks a lot!
------------------ Best wishes
Hi,
On Thu, Nov 22, 2018 at 05:27:49PM +0800, lzSun wrote:
Hello ,Genode Community I have written an email before which has a similar question to this email, but I haven't receive any response yet. Because solving this problem is very important to my work , so I decide to put it out again and hope to receive some help. The thing is I want to use sd_card driver in i.mx53 quick start board with trustzone. I know Martin said " you should not run 'sd_card' with Genodes Trustzone feature-set (platform 'hw_imx53_qsb_tz'), because Genode will then declare the ESDHC-IRQ to be unsecure to enable Linux to drive SD cards."[1]. But unfortunately, my work is just needs to use sd_card driver with trustzone. So I wonder is this possible? I am now using the latest Genode version(18.08). Form my point of view, if ESDHC-IRQ is still to be unsecure, this's two ways to solve this problem:
- set ESDHC-IRQ to be secure. In this way ,Genode OS in secure world can directly drive the SD card. Also, the linux in the normal world must be modified to the stat that could not drive SD card. If this is right, could you provide me some hint to this method?
Surely this is the right way to go. All ingredients are already in place. Have a look at the usb_armory platform, which uses exactly the same SoC i.MX53 with a trustzone Linux using the sd-card client-wise from the Genode secure-world.
You need to change the sd-card device assignment in:
`repos/base-hw/src/bootstrap/spec/imx53_qsb/platform_trustzone.cc`
The fourth parameter of the Csu object decides over the sd-card assignment. And of course you need to change the Linux kernel to use the paravirtualized block device of the trustzone VMM. Please use the Linux kernel version + adaptations from here as inspiration:
https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
- forward the sd card request to linux in the normal world.So all the sd card operation will be performed by linux. However, I think this will introduce more world switch between two worlds and you should provide a linux driver to serve for Genode's file operation.
I will be grateful if you could give me some help, thanks a lot!
I cannot see a reason for using a secure-world stack than anyway. If make the secure side dependent of the potential insecure side is no good idea for obvious reasons.
Best regards Stefan
Best wishes
Genode users mailing list users@lists.genode.org https://lists.genode.org/listinfo/users
-
lzSun -
Stefan Kalkowski