Hi all
I am running Genode 15.02 over the I.MX6 board. I tried to run tz_vmm script to run another Genode kernel image in normal world which running successfully. Also, I am able to switch from Normal world to the secure world and vice-versa.
Now I want to access some secure resources from the Normal world to see TrustZone enable features. So i write a small application "switch" with the help of IO_mem_connection and mmio class which access the secure RAM region used by the secure world but nothing happens there it is executing normally in Normal world. What kind of behavior is expected from the Normal world on this access?
I am using UART-2 in both the world to print the messages. On the other hand, when i make UART-2 secure in csu.h then normal world doesn't execute at all and DATA ABORT exception occurred.
I guess, I have to do some thing with CSU(csu.h) and TZASC (tsc_380.h) to see the TrustZone enable expected behavior. Please, Let me know where i could be wrong or what i can do to proceed further in this direction ?
Thanks in advance. Regards
Chirag Garg IIT Madras , Rise Lab
Hi Chirag,
On 04/01/2015 04:00 PM, chirag garg wrote:
Hi all
I am running Genode 15.02 over the I.MX6 board. I tried to run tz_vmm script to run another Genode kernel image in normal world which running successfully. Also, I am able to switch from Normal world to the secure world and vice-versa.
Now I want to access some secure resources from the Normal world to see TrustZone enable features. So i write a small application "switch" with the help of IO_mem_connection and mmio class which access the secure RAM region used by the secure world but nothing happens there it is executing normally in Normal world. What kind of behavior is expected from the Normal world on this access?
Well that depends on the TrustZone-specific memory protection mechanisms of this SoC, and how they are initializes respectively you have configured them. As you already know the peripherals of the i.MX5 and i.MX6 series are not completely the same, which includes the TrustZone aware devices, and by now we only used the i.MX53 in practice. So it is hard to answer your question without just speculating. I assume the TZASC to be responsible for the memory protection. If it is not configured correctly to prevent normal world access that nothing happens if your "switch component" accesses "secure memory", which is then obviously not secure.
I am using UART-2 in both the world to print the messages. On the other hand, when i make UART-2 secure in csu.h then normal world doesn't execute at all and DATA ABORT exception occurred.
This is what I would expect from it. If the CSU is somehow the same or a similar device like in the i.MX53 SoC, it is used to protect memory mapped I/O registers from different peripherals when accessed by the CPU, as well as to protect other buses (like memory bus) from DMA accesses of those peripherals. So if you configure UART-2 to be secure, a non-secure access naturally leads to a data-abort.
I guess, I have to do some thing with CSU(csu.h) and TZASC (tsc_380.h) to see the TrustZone enable expected behavior. Please, Let me know where i could be wrong or what i can do to proceed further in this direction ?
There is nothing to add to your own observations.
Regards Stefan
Thanks in advance. Regards
Chirag Garg IIT Madras , Rise Lab
Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main
-
chirag garg -
Stefan Kalkowski