Hi Pablo,

On 11/26/2013 06:11 PM, panton wrote:

Hello,

I want to create a virtualized system with Genode in my imx53 board. At the moment, I am able to run Genode on the board with base-foc and also directly on hardware (base-hw). Thus, my plan was to run a linux kernel as a child node and hopefully run it into trustzone NS. Looking into Genode code I found base-hw/include/vm_session that seems to deal with virtualization. Furthermore there is a trustzone.cc into base-hw/src/core.., but without real useful code.

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

I was wondering if there are implemented virtualization capabilities using trustzone or even without trustzone?

In fact, there is some kind of virtualization support using TrustZone. Although, TrustZone isn't designed to be a virtualization solution. Therefore, the "guest" needs to be aware what devices it is allowed to use. In contrast to the CPU (including MMU, Caches, etc.), there is no support to virtualize physical memory (including memory mapped I/O) for the non-secure "guest". That means guest physical addresses are in fact physical addresses. Dependent on the concrete platform, it might be possible to deny non-secure access to certain physical memory regions, like I/O memory of certain devices, and then use a trap-emulate approach. But in general this approach isn't guaranteed to work. Dependent on where the unit, which controls peripheral device memory (if existent at all), is located in the bus hierarchy of the SoC, it might provoke asynchronous external data-aborts in the CPU core, instead of synchronous ones. Thereby, it is impossible to recover the state, in which the protection fault was raised. To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

On ARM platforms, apart from the TrustZone "virtualization", Genode includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC kernel. ARM's virtualization extensions aren't supported yet, but we'll investigate it certainly.

If so, it would be great to have an example of how to use it.

A working basic example is available on Genode's current staging branch, and will be available in Genode's upcoming release 13.11, that will be announced this week. The example should work out of the box for ARM's Versatile Express Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to create a build directory for 'hw_imx53'. After creating the build directory, you've to adapt the 'etc/specs.conf' file, and add the following SPEC variable:

SPECS += trustzone

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'. The example scenario starts Genode's hw kernel, core, init, and the virtual machine monitor, which will boot Linux with a small busybox initramfs on the non-secure side.

A more sophisticated example, which runs on the i.MX53 SABRE tablet only, can be found on this topic branch:

https://github.com/skalk/genode/tree/i.MX53_tablet_demo

That example include virtual touchscreen support for the non-secure guest, so that you can interact with the secure Genode system, and the non-secure Android guest side-by-side.

Thanks in advance for answers!

You're welcome.

Best Regards Stefan

Best regards, Pablo Anton

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Pablo,

On 11/28/2013 10:52 AM, panton wrote:

Hi Stefan,

Thank you very much for your detailed explication. I am really lucky beacause it seems you are working right now on that matter (last genode/staging branch update was yesterday :)).

...

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

Now I am able to see files on ./base-hw/src/core/imx53/trustzone.

...

To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

So, I assume the linux image on http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a normal linux image for imx53_loco but neither a L4Linux (since the example is running without Fiasco.OC). Is there any repository where we could take that linux code?

Sure, branches including the changes for Versatile Express, and i.MX53 QSB/Tablet can be found on Github too:

git@...116...:skalk/linux.git

The branches are titled 'vexpress-tz', and 'imx53-tz'

About the example I only can say "Great work".

Thanks, that's music to my ears.

I was able to run it on hardware. Some little details that could help people:

...

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'

The resulting image is on elf, if you want to run it with uboot you should create a valid uImage using mkimage tool.

If you add a '--target uboot' to the RUN_OPT environment variable, the uImage is built automatically. Just add the following to your 'etc/build.conf' (I've missed that in the previous mail):

RUN_OPT = --target uboot

Now, I go to play!

Good luck, and best regards Stefan

Best regards Pablo Antón.

El 27.11.2013 22:47, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/26/2013 06:11 PM, panton wrote:

...

Hello,

I want to create a virtualized system with Genode in my imx53 board. At the moment, I am able to run Genode on the board with base-foc and also directly on hardware (base-hw). Thus, my plan was to run a linux kernel as a child node and hopefully run it into trustzone NS. Looking into Genode code I found base-hw/include/vm_session that seems to deal with virtualization. Furthermore there is a trustzone.cc into base-hw/src/core.., but without real useful code.

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

...

I was wondering if there are implemented virtualization capabilities using trustzone or even without trustzone?

In fact, there is some kind of virtualization support using TrustZone. Although, TrustZone isn't designed to be a virtualization solution. Therefore, the "guest" needs to be aware what devices it is allowed to use. In contrast to the CPU (including MMU, Caches, etc.), there is no support to virtualize physical memory (including memory mapped I/O) for the non-secure "guest". That means guest physical addresses are in fact physical addresses. Dependent on the concrete platform, it might be possible to deny non-secure access to certain physical memory regions, like I/O memory of certain devices, and then use a trap-emulate approach. But in general this approach isn't guaranteed to work. Dependent on where the unit, which controls peripheral device memory (if existent at all), is located in the bus hierarchy of the SoC, it might provoke asynchronous external data-aborts in the CPU core, instead of synchronous ones. Thereby, it is impossible to recover the state, in which the protection fault was raised. To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

On ARM platforms, apart from the TrustZone "virtualization", Genode includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC kernel. ARM's virtualization extensions aren't supported yet, but we'll investigate it certainly.

...

If so, it would be great to have an example of how to use it.

A working basic example is available on Genode's current staging branch, and will be available in Genode's upcoming release 13.11, that will be announced this week. The example should work out of the box for ARM's Versatile Express Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to create a build directory for 'hw_imx53'. After creating the build directory, you've to adapt the 'etc/specs.conf' file, and add the following SPEC variable:

SPECS += trustzone

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'. The example scenario starts Genode's hw kernel, core, init, and the virtual machine monitor, which will boot Linux with a small busybox initramfs on the non-secure side.

A more sophisticated example, which runs on the i.MX53 SABRE tablet only, can be found on this topic branch:

https://github.com/skalk/genode/tree/i.MX53_tablet_demo

That example include virtual touchscreen support for the non-secure guest, so that you can interact with the secure Genode system, and the non-secure Android guest side-by-side.

...

Thanks in advance for answers!

You're welcome.

Best Regards Stefan

...

Best regards, Pablo Anton

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi,

On 12/02/2013 03:48 PM, panton wrote:

Hi Stefan,

I know this is not a question about genode but I am having troubles compiling linux image for tz-vmm. Did you use genode toolchain?? Could I ask you the config options file you used for compiling (I was not able to get it from linux image)??

I didn't used the Genode toolchain, but the Codesourcery ARM cross compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode toolchain isn't used to compile a Linux system, it misses certain defines you need when compiling the Linux kernel.

The adapted kernel configuration file is part of the Linux fork I've mentioned in my previous mail. Here is the concrete file:

https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t...

Regards Stefan

Thanks you in advance.

Best regards. Pablo Anton.

El 28.11.2013 11:07, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/28/2013 10:52 AM, panton wrote:

...

Hi Stefan,

Thank you very much for your detailed explication. I am really lucky beacause it seems you are working right now on that matter (last genode/staging branch update was yesterday :)).

...

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

Now I am able to see files on ./base-hw/src/core/imx53/trustzone.

...

To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

So, I assume the linux image on http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a normal linux image for imx53_loco but neither a L4Linux (since the example is running without Fiasco.OC). Is there any repository where we could take that linux code?

Sure, branches including the changes for Versatile Express, and i.MX53 QSB/Tablet can be found on Github too:

git@...116...:skalk/linux.git

The branches are titled 'vexpress-tz', and 'imx53-tz'

...

About the example I only can say "Great work".

Thanks, that's music to my ears.

...

I was able to run it on hardware. Some little details that could help people:

...

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'

The resulting image is on elf, if you want to run it with uboot you should create a valid uImage using mkimage tool.

If you add a '--target uboot' to the RUN_OPT environment variable, the uImage is built automatically. Just add the following to your 'etc/build.conf' (I've missed that in the previous mail):

RUN_OPT = --target uboot

...

Now, I go to play!

Good luck, and best regards Stefan

...

Best regards Pablo Antón.

El 27.11.2013 22:47, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/26/2013 06:11 PM, panton wrote:

...

Hello,

I want to create a virtualized system with Genode in my imx53 board. At the moment, I am able to run Genode on the board with base-foc and also directly on hardware (base-hw). Thus, my plan was to run a linux kernel as a child node and hopefully run it into trustzone NS. Looking into Genode code I found base-hw/include/vm_session that seems to deal with virtualization. Furthermore there is a trustzone.cc into base-hw/src/core.., but without real useful code.

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

...

I was wondering if there are implemented virtualization capabilities using trustzone or even without trustzone?

In fact, there is some kind of virtualization support using TrustZone. Although, TrustZone isn't designed to be a virtualization solution. Therefore, the "guest" needs to be aware what devices it is allowed to use. In contrast to the CPU (including MMU, Caches, etc.), there is no support to virtualize physical memory (including memory mapped I/O) for the non-secure "guest". That means guest physical addresses are in fact physical addresses. Dependent on the concrete platform, it might be possible to deny non-secure access to certain physical memory regions, like I/O memory of certain devices, and then use a trap-emulate approach. But in general this approach isn't guaranteed to work. Dependent on where the unit, which controls peripheral device memory (if existent at all), is located in the bus hierarchy of the SoC, it might provoke asynchronous external data-aborts in the CPU core, instead of synchronous ones. Thereby, it is impossible to recover the state, in which the protection fault was raised. To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

On ARM platforms, apart from the TrustZone "virtualization", Genode includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC kernel. ARM's virtualization extensions aren't supported yet, but we'll investigate it certainly.

...

If so, it would be great to have an example of how to use it.

A working basic example is available on Genode's current staging branch, and will be available in Genode's upcoming release 13.11, that will be announced this week. The example should work out of the box for ARM's Versatile Express Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to create a build directory for 'hw_imx53'. After creating the build directory, you've to adapt the 'etc/specs.conf' file, and add the following SPEC variable:

SPECS += trustzone

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'. The example scenario starts Genode's hw kernel, core, init, and the virtual machine monitor, which will boot Linux with a small busybox initramfs on the non-secure side.

A more sophisticated example, which runs on the i.MX53 SABRE tablet only, can be found on this topic branch:

https://github.com/skalk/genode/tree/i.MX53_tablet_demo

That example include virtual touchscreen support for the non-secure guest, so that you can interact with the secure Genode system, and the non-secure Android guest side-by-side.

...

Thanks in advance for answers!

You're welcome.

Best Regards Stefan

...

Best regards, Pablo Anton

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Pablo,

On 12/09/2013 04:31 PM, panton wrote:

Hi,

I am a little confused about creating a share memory between a Non Secure and Secure worlds. As far as I understood, memory region should be placed in Non Secure Side (Linux in tz_vmm example), when a change of context is done you can send the addresses of that regions using cpu registers and looking into vm_state struct. Then, from Secure side must be a method to access to that region but I do not find the good way to configure Genode to perform that access. Is there any example of how that works?

actually, the whole main memory used by the non-secure side is available in the virtual machine monitor of our small example. Before booting, it is used to put the kernel image, and initramfs into it. After that, it can be used to reproduce processing of the virtual machine, for instance you might walk the page-tables of the VM to reconstruct pointers in the VM's registers etc.

Of course, you can use the shared main memory to transfer data between VMM and VM too. However, you would have to either transfer the physical address of the corresponding memory region via the VM's registers, or implement an appropriated software MMU to translate the VM's virtual address in the register into a physical address that can be located by the VMM. Luckily, there is already a simplified software MMU implementation within the VMM example code ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address of the memory region laying in the main memory of the VM, you've of course to translate again that physical address to the position in the address space of the VMM. Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); addr_t virt_addr = _vm->ram()->va(phys_addr);

I hope this is what you're looking for.

Regards Stefan

Regards, Pablo Anton.

El 02.12.2013 16:19, Stefan Kalkowski escribió:

...

Hi,

On 12/02/2013 03:48 PM, panton wrote:

...

Hi Stefan,

I know this is not a question about genode but I am having troubles compiling linux image for tz-vmm. Did you use genode toolchain?? Could I ask you the config options file you used for compiling (I was not able to get it from linux image)??

I didn't used the Genode toolchain, but the Codesourcery ARM cross compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode toolchain isn't used to compile a Linux system, it misses certain defines you need when compiling the Linux kernel.

The adapted kernel configuration file is part of the Linux fork I've mentioned in my previous mail. Here is the concrete file:

https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t...

Regards Stefan

...

Thanks you in advance.

Best regards. Pablo Anton.

El 28.11.2013 11:07, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/28/2013 10:52 AM, panton wrote:

...

Hi Stefan,

Thank you very much for your detailed explication. I am really lucky beacause it seems you are working right now on that matter (last genode/staging branch update was yesterday :)).

...

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

Now I am able to see files on ./base-hw/src/core/imx53/trustzone.

...

To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

So, I assume the linux image on http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a normal linux image for imx53_loco but neither a L4Linux (since the example is running without Fiasco.OC). Is there any repository where we could take that linux code?

Sure, branches including the changes for Versatile Express, and i.MX53 QSB/Tablet can be found on Github too:

git@...116...:skalk/linux.git

The branches are titled 'vexpress-tz', and 'imx53-tz'

...

About the example I only can say "Great work".

Thanks, that's music to my ears.

...

I was able to run it on hardware. Some little details that could help people:

...

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'

The resulting image is on elf, if you want to run it with uboot you should create a valid uImage using mkimage tool.

If you add a '--target uboot' to the RUN_OPT environment variable, the uImage is built automatically. Just add the following to your 'etc/build.conf' (I've missed that in the previous mail):

RUN_OPT = --target uboot

...

Now, I go to play!

Good luck, and best regards Stefan

...

Best regards Pablo Antón.

El 27.11.2013 22:47, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/26/2013 06:11 PM, panton wrote: > Hello, > > I want to create a virtualized system with Genode in my imx53 > board. > At > the moment, I am able to run Genode on the board with base-foc and > also > directly on hardware (base-hw). Thus, my plan was to run a linux > kernel > as a child node and hopefully run it into trustzone NS. Looking > into > Genode code I found base-hw/include/vm_session that seems to deal > with > virtualization. Furthermore there is a trustzone.cc into > base-hw/src/core.., but without real useful code.

well, this depends. There are trustzone.cc files for different platforms/configurations. In general, that file only contains additional kernel initialization routines needed. For instance, configuring IRQs to be "secure", or "non-secure", or configure TrustZone specific devices that can be configured in supervisor mode only. For configurations where no TrustZone is supported, or used that file contains an empty initialization indeed. I assume you've found that file.

> > I was wondering if there are implemented virtualization > capabilities > using trustzone or even without trustzone?

In fact, there is some kind of virtualization support using TrustZone. Although, TrustZone isn't designed to be a virtualization solution. Therefore, the "guest" needs to be aware what devices it is allowed to use. In contrast to the CPU (including MMU, Caches, etc.), there is no support to virtualize physical memory (including memory mapped I/O) for the non-secure "guest". That means guest physical addresses are in fact physical addresses. Dependent on the concrete platform, it might be possible to deny non-secure access to certain physical memory regions, like I/O memory of certain devices, and then use a trap-emulate approach. But in general this approach isn't guaranteed to work. Dependent on where the unit, which controls peripheral device memory (if existent at all), is located in the bus hierarchy of the SoC, it might provoke asynchronous external data-aborts in the CPU core, instead of synchronous ones. Thereby, it is impossible to recover the state, in which the protection fault was raised. To sum it up, the non-secure guest has to behave cooperatively, or it will fail. Trap-and-emulate doesn't work in general. Therefore, some lightweight form of para-virtualization of the guest OS is needed.

On ARM platforms, apart from the TrustZone "virtualization", Genode includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC kernel. ARM's virtualization extensions aren't supported yet, but we'll investigate it certainly.

> If so, it would be great to > have an example of how to use it.

A working basic example is available on Genode's current staging branch, and will be available in Genode's upcoming release 13.11, that will be announced this week. The example should work out of the box for ARM's Versatile Express Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to create a build directory for 'hw_imx53'. After creating the build directory, you've to adapt the 'etc/specs.conf' file, and add the following SPEC variable:

SPECS += trustzone

After that, do a 'make run/tz_vmm' in the build directory. The resulting image is located in 'var/run/tz_vmm/uImage'. The example scenario starts Genode's hw kernel, core, init, and the virtual machine monitor, which will boot Linux with a small busybox initramfs on the non-secure side.

A more sophisticated example, which runs on the i.MX53 SABRE tablet only, can be found on this topic branch:

https://github.com/skalk/genode/tree/i.MX53_tablet_demo

That example include virtual touchscreen support for the non-secure guest, so that you can interact with the secure Genode system, and the non-secure Android guest side-by-side.

> > Thanks in advance for answers!

You're welcome.

Best Regards Stefan

> > Best regards, > Pablo Anton > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. > Most > IT > organizations don't have a clear picture of how application > performance > affects their revenue. With AppDynamics, you get 100% visibility > into > your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of > AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main >

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi,

I am having some unexpected behavior accessing from Genode VMM to guest VM RAM.

Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only if r3 has a virtual address addr_t virt_addr = _vm->ram()->va(phys_addr);

Following the indication Stefan gave me, I am able to access to linux guest's memory by passing virtual address of desired memory region into registers (_vm->state()->r3), it also could be performed by passing physical addr instead of virtual addr and removing first instruction.

Problem is when you access to calculated virtual address's content (virt_addr), it is not always correct. First time I run my example app everything works fine, but next times, I gets unexpected values. I ckeck the physical address is right and the virtual address is just:

virt_addr = _local + (phys - _base);

I really don't know why that happen, the loaded memory sometime is the good one and sometimes is not. The MMU implementation used on VMM works fine, since it gives correct physical address from virtual one. The address passes into the register is also correct. Any idea of what could be happening??? Probably, I am missing some concepts of how mmu works, but I do not understand why it just fail in some cases.

Thanks in advanced.

Best regards, Pablo Anton.

El 10.12.2013 11:49, Stefan Kalkowski escribió:

Hi Pablo,

On 12/09/2013 04:31 PM, panton wrote:

...

Hi,

I am a little confused about creating a share memory between a Non Secure and Secure worlds. As far as I understood, memory region should be placed in Non Secure Side (Linux in tz_vmm example), when a change of context is done you can send the addresses of that regions using cpu registers and looking into vm_state struct. Then, from Secure side must be a method to access to that region but I do not find the good way to configure Genode to perform that access. Is there any example of how that works?

actually, the whole main memory used by the non-secure side is available in the virtual machine monitor of our small example. Before booting, it is used to put the kernel image, and initramfs into it. After that, it can be used to reproduce processing of the virtual machine, for instance you might walk the page-tables of the VM to reconstruct pointers in the VM's registers etc.

Of course, you can use the shared main memory to transfer data between VMM and VM too. However, you would have to either transfer the physical address of the corresponding memory region via the VM's registers, or implement an appropriated software MMU to translate the VM's virtual address in the register into a physical address that can be located by the VMM. Luckily, there is already a simplified software MMU implementation within the VMM example code ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address of the memory region laying in the main memory of the VM, you've of course to translate again that physical address to the position in the address space of the VMM. Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); addr_t virt_addr = _vm->ram()->va(phys_addr);

I hope this is what you're looking for.

Regards Stefan

...

Regards, Pablo Anton.

El 02.12.2013 16:19, Stefan Kalkowski escribió:

...

Hi,

On 12/02/2013 03:48 PM, panton wrote:

...

Hi Stefan,

I know this is not a question about genode but I am having troubles compiling linux image for tz-vmm. Did you use genode toolchain?? Could I ask you the config options file you used for compiling (I was not able to get it from linux image)??

I didn't used the Genode toolchain, but the Codesourcery ARM cross compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode toolchain isn't used to compile a Linux system, it misses certain defines you need when compiling the Linux kernel.

The adapted kernel configuration file is part of the Linux fork I've mentioned in my previous mail. Here is the concrete file:

https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t...

Regards Stefan

...

Thanks you in advance.

Best regards. Pablo Anton.

El 28.11.2013 11:07, Stefan Kalkowski escribió:

...

Hi Pablo,

On 11/28/2013 10:52 AM, panton wrote:

...

Hi Stefan,

Thank you very much for your detailed explication. I am really lucky beacause it seems you are working right now on that matter (last genode/staging branch update was yesterday :)).

> well, this depends. There are trustzone.cc files for different > platforms/configurations. In general, that file only contains > additional > kernel initialization routines needed. For instance, configuring > IRQs > to > be "secure", or "non-secure", or configure TrustZone specific > devices > that can be configured in supervisor mode only. > For configurations where no TrustZone is supported, or used that > file > contains an empty initialization indeed. I assume you've found > that > file.

Now I am able to see files on ./base-hw/src/core/imx53/trustzone.

> To sum it up, the non-secure guest has to behave cooperatively, > or > it > will fail. Trap-and-emulate doesn't work in general. Therefore, > some > lightweight form of para-virtualization of the guest OS is > needed.

So, I assume the linux image on http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a normal linux image for imx53_loco but neither a L4Linux (since the example is running without Fiasco.OC). Is there any repository where we could take that linux code?

Sure, branches including the changes for Versatile Express, and i.MX53 QSB/Tablet can be found on Github too:

git@...116...:skalk/linux.git

The branches are titled 'vexpress-tz', and 'imx53-tz'

...

About the example I only can say "Great work".

Thanks, that's music to my ears.

...

I was able to run it on hardware. Some little details that could help people:

> After that, do a 'make run/tz_vmm' in the build directory. The > resulting > image is located in 'var/run/tz_vmm/uImage'

The resulting image is on elf, if you want to run it with uboot you should create a valid uImage using mkimage tool.

If you add a '--target uboot' to the RUN_OPT environment variable, the uImage is built automatically. Just add the following to your 'etc/build.conf' (I've missed that in the previous mail):

RUN_OPT = --target uboot

...

Now, I go to play!

Good luck, and best regards Stefan

...

Best regards Pablo Antón.

El 27.11.2013 22:47, Stefan Kalkowski escribió: > Hi Pablo, > > On 11/26/2013 06:11 PM, panton wrote: >> Hello, >> >> I want to create a virtualized system with Genode in my imx53 >> board. >> At >> the moment, I am able to run Genode on the board with base-foc >> and >> also >> directly on hardware (base-hw). Thus, my plan was to run a linux >> kernel >> as a child node and hopefully run it into trustzone NS. Looking >> into >> Genode code I found base-hw/include/vm_session that seems to >> deal >> with >> virtualization. Furthermore there is a trustzone.cc into >> base-hw/src/core.., but without real useful code. > > well, this depends. There are trustzone.cc files for different > platforms/configurations. In general, that file only contains > additional > kernel initialization routines needed. For instance, configuring > IRQs > to > be "secure", or "non-secure", or configure TrustZone specific > devices > that can be configured in supervisor mode only. > For configurations where no TrustZone is supported, or used that > file > contains an empty initialization indeed. I assume you've found > that > file. > >> >> I was wondering if there are implemented virtualization >> capabilities >> using trustzone or even without trustzone? > > In fact, there is some kind of virtualization support using > TrustZone. > Although, TrustZone isn't designed to be a virtualization > solution. > Therefore, the "guest" needs to be aware what devices it is > allowed > to > use. In contrast to the CPU (including MMU, Caches, etc.), there > is > no > support to virtualize physical memory (including memory mapped > I/O) > for > the non-secure "guest". That means guest physical addresses are > in > fact > physical addresses. Dependent on the concrete platform, it might > be > possible to deny non-secure access to certain physical memory > regions, > like I/O memory of certain devices, and then use a trap-emulate > approach. But in general this approach isn't guaranteed to work. > Dependent on where the unit, which controls peripheral device > memory > (if > existent at all), is located in the bus hierarchy of the SoC, it > might > provoke asynchronous external data-aborts in the CPU core, > instead > of > synchronous ones. Thereby, it is impossible to recover the state, > in > which the protection fault was raised. > To sum it up, the non-secure guest has to behave cooperatively, > or > it > will fail. Trap-and-emulate doesn't work in general. Therefore, > some > lightweight form of para-virtualization of the guest OS is > needed. > > On ARM platforms, apart from the TrustZone "virtualization", > Genode > includes support of L4Linux, a para-virtualized Linux for the > Fiasco.OC > kernel. ARM's virtualization extensions aren't supported yet, but > we'll > investigate it certainly. > >> If so, it would be great to >> have an example of how to use it. > > A working basic example is available on Genode's current staging > branch, > and will be available in Genode's upcoming release 13.11, that > will > be > announced this week. > The example should work out of the box for ARM's Versatile > Express > Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll > have > to > create a build directory for 'hw_imx53'. After creating the build > directory, you've to adapt the 'etc/specs.conf' file, and add the > following SPEC variable: > > SPECS += trustzone > > After that, do a 'make run/tz_vmm' in the build directory. The > resulting > image is located in 'var/run/tz_vmm/uImage'. The example scenario > starts > Genode's hw kernel, core, init, and the virtual machine monitor, > which > will boot Linux with a small busybox initramfs on the non-secure > side. > > A more sophisticated example, which runs on the i.MX53 SABRE > tablet > only, can be found on this topic branch: > > https://github.com/skalk/genode/tree/i.MX53_tablet_demo > > That example include virtual touchscreen support for the > non-secure > guest, so that you can interact with the secure Genode system, > and > the > non-secure Android guest side-by-side. > >> >> Thanks in advance for answers! > > You're welcome. > > Best Regards > Stefan > >> >> Best regards, >> Pablo Anton >> >> ------------------------------------------------------------------------------ >> Rapidly troubleshoot problems before they affect your business. >> Most >> IT >> organizations don't have a clear picture of how application >> performance >> affects their revenue. With AppDynamics, you get 100% visibility >> into >> your >> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >> AppDynamics Pro! >> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main >> > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. > Most > IT > organizations don't have a clear picture of how application > performance > affects their revenue. With AppDynamics, you get 100% visibility > into > your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of > AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Stefan,

thank you again. I added a "flush_cache_all();" before the "smc #0" just to see the result and it works! Now, I am going to look for a better option, since I guess flushing all cache is not necessary.

Regards. Pablo

El 17.12.2013 11:24, Stefan Kalkowski escribió:

Hi Pablo,

On 12/16/2013 05:06 PM, panton wrote:

...

Hi,

I am having some unexpected behavior accessing from Genode VMM to guest VM RAM.

...

Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only if r3 has a virtual address addr_t virt_addr = _vm->ram()->va(phys_addr);

Following the indication Stefan gave me, I am able to access to linux guest's memory by passing virtual address of desired memory region into registers (_vm->state()->r3), it also could be performed by passing physical addr instead of virtual addr and removing first instruction.

Problem is when you access to calculated virtual address's content (virt_addr), it is not always correct. First time I run my example app everything works fine, but next times, I gets unexpected values. I ckeck the physical address is right and the virtual address is just:

virt_addr = _local + (phys - _base);

I really don't know why that happen, the loaded memory sometime is the good one and sometimes is not. The MMU implementation used on VMM works fine, since it gives correct physical address from virtual one. The address passes into the register is also correct. Any idea of what could be happening??? Probably, I am missing some concepts of how mmu works, but I do not understand why it just fail in some cases.

If you observe differences between VMM and VM when accessing the same physical memory region, there are two possibilities. First: the cache of the non-secure side isn't flushed, or second the secure side is using the non-secure side's RAM portion through the cache. As both side's cache entries are handled independently of each other, the secure side doesn't see non-secure cache entries, and vice versa.

On the secure side, we've enforced that the non-secure side's RAM doesn't pollute the cache, by marking the corresponding page table entries as being non-cacheable.

On the VM's side, you've to ensure to either mark the corresponding memory region, you want to share with the secure side, as being non-cacheable memory (like it's done for I/O memory), or by selectively flushing that memory area within the cache, before doing a VMM call.

Best regards Stefan

...

Thanks in advanced.

Best regards, Pablo Anton.

El 10.12.2013 11:49, Stefan Kalkowski escribió:

...

Hi Pablo,

On 12/09/2013 04:31 PM, panton wrote:

...

Hi,

I am a little confused about creating a share memory between a Non Secure and Secure worlds. As far as I understood, memory region should be placed in Non Secure Side (Linux in tz_vmm example), when a change of context is done you can send the addresses of that regions using cpu registers and looking into vm_state struct. Then, from Secure side must be a method to access to that region but I do not find the good way to configure Genode to perform that access. Is there any example of how that works?

actually, the whole main memory used by the non-secure side is available in the virtual machine monitor of our small example. Before booting, it is used to put the kernel image, and initramfs into it. After that, it can be used to reproduce processing of the virtual machine, for instance you might walk the page-tables of the VM to reconstruct pointers in the VM's registers etc.

Of course, you can use the shared main memory to transfer data between VMM and VM too. However, you would have to either transfer the physical address of the corresponding memory region via the VM's registers, or implement an appropriated software MMU to translate the VM's virtual address in the register into a physical address that can be located by the VMM. Luckily, there is already a simplified software MMU implementation within the VMM example code ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address of the memory region laying in the main memory of the VM, you've of course to translate again that physical address to the position in the address space of the VMM. Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); addr_t virt_addr = _vm->ram()->va(phys_addr);

I hope this is what you're looking for.

Regards Stefan

...

Regards, Pablo Anton.

El 02.12.2013 16:19, Stefan Kalkowski escribió:

...

Hi,

On 12/02/2013 03:48 PM, panton wrote:

...

Hi Stefan,

I know this is not a question about genode but I am having troubles compiling linux image for tz-vmm. Did you use genode toolchain?? Could I ask you the config options file you used for compiling (I was not able to get it from linux image)??

I didn't used the Genode toolchain, but the Codesourcery ARM cross compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode toolchain isn't used to compile a Linux system, it misses certain defines you need when compiling the Linux kernel.

The adapted kernel configuration file is part of the Linux fork I've mentioned in my previous mail. Here is the concrete file:

https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t...

Regards Stefan

...

Thanks you in advance.

Best regards. Pablo Anton.

El 28.11.2013 11:07, Stefan Kalkowski escribió: > Hi Pablo, > > On 11/28/2013 10:52 AM, panton wrote: >> Hi Stefan, >> >> Thank you very much for your detailed explication. I am really >> lucky >> beacause it seems you are working right now on that matter (last >> genode/staging branch update was yesterday :)). >> >>> well, this depends. There are trustzone.cc files for different >>> platforms/configurations. In general, that file only contains >>> additional >>> kernel initialization routines needed. For instance, >>> configuring >>> IRQs >>> to >>> be "secure", or "non-secure", or configure TrustZone specific >>> devices >>> that can be configured in supervisor mode only. >>> For configurations where no TrustZone is supported, or used >>> that >>> file >>> contains an empty initialization indeed. I assume you've found >>> that >>> file. >> >> Now I am able to see files on >> ./base-hw/src/core/imx53/trustzone. >> >>> To sum it up, the non-secure guest has to behave cooperatively, >>> or >>> it >>> will fail. Trap-and-emulate doesn't work in general. Therefore, >>> some >>> lightweight form of para-virtualization of the guest OS is >>> needed. >> >> So, I assume the linux image on >> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is >> not >> a >> normal linux image for imx53_loco but neither a L4Linux (since >> the >> example is running without Fiasco.OC). Is there any repository >> where >> we >> could take that linux code? >> > > Sure, branches including the changes for Versatile Express, and > i.MX53 > QSB/Tablet can be found on Github too: > > git@...116...:skalk/linux.git > > The branches are titled 'vexpress-tz', and 'imx53-tz' > >> >> About the example I only can say "Great work". > > Thanks, that's music to my ears. > >> I was able to run it on >> hardware. Some little details that could help people: >> >>> After that, do a 'make run/tz_vmm' in the build directory. The >>> resulting >>> image is located in 'var/run/tz_vmm/uImage' >> >> The resulting image is on elf, if you want to run it with uboot >> you >> should create a valid uImage using mkimage tool. >> > > If you add a '--target uboot' to the RUN_OPT environment > variable, > the > uImage is built automatically. Just add the following to your > 'etc/build.conf' (I've missed that in the previous mail): > > RUN_OPT = --target uboot > >> Now, I go to play! > > Good luck, and > best regards > Stefan > >> >> Best regards >> Pablo Antón. >> >> >> El 27.11.2013 22:47, Stefan Kalkowski escribió: >>> Hi Pablo, >>> >>> On 11/26/2013 06:11 PM, panton wrote: >>>> Hello, >>>> >>>> I want to create a virtualized system with Genode in my imx53 >>>> board. >>>> At >>>> the moment, I am able to run Genode on the board with base-foc >>>> and >>>> also >>>> directly on hardware (base-hw). Thus, my plan was to run a >>>> linux >>>> kernel >>>> as a child node and hopefully run it into trustzone NS. >>>> Looking >>>> into >>>> Genode code I found base-hw/include/vm_session that seems to >>>> deal >>>> with >>>> virtualization. Furthermore there is a trustzone.cc into >>>> base-hw/src/core.., but without real useful code. >>> >>> well, this depends. There are trustzone.cc files for different >>> platforms/configurations. In general, that file only contains >>> additional >>> kernel initialization routines needed. For instance, >>> configuring >>> IRQs >>> to >>> be "secure", or "non-secure", or configure TrustZone specific >>> devices >>> that can be configured in supervisor mode only. >>> For configurations where no TrustZone is supported, or used >>> that >>> file >>> contains an empty initialization indeed. I assume you've found >>> that >>> file. >>> >>>> >>>> I was wondering if there are implemented virtualization >>>> capabilities >>>> using trustzone or even without trustzone? >>> >>> In fact, there is some kind of virtualization support using >>> TrustZone. >>> Although, TrustZone isn't designed to be a virtualization >>> solution. >>> Therefore, the "guest" needs to be aware what devices it is >>> allowed >>> to >>> use. In contrast to the CPU (including MMU, Caches, etc.), >>> there >>> is >>> no >>> support to virtualize physical memory (including memory mapped >>> I/O) >>> for >>> the non-secure "guest". That means guest physical addresses are >>> in >>> fact >>> physical addresses. Dependent on the concrete platform, it >>> might >>> be >>> possible to deny non-secure access to certain physical memory >>> regions, >>> like I/O memory of certain devices, and then use a trap-emulate >>> approach. But in general this approach isn't guaranteed to >>> work. >>> Dependent on where the unit, which controls peripheral device >>> memory >>> (if >>> existent at all), is located in the bus hierarchy of the SoC, >>> it >>> might >>> provoke asynchronous external data-aborts in the CPU core, >>> instead >>> of >>> synchronous ones. Thereby, it is impossible to recover the >>> state, >>> in >>> which the protection fault was raised. >>> To sum it up, the non-secure guest has to behave cooperatively, >>> or >>> it >>> will fail. Trap-and-emulate doesn't work in general. Therefore, >>> some >>> lightweight form of para-virtualization of the guest OS is >>> needed. >>> >>> On ARM platforms, apart from the TrustZone "virtualization", >>> Genode >>> includes support of L4Linux, a para-virtualized Linux for the >>> Fiasco.OC >>> kernel. ARM's virtualization extensions aren't supported yet, >>> but >>> we'll >>> investigate it certainly. >>> >>>> If so, it would be great to >>>> have an example of how to use it. >>> >>> A working basic example is available on Genode's current >>> staging >>> branch, >>> and will be available in Genode's upcoming release 13.11, that >>> will >>> be >>> announced this week. >>> The example should work out of the box for ARM's Versatile >>> Express >>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll >>> have >>> to >>> create a build directory for 'hw_imx53'. After creating the >>> build >>> directory, you've to adapt the 'etc/specs.conf' file, and add >>> the >>> following SPEC variable: >>> >>> SPECS += trustzone >>> >>> After that, do a 'make run/tz_vmm' in the build directory. The >>> resulting >>> image is located in 'var/run/tz_vmm/uImage'. The example >>> scenario >>> starts >>> Genode's hw kernel, core, init, and the virtual machine >>> monitor, >>> which >>> will boot Linux with a small busybox initramfs on the >>> non-secure >>> side. >>> >>> A more sophisticated example, which runs on the i.MX53 SABRE >>> tablet >>> only, can be found on this topic branch: >>> >>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo >>> >>> That example include virtual touchscreen support for the >>> non-secure >>> guest, so that you can interact with the secure Genode system, >>> and >>> the >>> non-secure Android guest side-by-side. >>> >>>> >>>> Thanks in advance for answers! >>> >>> You're welcome. >>> >>> Best Regards >>> Stefan >>> >>>> >>>> Best regards, >>>> Pablo Anton >>>> >>>> ------------------------------------------------------------------------------ >>>> Rapidly troubleshoot problems before they affect your >>>> business. >>>> Most >>>> IT >>>> organizations don't have a clear picture of how application >>>> performance >>>> affects their revenue. With AppDynamics, you get 100% >>>> visibility >>>> into >>>> your >>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>> AppDynamics Pro! >>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>> _______________________________________________ >>>> Genode-main mailing list >>>> Genode-main@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>> >>> -- >>> Stefan Kalkowski >>> Genode Labs >>> >>> http://www.genode-labs.com/ · http://genode.org/ >>> >>> ------------------------------------------------------------------------------ >>> Rapidly troubleshoot problems before they affect your business. >>> Most >>> IT >>> organizations don't have a clear picture of how application >>> performance >>> affects their revenue. With AppDynamics, you get 100% >>> visibility >>> into >>> your >>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>> AppDynamics Pro! >>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>> _______________________________________________ >>> Genode-main mailing list >>> Genode-main@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/genode-main >> >> ------------------------------------------------------------------------------ >> Rapidly troubleshoot problems before they affect your business. >> Most >> IT >> organizations don't have a clear picture of how application >> performance >> affects their revenue. With AppDynamics, you get 100% visibility >> into >> your >> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >> AppDynamics Pro! >> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main >> > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. > Most > IT > organizations don't have a clear picture of how application > performance > affects their revenue. With AppDynamics, you get 100% visibility > into > your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of > AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Pablo,

On 01/15/2014 05:50 PM, panton wrote:

Hi all,

We continue working with Genode and Trustzone. We have created a architecture a little more complex that the one into os/server/tz_vmm. The idea is to have a secure DRM app (running on genode side) and a player App running on Non Secure linux. At this point, we would like to have some video output controling by non secure linux side.

Looking at specific modified Linux for imx53, we have realised about several modifications into drivers/video/mxc/mxc_ipuv3_fb.c which avoid the access to IPU directly from linux (making a smc call that is handled by vmm). I am wondering if will be possible of configuring the system to allow mxc framebuffer working on linux without the knowledge of Genode?

first I've to say, in our TrustZone Genode/Android scenario both worlds secure and non-secure side can render output on the screen, but the secure, Genode side controls where/when the non-secure framebuffer is displayed. The 'smc' call from Linux to the VMM only transfers the memory address of the framebuffer, which Linux is using. The VMM uses a special overlay mechanism of the Freescale IPU hardware via our framebuffer driver, to show Linux' framebuffer at some offset of the screen. With other words, the hardware directly copies Linux framebuffer content without additional interaction with the VMM. Moreover, Linux/Android also uses the GPU directly and exclusively for 2D and 3D optimizations. Therefore, Linux/Android's graphical performance is almost the same, running natively on the hardware, or within the non-secure environment, and without direct access to the IPU.

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

Regards Stefan

Thanks in advance, Pablo.

El 17.12.2013 13:54, panton escribió:

...

Hi Stefan,

thank you again. I added a "flush_cache_all();" before the "smc #0" just to see the result and it works! Now, I am going to look for a better option, since I guess flushing all cache is not necessary.

Regards. Pablo

El 17.12.2013 11:24, Stefan Kalkowski escribió:

...

Hi Pablo,

On 12/16/2013 05:06 PM, panton wrote:

...

Hi,

I am having some unexpected behavior accessing from Genode VMM to guest VM RAM.

...

Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only if r3 has a virtual address addr_t virt_addr = _vm->ram()->va(phys_addr);

Following the indication Stefan gave me, I am able to access to linux guest's memory by passing virtual address of desired memory region into registers (_vm->state()->r3), it also could be performed by passing physical addr instead of virtual addr and removing first instruction.

Problem is when you access to calculated virtual address's content (virt_addr), it is not always correct. First time I run my example app everything works fine, but next times, I gets unexpected values. I ckeck the physical address is right and the virtual address is just:

virt_addr = _local + (phys - _base);

I really don't know why that happen, the loaded memory sometime is the good one and sometimes is not. The MMU implementation used on VMM works fine, since it gives correct physical address from virtual one. The address passes into the register is also correct. Any idea of what could be happening??? Probably, I am missing some concepts of how mmu works, but I do not understand why it just fail in some cases.

If you observe differences between VMM and VM when accessing the same physical memory region, there are two possibilities. First: the cache of the non-secure side isn't flushed, or second the secure side is using the non-secure side's RAM portion through the cache. As both side's cache entries are handled independently of each other, the secure side doesn't see non-secure cache entries, and vice versa.

On the secure side, we've enforced that the non-secure side's RAM doesn't pollute the cache, by marking the corresponding page table entries as being non-cacheable.

On the VM's side, you've to ensure to either mark the corresponding memory region, you want to share with the secure side, as being non-cacheable memory (like it's done for I/O memory), or by selectively flushing that memory area within the cache, before doing a VMM call.

Best regards Stefan

...

Thanks in advanced.

Best regards, Pablo Anton.

El 10.12.2013 11:49, Stefan Kalkowski escribió:

...

Hi Pablo,

On 12/09/2013 04:31 PM, panton wrote:

...

Hi,

I am a little confused about creating a share memory between a Non Secure and Secure worlds. As far as I understood, memory region should be placed in Non Secure Side (Linux in tz_vmm example), when a change of context is done you can send the addresses of that regions using cpu registers and looking into vm_state struct. Then, from Secure side must be a method to access to that region but I do not find the good way to configure Genode to perform that access. Is there any example of how that works?

actually, the whole main memory used by the non-secure side is available in the virtual machine monitor of our small example. Before booting, it is used to put the kernel image, and initramfs into it. After that, it can be used to reproduce processing of the virtual machine, for instance you might walk the page-tables of the VM to reconstruct pointers in the VM's registers etc.

Of course, you can use the shared main memory to transfer data between VMM and VM too. However, you would have to either transfer the physical address of the corresponding memory region via the VM's registers, or implement an appropriated software MMU to translate the VM's virtual address in the register into a physical address that can be located by the VMM. Luckily, there is already a simplified software MMU implementation within the VMM example code ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address of the memory region laying in the main memory of the VM, you've of course to translate again that physical address to the position in the address space of the VMM. Assuming, you've put the corresponding memory region's address into register r3 within your para-virtualization code in the guest VM. Then the following procedure will give you the memory region within the VMM object:

addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); addr_t virt_addr = _vm->ram()->va(phys_addr);

I hope this is what you're looking for.

Regards Stefan

...

Regards, Pablo Anton.

El 02.12.2013 16:19, Stefan Kalkowski escribió: > Hi, > > On 12/02/2013 03:48 PM, panton wrote: >> Hi Stefan, >> >> I know this is not a question about genode but I am having >> troubles >> compiling linux image for tz-vmm. Did you use genode toolchain?? >> Could >> I >> ask you the config options file you used for compiling (I was not >> able >> to get it from linux image)?? > > I didn't used the Genode toolchain, but the Codesourcery ARM cross > compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode > toolchain isn't used to compile a Linux system, it misses certain > defines you need when compiling the Linux kernel. > > The adapted kernel configuration file is part of the Linux fork > I've > mentioned in my previous mail. Here is the concrete file: > > https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t... > > Regards > Stefan > >> >> Thanks you in advance. >> >> Best regards. >> Pablo Anton. >> >> El 28.11.2013 11:07, Stefan Kalkowski escribió: >>> Hi Pablo, >>> >>> On 11/28/2013 10:52 AM, panton wrote: >>>> Hi Stefan, >>>> >>>> Thank you very much for your detailed explication. I am really >>>> lucky >>>> beacause it seems you are working right now on that matter >>>> (last >>>> genode/staging branch update was yesterday :)). >>>> >>>>> well, this depends. There are trustzone.cc files for different >>>>> platforms/configurations. In general, that file only contains >>>>> additional >>>>> kernel initialization routines needed. For instance, >>>>> configuring >>>>> IRQs >>>>> to >>>>> be "secure", or "non-secure", or configure TrustZone specific >>>>> devices >>>>> that can be configured in supervisor mode only. >>>>> For configurations where no TrustZone is supported, or used >>>>> that >>>>> file >>>>> contains an empty initialization indeed. I assume you've found >>>>> that >>>>> file. >>>> >>>> Now I am able to see files on >>>> ./base-hw/src/core/imx53/trustzone. >>>> >>>>> To sum it up, the non-secure guest has to behave >>>>> cooperatively, >>>>> or >>>>> it >>>>> will fail. Trap-and-emulate doesn't work in general. >>>>> Therefore, >>>>> some >>>>> lightweight form of para-virtualization of the guest OS is >>>>> needed. >>>> >>>> So, I assume the linux image on >>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is >>>> not >>>> a >>>> normal linux image for imx53_loco but neither a L4Linux (since >>>> the >>>> example is running without Fiasco.OC). Is there any repository >>>> where >>>> we >>>> could take that linux code? >>>> >>> >>> Sure, branches including the changes for Versatile Express, and >>> i.MX53 >>> QSB/Tablet can be found on Github too: >>> >>> git@...116...:skalk/linux.git >>> >>> The branches are titled 'vexpress-tz', and 'imx53-tz' >>> >>>> >>>> About the example I only can say "Great work". >>> >>> Thanks, that's music to my ears. >>> >>>> I was able to run it on >>>> hardware. Some little details that could help people: >>>> >>>>> After that, do a 'make run/tz_vmm' in the build directory. The >>>>> resulting >>>>> image is located in 'var/run/tz_vmm/uImage' >>>> >>>> The resulting image is on elf, if you want to run it with uboot >>>> you >>>> should create a valid uImage using mkimage tool. >>>> >>> >>> If you add a '--target uboot' to the RUN_OPT environment >>> variable, >>> the >>> uImage is built automatically. Just add the following to your >>> 'etc/build.conf' (I've missed that in the previous mail): >>> >>> RUN_OPT = --target uboot >>> >>>> Now, I go to play! >>> >>> Good luck, and >>> best regards >>> Stefan >>> >>>> >>>> Best regards >>>> Pablo Antón. >>>> >>>> >>>> El 27.11.2013 22:47, Stefan Kalkowski escribió: >>>>> Hi Pablo, >>>>> >>>>> On 11/26/2013 06:11 PM, panton wrote: >>>>>> Hello, >>>>>> >>>>>> I want to create a virtualized system with Genode in my imx53 >>>>>> board. >>>>>> At >>>>>> the moment, I am able to run Genode on the board with >>>>>> base-foc >>>>>> and >>>>>> also >>>>>> directly on hardware (base-hw). Thus, my plan was to run a >>>>>> linux >>>>>> kernel >>>>>> as a child node and hopefully run it into trustzone NS. >>>>>> Looking >>>>>> into >>>>>> Genode code I found base-hw/include/vm_session that seems to >>>>>> deal >>>>>> with >>>>>> virtualization. Furthermore there is a trustzone.cc into >>>>>> base-hw/src/core.., but without real useful code. >>>>> >>>>> well, this depends. There are trustzone.cc files for different >>>>> platforms/configurations. In general, that file only contains >>>>> additional >>>>> kernel initialization routines needed. For instance, >>>>> configuring >>>>> IRQs >>>>> to >>>>> be "secure", or "non-secure", or configure TrustZone specific >>>>> devices >>>>> that can be configured in supervisor mode only. >>>>> For configurations where no TrustZone is supported, or used >>>>> that >>>>> file >>>>> contains an empty initialization indeed. I assume you've found >>>>> that >>>>> file. >>>>> >>>>>> >>>>>> I was wondering if there are implemented virtualization >>>>>> capabilities >>>>>> using trustzone or even without trustzone? >>>>> >>>>> In fact, there is some kind of virtualization support using >>>>> TrustZone. >>>>> Although, TrustZone isn't designed to be a virtualization >>>>> solution. >>>>> Therefore, the "guest" needs to be aware what devices it is >>>>> allowed >>>>> to >>>>> use. In contrast to the CPU (including MMU, Caches, etc.), >>>>> there >>>>> is >>>>> no >>>>> support to virtualize physical memory (including memory mapped >>>>> I/O) >>>>> for >>>>> the non-secure "guest". That means guest physical addresses >>>>> are >>>>> in >>>>> fact >>>>> physical addresses. Dependent on the concrete platform, it >>>>> might >>>>> be >>>>> possible to deny non-secure access to certain physical memory >>>>> regions, >>>>> like I/O memory of certain devices, and then use a >>>>> trap-emulate >>>>> approach. But in general this approach isn't guaranteed to >>>>> work. >>>>> Dependent on where the unit, which controls peripheral device >>>>> memory >>>>> (if >>>>> existent at all), is located in the bus hierarchy of the SoC, >>>>> it >>>>> might >>>>> provoke asynchronous external data-aborts in the CPU core, >>>>> instead >>>>> of >>>>> synchronous ones. Thereby, it is impossible to recover the >>>>> state, >>>>> in >>>>> which the protection fault was raised. >>>>> To sum it up, the non-secure guest has to behave >>>>> cooperatively, >>>>> or >>>>> it >>>>> will fail. Trap-and-emulate doesn't work in general. >>>>> Therefore, >>>>> some >>>>> lightweight form of para-virtualization of the guest OS is >>>>> needed. >>>>> >>>>> On ARM platforms, apart from the TrustZone "virtualization", >>>>> Genode >>>>> includes support of L4Linux, a para-virtualized Linux for the >>>>> Fiasco.OC >>>>> kernel. ARM's virtualization extensions aren't supported yet, >>>>> but >>>>> we'll >>>>> investigate it certainly. >>>>> >>>>>> If so, it would be great to >>>>>> have an example of how to use it. >>>>> >>>>> A working basic example is available on Genode's current >>>>> staging >>>>> branch, >>>>> and will be available in Genode's upcoming release 13.11, that >>>>> will >>>>> be >>>>> announced this week. >>>>> The example should work out of the box for ARM's Versatile >>>>> Express >>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll >>>>> have >>>>> to >>>>> create a build directory for 'hw_imx53'. After creating the >>>>> build >>>>> directory, you've to adapt the 'etc/specs.conf' file, and add >>>>> the >>>>> following SPEC variable: >>>>> >>>>> SPECS += trustzone >>>>> >>>>> After that, do a 'make run/tz_vmm' in the build directory. The >>>>> resulting >>>>> image is located in 'var/run/tz_vmm/uImage'. The example >>>>> scenario >>>>> starts >>>>> Genode's hw kernel, core, init, and the virtual machine >>>>> monitor, >>>>> which >>>>> will boot Linux with a small busybox initramfs on the >>>>> non-secure >>>>> side. >>>>> >>>>> A more sophisticated example, which runs on the i.MX53 SABRE >>>>> tablet >>>>> only, can be found on this topic branch: >>>>> >>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo >>>>> >>>>> That example include virtual touchscreen support for the >>>>> non-secure >>>>> guest, so that you can interact with the secure Genode system, >>>>> and >>>>> the >>>>> non-secure Android guest side-by-side. >>>>> >>>>>> >>>>>> Thanks in advance for answers! >>>>> >>>>> You're welcome. >>>>> >>>>> Best Regards >>>>> Stefan >>>>> >>>>>> >>>>>> Best regards, >>>>>> Pablo Anton >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Rapidly troubleshoot problems before they affect your >>>>>> business. >>>>>> Most >>>>>> IT >>>>>> organizations don't have a clear picture of how application >>>>>> performance >>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>> visibility >>>>>> into >>>>>> your >>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>>> AppDynamics Pro! >>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>> _______________________________________________ >>>>>> Genode-main mailing list >>>>>> Genode-main@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>> >>>>> >>>>> -- >>>>> Stefan Kalkowski >>>>> Genode Labs >>>>> >>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Rapidly troubleshoot problems before they affect your >>>>> business. >>>>> Most >>>>> IT >>>>> organizations don't have a clear picture of how application >>>>> performance >>>>> affects their revenue. With AppDynamics, you get 100% >>>>> visibility >>>>> into >>>>> your >>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>> AppDynamics Pro! >>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>> _______________________________________________ >>>>> Genode-main mailing list >>>>> Genode-main@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>>> ------------------------------------------------------------------------------ >>>> Rapidly troubleshoot problems before they affect your business. >>>> Most >>>> IT >>>> organizations don't have a clear picture of how application >>>> performance >>>> affects their revenue. With AppDynamics, you get 100% >>>> visibility >>>> into >>>> your >>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>> AppDynamics Pro! >>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>> _______________________________________________ >>>> Genode-main mailing list >>>> Genode-main@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>> >>> -- >>> Stefan Kalkowski >>> Genode Labs >>> >>> http://www.genode-labs.com/ · http://genode.org/ >>> >>> ------------------------------------------------------------------------------ >>> Rapidly troubleshoot problems before they affect your business. >>> Most >>> IT >>> organizations don't have a clear picture of how application >>> performance >>> affects their revenue. With AppDynamics, you get 100% visibility >>> into >>> your >>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>> AppDynamics Pro! >>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>> _______________________________________________ >>> Genode-main mailing list >>> Genode-main@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/genode-main >> >> ------------------------------------------------------------------------------ >> Rapidly troubleshoot problems before they affect your business. >> Most >> IT >> organizations don't have a clear picture of how application >> performance >> affects their revenue. With AppDynamics, you get 100% visibility >> into >> your >> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >> AppDynamics Pro! >> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main >> > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. > Most > IT > organizations don't have a clear picture of how application > performance > affects their revenue. With AppDynamics, you get 100% visibility > into > your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of > AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Sponsored by Intel(R) XDK Develop, test and display web and hybrid apps with a single code base. Download it for free now! http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Regarding my incompetence with trustzone and framebuffer, I have tried to check if at least the framebuffer implemented in Genode works (for sure it works) without any trustzone module. I have run os/src/test/framebuffer/main.cc toguether with drivers/fb_drv, drivers/timer, drivers/gpio_drv, drivers/platform_drv. Everything seems to work fine (except some "no found config file" output).

..... [init -> test-framebuffer] framebuffer is 800x480@...23... [init -> test-framebuffer] black [init -> test-framebuffer] blue [init -> test-framebuffer] green

The problem is that I get nothing on screen. Whit VGA I have no signal on the screen, with the lvds connector I get screen signal at least. Any ideas??

Sorry to be boring about that matter, and thanks.

Regards, Pablo.

El 22.01.2014 15:36, panton escribió:

Hi Stefan,

thanks again for your help.

...

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

I did some changes according with indications you gave me. Unfortunately, I can not say it was success. I am having troubles when linux try to configure some GPIO directions. Should I change some specific thing into Genode to allow Linux handle GPIO?

Thanks.

Regards, Pablo.

El 17.01.2014 22:40, Stefan Kalkowski escribió:

...

Hi Pablo,

On 01/15/2014 05:50 PM, panton wrote:

...

Hi all,

We continue working with Genode and Trustzone. We have created a architecture a little more complex that the one into os/server/tz_vmm. The idea is to have a secure DRM app (running on genode side) and a player App running on Non Secure linux. At this point, we would like to have some video output controling by non secure linux side.

Looking at specific modified Linux for imx53, we have realised about several modifications into drivers/video/mxc/mxc_ipuv3_fb.c which avoid the access to IPU directly from linux (making a smc call that is handled by vmm). I am wondering if will be possible of configuring the system to allow mxc framebuffer working on linux without the knowledge of Genode?

first I've to say, in our TrustZone Genode/Android scenario both worlds secure and non-secure side can render output on the screen, but the secure, Genode side controls where/when the non-secure framebuffer is displayed. The 'smc' call from Linux to the VMM only transfers the memory address of the framebuffer, which Linux is using. The VMM uses a special overlay mechanism of the Freescale IPU hardware via our framebuffer driver, to show Linux' framebuffer at some offset of the screen. With other words, the hardware directly copies Linux framebuffer content without additional interaction with the VMM. Moreover, Linux/Android also uses the GPU directly and exclusively for 2D and 3D optimizations. Therefore, Linux/Android's graphical performance is almost the same, running natively on the hardware, or within the non-secure environment, and without direct access to the IPU.

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

Regards Stefan

...

Thanks in advance, Pablo.

El 17.12.2013 13:54, panton escribió:

...

Hi Stefan,

thank you again. I added a "flush_cache_all();" before the "smc #0" just to see the result and it works! Now, I am going to look for a better option, since I guess flushing all cache is not necessary.

Regards. Pablo

El 17.12.2013 11:24, Stefan Kalkowski escribió:

...

Hi Pablo,

On 12/16/2013 05:06 PM, panton wrote:

...

Hi,

I am having some unexpected behavior accessing from Genode VMM to guest VM RAM.

> Assuming, you've put the corresponding memory > region's address into register r3 within your para-virtualization > code > in the guest VM. Then the following procedure will give you the > memory > region within the VMM object: > > addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only if > r3 > has a virtual address > addr_t virt_addr = _vm->ram()->va(phys_addr);

Following the indication Stefan gave me, I am able to access to linux guest's memory by passing virtual address of desired memory region into registers (_vm->state()->r3), it also could be performed by passing physical addr instead of virtual addr and removing first instruction.

Problem is when you access to calculated virtual address's content (virt_addr), it is not always correct. First time I run my example app everything works fine, but next times, I gets unexpected values. I ckeck the physical address is right and the virtual address is just:

virt_addr = _local + (phys - _base);

I really don't know why that happen, the loaded memory sometime is the good one and sometimes is not. The MMU implementation used on VMM works fine, since it gives correct physical address from virtual one. The address passes into the register is also correct. Any idea of what could be happening??? Probably, I am missing some concepts of how mmu works, but I do not understand why it just fail in some cases.

If you observe differences between VMM and VM when accessing the same physical memory region, there are two possibilities. First: the cache of the non-secure side isn't flushed, or second the secure side is using the non-secure side's RAM portion through the cache. As both side's cache entries are handled independently of each other, the secure side doesn't see non-secure cache entries, and vice versa.

On the secure side, we've enforced that the non-secure side's RAM doesn't pollute the cache, by marking the corresponding page table entries as being non-cacheable.

On the VM's side, you've to ensure to either mark the corresponding memory region, you want to share with the secure side, as being non-cacheable memory (like it's done for I/O memory), or by selectively flushing that memory area within the cache, before doing a VMM call.

Best regards Stefan

...

Thanks in advanced.

Best regards, Pablo Anton.

El 10.12.2013 11:49, Stefan Kalkowski escribió: > Hi Pablo, > > On 12/09/2013 04:31 PM, panton wrote: >> Hi, >> >> I am a little confused about creating a share memory between a >> Non >> Secure and Secure worlds. As far as I understood, memory region >> should >> be placed in Non Secure Side (Linux in tz_vmm example), when a >> change >> of >> context is done you can send the addresses of that regions using >> cpu >> registers and looking into vm_state struct. Then, from Secure >> side >> must >> be a method to access to that region but I do not find the good >> way >> to >> configure Genode to perform that access. Is there any example of >> how >> that works? > > actually, the whole main memory used by the non-secure side is > available > in the virtual machine monitor of our small example. Before > booting, > it > is used to put the kernel image, and initramfs into it. After > that, > it > can be used to reproduce processing of the virtual machine, for > instance > you might walk the page-tables of the VM to reconstruct pointers > in > the > VM's registers etc. > > Of course, you can use the shared main memory to transfer data > between > VMM and VM too. However, you would have to either transfer the > physical > address of the corresponding memory region via the VM's > registers, > or > implement an appropriated software MMU to translate the VM's > virtual > address in the register into a physical address that can be > located > by > the VMM. Luckily, there is already a simplified software MMU > implementation within the VMM example code > ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical > address > of the memory region laying in the main memory of the VM, you've > of > course to translate again that physical address to the position > in > the > address space of the VMM. Assuming, you've put the corresponding > memory > region's address into register r3 within your para-virtualization > code > in the guest VM. Then the following procedure will give you the > memory > region within the VMM object: > > addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); > addr_t virt_addr = _vm->ram()->va(phys_addr); > > I hope this is what you're looking for. > > Regards > Stefan > >> >> Regards, >> Pablo Anton. >> >> El 02.12.2013 16:19, Stefan Kalkowski escribió: >>> Hi, >>> >>> On 12/02/2013 03:48 PM, panton wrote: >>>> Hi Stefan, >>>> >>>> I know this is not a question about genode but I am having >>>> troubles >>>> compiling linux image for tz-vmm. Did you use genode >>>> toolchain?? >>>> Could >>>> I >>>> ask you the config options file you used for compiling (I was >>>> not >>>> able >>>> to get it from linux image)?? >>> >>> I didn't used the Genode toolchain, but the Codesourcery ARM >>> cross >>> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the >>> Genode >>> toolchain isn't used to compile a Linux system, it misses >>> certain >>> defines you need when compiling the Linux kernel. >>> >>> The adapted kernel configuration file is part of the Linux fork >>> I've >>> mentioned in my previous mail. Here is the concrete file: >>> >>> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t... >>> >>> Regards >>> Stefan >>> >>>> >>>> Thanks you in advance. >>>> >>>> Best regards. >>>> Pablo Anton. >>>> >>>> El 28.11.2013 11:07, Stefan Kalkowski escribió: >>>>> Hi Pablo, >>>>> >>>>> On 11/28/2013 10:52 AM, panton wrote: >>>>>> Hi Stefan, >>>>>> >>>>>> Thank you very much for your detailed explication. I am >>>>>> really >>>>>> lucky >>>>>> beacause it seems you are working right now on that matter >>>>>> (last >>>>>> genode/staging branch update was yesterday :)). >>>>>> >>>>>>> well, this depends. There are trustzone.cc files for >>>>>>> different >>>>>>> platforms/configurations. In general, that file only >>>>>>> contains >>>>>>> additional >>>>>>> kernel initialization routines needed. For instance, >>>>>>> configuring >>>>>>> IRQs >>>>>>> to >>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>> specific >>>>>>> devices >>>>>>> that can be configured in supervisor mode only. >>>>>>> For configurations where no TrustZone is supported, or used >>>>>>> that >>>>>>> file >>>>>>> contains an empty initialization indeed. I assume you've >>>>>>> found >>>>>>> that >>>>>>> file. >>>>>> >>>>>> Now I am able to see files on >>>>>> ./base-hw/src/core/imx53/trustzone. >>>>>> >>>>>>> To sum it up, the non-secure guest has to behave >>>>>>> cooperatively, >>>>>>> or >>>>>>> it >>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>> Therefore, >>>>>>> some >>>>>>> lightweight form of para-virtualization of the guest OS is >>>>>>> needed. >>>>>> >>>>>> So, I assume the linux image on >>>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin >>>>>> is >>>>>> not >>>>>> a >>>>>> normal linux image for imx53_loco but neither a L4Linux >>>>>> (since >>>>>> the >>>>>> example is running without Fiasco.OC). Is there any >>>>>> repository >>>>>> where >>>>>> we >>>>>> could take that linux code? >>>>>> >>>>> >>>>> Sure, branches including the changes for Versatile Express, >>>>> and >>>>> i.MX53 >>>>> QSB/Tablet can be found on Github too: >>>>> >>>>> git@...116...:skalk/linux.git >>>>> >>>>> The branches are titled 'vexpress-tz', and 'imx53-tz' >>>>> >>>>>> >>>>>> About the example I only can say "Great work". >>>>> >>>>> Thanks, that's music to my ears. >>>>> >>>>>> I was able to run it on >>>>>> hardware. Some little details that could help people: >>>>>> >>>>>>> After that, do a 'make run/tz_vmm' in the build directory. >>>>>>> The >>>>>>> resulting >>>>>>> image is located in 'var/run/tz_vmm/uImage' >>>>>> >>>>>> The resulting image is on elf, if you want to run it with >>>>>> uboot >>>>>> you >>>>>> should create a valid uImage using mkimage tool. >>>>>> >>>>> >>>>> If you add a '--target uboot' to the RUN_OPT environment >>>>> variable, >>>>> the >>>>> uImage is built automatically. Just add the following to your >>>>> 'etc/build.conf' (I've missed that in the previous mail): >>>>> >>>>> RUN_OPT = --target uboot >>>>> >>>>>> Now, I go to play! >>>>> >>>>> Good luck, and >>>>> best regards >>>>> Stefan >>>>> >>>>>> >>>>>> Best regards >>>>>> Pablo Antón. >>>>>> >>>>>> >>>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió: >>>>>>> Hi Pablo, >>>>>>> >>>>>>> On 11/26/2013 06:11 PM, panton wrote: >>>>>>>> Hello, >>>>>>>> >>>>>>>> I want to create a virtualized system with Genode in my >>>>>>>> imx53 >>>>>>>> board. >>>>>>>> At >>>>>>>> the moment, I am able to run Genode on the board with >>>>>>>> base-foc >>>>>>>> and >>>>>>>> also >>>>>>>> directly on hardware (base-hw). Thus, my plan was to run a >>>>>>>> linux >>>>>>>> kernel >>>>>>>> as a child node and hopefully run it into trustzone NS. >>>>>>>> Looking >>>>>>>> into >>>>>>>> Genode code I found base-hw/include/vm_session that seems >>>>>>>> to >>>>>>>> deal >>>>>>>> with >>>>>>>> virtualization. Furthermore there is a trustzone.cc into >>>>>>>> base-hw/src/core.., but without real useful code. >>>>>>> >>>>>>> well, this depends. There are trustzone.cc files for >>>>>>> different >>>>>>> platforms/configurations. In general, that file only >>>>>>> contains >>>>>>> additional >>>>>>> kernel initialization routines needed. For instance, >>>>>>> configuring >>>>>>> IRQs >>>>>>> to >>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>> specific >>>>>>> devices >>>>>>> that can be configured in supervisor mode only. >>>>>>> For configurations where no TrustZone is supported, or used >>>>>>> that >>>>>>> file >>>>>>> contains an empty initialization indeed. I assume you've >>>>>>> found >>>>>>> that >>>>>>> file. >>>>>>> >>>>>>>> >>>>>>>> I was wondering if there are implemented virtualization >>>>>>>> capabilities >>>>>>>> using trustzone or even without trustzone? >>>>>>> >>>>>>> In fact, there is some kind of virtualization support using >>>>>>> TrustZone. >>>>>>> Although, TrustZone isn't designed to be a virtualization >>>>>>> solution. >>>>>>> Therefore, the "guest" needs to be aware what devices it is >>>>>>> allowed >>>>>>> to >>>>>>> use. In contrast to the CPU (including MMU, Caches, etc.), >>>>>>> there >>>>>>> is >>>>>>> no >>>>>>> support to virtualize physical memory (including memory >>>>>>> mapped >>>>>>> I/O) >>>>>>> for >>>>>>> the non-secure "guest". That means guest physical addresses >>>>>>> are >>>>>>> in >>>>>>> fact >>>>>>> physical addresses. Dependent on the concrete platform, it >>>>>>> might >>>>>>> be >>>>>>> possible to deny non-secure access to certain physical >>>>>>> memory >>>>>>> regions, >>>>>>> like I/O memory of certain devices, and then use a >>>>>>> trap-emulate >>>>>>> approach. But in general this approach isn't guaranteed to >>>>>>> work. >>>>>>> Dependent on where the unit, which controls peripheral >>>>>>> device >>>>>>> memory >>>>>>> (if >>>>>>> existent at all), is located in the bus hierarchy of the >>>>>>> SoC, >>>>>>> it >>>>>>> might >>>>>>> provoke asynchronous external data-aborts in the CPU core, >>>>>>> instead >>>>>>> of >>>>>>> synchronous ones. Thereby, it is impossible to recover the >>>>>>> state, >>>>>>> in >>>>>>> which the protection fault was raised. >>>>>>> To sum it up, the non-secure guest has to behave >>>>>>> cooperatively, >>>>>>> or >>>>>>> it >>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>> Therefore, >>>>>>> some >>>>>>> lightweight form of para-virtualization of the guest OS is >>>>>>> needed. >>>>>>> >>>>>>> On ARM platforms, apart from the TrustZone >>>>>>> "virtualization", >>>>>>> Genode >>>>>>> includes support of L4Linux, a para-virtualized Linux for >>>>>>> the >>>>>>> Fiasco.OC >>>>>>> kernel. ARM's virtualization extensions aren't supported >>>>>>> yet, >>>>>>> but >>>>>>> we'll >>>>>>> investigate it certainly. >>>>>>> >>>>>>>> If so, it would be great to >>>>>>>> have an example of how to use it. >>>>>>> >>>>>>> A working basic example is available on Genode's current >>>>>>> staging >>>>>>> branch, >>>>>>> and will be available in Genode's upcoming release 13.11, >>>>>>> that >>>>>>> will >>>>>>> be >>>>>>> announced this week. >>>>>>> The example should work out of the box for ARM's Versatile >>>>>>> Express >>>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. >>>>>>> You'll >>>>>>> have >>>>>>> to >>>>>>> create a build directory for 'hw_imx53'. After creating the >>>>>>> build >>>>>>> directory, you've to adapt the 'etc/specs.conf' file, and >>>>>>> add >>>>>>> the >>>>>>> following SPEC variable: >>>>>>> >>>>>>> SPECS += trustzone >>>>>>> >>>>>>> After that, do a 'make run/tz_vmm' in the build directory. >>>>>>> The >>>>>>> resulting >>>>>>> image is located in 'var/run/tz_vmm/uImage'. The example >>>>>>> scenario >>>>>>> starts >>>>>>> Genode's hw kernel, core, init, and the virtual machine >>>>>>> monitor, >>>>>>> which >>>>>>> will boot Linux with a small busybox initramfs on the >>>>>>> non-secure >>>>>>> side. >>>>>>> >>>>>>> A more sophisticated example, which runs on the i.MX53 >>>>>>> SABRE >>>>>>> tablet >>>>>>> only, can be found on this topic branch: >>>>>>> >>>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo >>>>>>> >>>>>>> That example include virtual touchscreen support for the >>>>>>> non-secure >>>>>>> guest, so that you can interact with the secure Genode >>>>>>> system, >>>>>>> and >>>>>>> the >>>>>>> non-secure Android guest side-by-side. >>>>>>> >>>>>>>> >>>>>>>> Thanks in advance for answers! >>>>>>> >>>>>>> You're welcome. >>>>>>> >>>>>>> Best Regards >>>>>>> Stefan >>>>>>> >>>>>>>> >>>>>>>> Best regards, >>>>>>>> Pablo Anton >>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>> business. >>>>>>>> Most >>>>>>>> IT >>>>>>>> organizations don't have a clear picture of how >>>>>>>> application >>>>>>>> performance >>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>> visibility >>>>>>>> into >>>>>>>> your >>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>>> of >>>>>>>> AppDynamics Pro! >>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>> _______________________________________________ >>>>>>>> Genode-main mailing list >>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Stefan Kalkowski >>>>>>> Genode Labs >>>>>>> >>>>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>> business. >>>>>>> Most >>>>>>> IT >>>>>>> organizations don't have a clear picture of how application >>>>>>> performance >>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>> visibility >>>>>>> into >>>>>>> your >>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>> of >>>>>>> AppDynamics Pro! >>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>> _______________________________________________ >>>>>>> Genode-main mailing list >>>>>>> Genode-main@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Rapidly troubleshoot problems before they affect your >>>>>> business. >>>>>> Most >>>>>> IT >>>>>> organizations don't have a clear picture of how application >>>>>> performance >>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>> visibility >>>>>> into >>>>>> your >>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>> of >>>>>> AppDynamics Pro! >>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>> _______________________________________________ >>>>>> Genode-main mailing list >>>>>> Genode-main@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>> >>>>> >>>>> -- >>>>> Stefan Kalkowski >>>>> Genode Labs >>>>> >>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Rapidly troubleshoot problems before they affect your >>>>> business. >>>>> Most >>>>> IT >>>>> organizations don't have a clear picture of how application >>>>> performance >>>>> affects their revenue. With AppDynamics, you get 100% >>>>> visibility >>>>> into >>>>> your >>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>> AppDynamics Pro! >>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>> _______________________________________________ >>>>> Genode-main mailing list >>>>> Genode-main@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>>> ------------------------------------------------------------------------------ >>>> Rapidly troubleshoot problems before they affect your >>>> business. >>>> Most >>>> IT >>>> organizations don't have a clear picture of how application >>>> performance >>>> affects their revenue. With AppDynamics, you get 100% >>>> visibility >>>> into >>>> your >>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>> AppDynamics Pro! >>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>> _______________________________________________ >>>> Genode-main mailing list >>>> Genode-main@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>> >>> -- >>> Stefan Kalkowski >>> Genode Labs >>> >>> http://www.genode-labs.com/ · http://genode.org/ >>> >>> ------------------------------------------------------------------------------ >>> Rapidly troubleshoot problems before they affect your business. >>> Most >>> IT >>> organizations don't have a clear picture of how application >>> performance >>> affects their revenue. With AppDynamics, you get 100% >>> visibility >>> into >>> your >>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>> AppDynamics Pro! >>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>> _______________________________________________ >>> Genode-main mailing list >>> Genode-main@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/genode-main >> >> ------------------------------------------------------------------------------ >> Sponsored by Intel(R) XDK >> Develop, test and display web and hybrid apps with a single code >> base. >> Download it for free now! >> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main >> > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > ------------------------------------------------------------------------------ > Sponsored by Intel(R) XDK > Develop, test and display web and hybrid apps with a single code > base. > Download it for free now! > http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Pablo,

On 01/22/2014 03:36 PM, panton wrote:

Hi Stefan,

thanks again for your help.

...

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

I did some changes according with indications you gave me. Unfortunately, I can not say it was success. I am having troubles when linux try to configure some GPIO directions. Should I change some specific thing into Genode to allow Linux handle GPIO?

oh, sorry I forgot about the most important thing: allowing the non-secure side to access I2C, GPIO, and IPU again. Have a look at "base-hw/src/core/imx53/trustzone/csu.h" in the constructor of the Csu (central security unit) class the access rights to peripherals are configured. Just uncomment the lines about I2C, IPU, and GPIO, and Linux will be able to access them again.

Regards Stefan

BTW.: if you don't use Genode's input_drv, and fb_drv anymore, you should also remove the platform_drv, and gpio_drv.

Thanks.

Regards, Pablo.

El 17.01.2014 22:40, Stefan Kalkowski escribió:

...

Hi Pablo,

On 01/15/2014 05:50 PM, panton wrote:

...

Hi all,

We continue working with Genode and Trustzone. We have created a architecture a little more complex that the one into os/server/tz_vmm. The idea is to have a secure DRM app (running on genode side) and a player App running on Non Secure linux. At this point, we would like to have some video output controling by non secure linux side.

Looking at specific modified Linux for imx53, we have realised about several modifications into drivers/video/mxc/mxc_ipuv3_fb.c which avoid the access to IPU directly from linux (making a smc call that is handled by vmm). I am wondering if will be possible of configuring the system to allow mxc framebuffer working on linux without the knowledge of Genode?

first I've to say, in our TrustZone Genode/Android scenario both worlds secure and non-secure side can render output on the screen, but the secure, Genode side controls where/when the non-secure framebuffer is displayed. The 'smc' call from Linux to the VMM only transfers the memory address of the framebuffer, which Linux is using. The VMM uses a special overlay mechanism of the Freescale IPU hardware via our framebuffer driver, to show Linux' framebuffer at some offset of the screen. With other words, the hardware directly copies Linux framebuffer content without additional interaction with the VMM. Moreover, Linux/Android also uses the GPU directly and exclusively for 2D and 3D optimizations. Therefore, Linux/Android's graphical performance is almost the same, running natively on the hardware, or within the non-secure environment, and without direct access to the IPU.

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

Regards Stefan

...

Thanks in advance, Pablo.

El 17.12.2013 13:54, panton escribió:

...

Hi Stefan,

thank you again. I added a "flush_cache_all();" before the "smc #0" just to see the result and it works! Now, I am going to look for a better option, since I guess flushing all cache is not necessary.

Regards. Pablo

El 17.12.2013 11:24, Stefan Kalkowski escribió:

...

Hi Pablo,

On 12/16/2013 05:06 PM, panton wrote:

...

Hi,

I am having some unexpected behavior accessing from Genode VMM to guest VM RAM.

> Assuming, you've put the corresponding memory > region's address into register r3 within your para-virtualization > code > in the guest VM. Then the following procedure will give you the > memory > region within the VMM object: > > addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only if > r3 > has a virtual address > addr_t virt_addr = _vm->ram()->va(phys_addr);

Following the indication Stefan gave me, I am able to access to linux guest's memory by passing virtual address of desired memory region into registers (_vm->state()->r3), it also could be performed by passing physical addr instead of virtual addr and removing first instruction.

Problem is when you access to calculated virtual address's content (virt_addr), it is not always correct. First time I run my example app everything works fine, but next times, I gets unexpected values. I ckeck the physical address is right and the virtual address is just:

virt_addr = _local + (phys - _base);

I really don't know why that happen, the loaded memory sometime is the good one and sometimes is not. The MMU implementation used on VMM works fine, since it gives correct physical address from virtual one. The address passes into the register is also correct. Any idea of what could be happening??? Probably, I am missing some concepts of how mmu works, but I do not understand why it just fail in some cases.

If you observe differences between VMM and VM when accessing the same physical memory region, there are two possibilities. First: the cache of the non-secure side isn't flushed, or second the secure side is using the non-secure side's RAM portion through the cache. As both side's cache entries are handled independently of each other, the secure side doesn't see non-secure cache entries, and vice versa.

On the secure side, we've enforced that the non-secure side's RAM doesn't pollute the cache, by marking the corresponding page table entries as being non-cacheable.

On the VM's side, you've to ensure to either mark the corresponding memory region, you want to share with the secure side, as being non-cacheable memory (like it's done for I/O memory), or by selectively flushing that memory area within the cache, before doing a VMM call.

Best regards Stefan

...

Thanks in advanced.

Best regards, Pablo Anton.

El 10.12.2013 11:49, Stefan Kalkowski escribió: > Hi Pablo, > > On 12/09/2013 04:31 PM, panton wrote: >> Hi, >> >> I am a little confused about creating a share memory between a >> Non >> Secure and Secure worlds. As far as I understood, memory region >> should >> be placed in Non Secure Side (Linux in tz_vmm example), when a >> change >> of >> context is done you can send the addresses of that regions using >> cpu >> registers and looking into vm_state struct. Then, from Secure >> side >> must >> be a method to access to that region but I do not find the good >> way >> to >> configure Genode to perform that access. Is there any example of >> how >> that works? > > actually, the whole main memory used by the non-secure side is > available > in the virtual machine monitor of our small example. Before > booting, > it > is used to put the kernel image, and initramfs into it. After > that, > it > can be used to reproduce processing of the virtual machine, for > instance > you might walk the page-tables of the VM to reconstruct pointers > in > the > VM's registers etc. > > Of course, you can use the shared main memory to transfer data > between > VMM and VM too. However, you would have to either transfer the > physical > address of the corresponding memory region via the VM's registers, > or > implement an appropriated software MMU to translate the VM's > virtual > address in the register into a physical address that can be > located > by > the VMM. Luckily, there is already a simplified software MMU > implementation within the VMM example code > ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical > address > of the memory region laying in the main memory of the VM, you've > of > course to translate again that physical address to the position in > the > address space of the VMM. Assuming, you've put the corresponding > memory > region's address into register r3 within your para-virtualization > code > in the guest VM. Then the following procedure will give you the > memory > region within the VMM object: > > addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); > addr_t virt_addr = _vm->ram()->va(phys_addr); > > I hope this is what you're looking for. > > Regards > Stefan > >> >> Regards, >> Pablo Anton. >> >> El 02.12.2013 16:19, Stefan Kalkowski escribió: >>> Hi, >>> >>> On 12/02/2013 03:48 PM, panton wrote: >>>> Hi Stefan, >>>> >>>> I know this is not a question about genode but I am having >>>> troubles >>>> compiling linux image for tz-vmm. Did you use genode >>>> toolchain?? >>>> Could >>>> I >>>> ask you the config options file you used for compiling (I was >>>> not >>>> able >>>> to get it from linux image)?? >>> >>> I didn't used the Genode toolchain, but the Codesourcery ARM >>> cross >>> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode >>> toolchain isn't used to compile a Linux system, it misses >>> certain >>> defines you need when compiling the Linux kernel. >>> >>> The adapted kernel configuration file is part of the Linux fork >>> I've >>> mentioned in my previous mail. Here is the concrete file: >>> >>> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t... >>> >>> Regards >>> Stefan >>> >>>> >>>> Thanks you in advance. >>>> >>>> Best regards. >>>> Pablo Anton. >>>> >>>> El 28.11.2013 11:07, Stefan Kalkowski escribió: >>>>> Hi Pablo, >>>>> >>>>> On 11/28/2013 10:52 AM, panton wrote: >>>>>> Hi Stefan, >>>>>> >>>>>> Thank you very much for your detailed explication. I am >>>>>> really >>>>>> lucky >>>>>> beacause it seems you are working right now on that matter >>>>>> (last >>>>>> genode/staging branch update was yesterday :)). >>>>>> >>>>>>> well, this depends. There are trustzone.cc files for >>>>>>> different >>>>>>> platforms/configurations. In general, that file only >>>>>>> contains >>>>>>> additional >>>>>>> kernel initialization routines needed. For instance, >>>>>>> configuring >>>>>>> IRQs >>>>>>> to >>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>> specific >>>>>>> devices >>>>>>> that can be configured in supervisor mode only. >>>>>>> For configurations where no TrustZone is supported, or used >>>>>>> that >>>>>>> file >>>>>>> contains an empty initialization indeed. I assume you've >>>>>>> found >>>>>>> that >>>>>>> file. >>>>>> >>>>>> Now I am able to see files on >>>>>> ./base-hw/src/core/imx53/trustzone. >>>>>> >>>>>>> To sum it up, the non-secure guest has to behave >>>>>>> cooperatively, >>>>>>> or >>>>>>> it >>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>> Therefore, >>>>>>> some >>>>>>> lightweight form of para-virtualization of the guest OS is >>>>>>> needed. >>>>>> >>>>>> So, I assume the linux image on >>>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin >>>>>> is >>>>>> not >>>>>> a >>>>>> normal linux image for imx53_loco but neither a L4Linux >>>>>> (since >>>>>> the >>>>>> example is running without Fiasco.OC). Is there any >>>>>> repository >>>>>> where >>>>>> we >>>>>> could take that linux code? >>>>>> >>>>> >>>>> Sure, branches including the changes for Versatile Express, >>>>> and >>>>> i.MX53 >>>>> QSB/Tablet can be found on Github too: >>>>> >>>>> git@...116...:skalk/linux.git >>>>> >>>>> The branches are titled 'vexpress-tz', and 'imx53-tz' >>>>> >>>>>> >>>>>> About the example I only can say "Great work". >>>>> >>>>> Thanks, that's music to my ears. >>>>> >>>>>> I was able to run it on >>>>>> hardware. Some little details that could help people: >>>>>> >>>>>>> After that, do a 'make run/tz_vmm' in the build directory. >>>>>>> The >>>>>>> resulting >>>>>>> image is located in 'var/run/tz_vmm/uImage' >>>>>> >>>>>> The resulting image is on elf, if you want to run it with >>>>>> uboot >>>>>> you >>>>>> should create a valid uImage using mkimage tool. >>>>>> >>>>> >>>>> If you add a '--target uboot' to the RUN_OPT environment >>>>> variable, >>>>> the >>>>> uImage is built automatically. Just add the following to your >>>>> 'etc/build.conf' (I've missed that in the previous mail): >>>>> >>>>> RUN_OPT = --target uboot >>>>> >>>>>> Now, I go to play! >>>>> >>>>> Good luck, and >>>>> best regards >>>>> Stefan >>>>> >>>>>> >>>>>> Best regards >>>>>> Pablo Antón. >>>>>> >>>>>> >>>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió: >>>>>>> Hi Pablo, >>>>>>> >>>>>>> On 11/26/2013 06:11 PM, panton wrote: >>>>>>>> Hello, >>>>>>>> >>>>>>>> I want to create a virtualized system with Genode in my >>>>>>>> imx53 >>>>>>>> board. >>>>>>>> At >>>>>>>> the moment, I am able to run Genode on the board with >>>>>>>> base-foc >>>>>>>> and >>>>>>>> also >>>>>>>> directly on hardware (base-hw). Thus, my plan was to run a >>>>>>>> linux >>>>>>>> kernel >>>>>>>> as a child node and hopefully run it into trustzone NS. >>>>>>>> Looking >>>>>>>> into >>>>>>>> Genode code I found base-hw/include/vm_session that seems >>>>>>>> to >>>>>>>> deal >>>>>>>> with >>>>>>>> virtualization. Furthermore there is a trustzone.cc into >>>>>>>> base-hw/src/core.., but without real useful code. >>>>>>> >>>>>>> well, this depends. There are trustzone.cc files for >>>>>>> different >>>>>>> platforms/configurations. In general, that file only >>>>>>> contains >>>>>>> additional >>>>>>> kernel initialization routines needed. For instance, >>>>>>> configuring >>>>>>> IRQs >>>>>>> to >>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>> specific >>>>>>> devices >>>>>>> that can be configured in supervisor mode only. >>>>>>> For configurations where no TrustZone is supported, or used >>>>>>> that >>>>>>> file >>>>>>> contains an empty initialization indeed. I assume you've >>>>>>> found >>>>>>> that >>>>>>> file. >>>>>>> >>>>>>>> >>>>>>>> I was wondering if there are implemented virtualization >>>>>>>> capabilities >>>>>>>> using trustzone or even without trustzone? >>>>>>> >>>>>>> In fact, there is some kind of virtualization support using >>>>>>> TrustZone. >>>>>>> Although, TrustZone isn't designed to be a virtualization >>>>>>> solution. >>>>>>> Therefore, the "guest" needs to be aware what devices it is >>>>>>> allowed >>>>>>> to >>>>>>> use. In contrast to the CPU (including MMU, Caches, etc.), >>>>>>> there >>>>>>> is >>>>>>> no >>>>>>> support to virtualize physical memory (including memory >>>>>>> mapped >>>>>>> I/O) >>>>>>> for >>>>>>> the non-secure "guest". That means guest physical addresses >>>>>>> are >>>>>>> in >>>>>>> fact >>>>>>> physical addresses. Dependent on the concrete platform, it >>>>>>> might >>>>>>> be >>>>>>> possible to deny non-secure access to certain physical >>>>>>> memory >>>>>>> regions, >>>>>>> like I/O memory of certain devices, and then use a >>>>>>> trap-emulate >>>>>>> approach. But in general this approach isn't guaranteed to >>>>>>> work. >>>>>>> Dependent on where the unit, which controls peripheral >>>>>>> device >>>>>>> memory >>>>>>> (if >>>>>>> existent at all), is located in the bus hierarchy of the >>>>>>> SoC, >>>>>>> it >>>>>>> might >>>>>>> provoke asynchronous external data-aborts in the CPU core, >>>>>>> instead >>>>>>> of >>>>>>> synchronous ones. Thereby, it is impossible to recover the >>>>>>> state, >>>>>>> in >>>>>>> which the protection fault was raised. >>>>>>> To sum it up, the non-secure guest has to behave >>>>>>> cooperatively, >>>>>>> or >>>>>>> it >>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>> Therefore, >>>>>>> some >>>>>>> lightweight form of para-virtualization of the guest OS is >>>>>>> needed. >>>>>>> >>>>>>> On ARM platforms, apart from the TrustZone "virtualization", >>>>>>> Genode >>>>>>> includes support of L4Linux, a para-virtualized Linux for >>>>>>> the >>>>>>> Fiasco.OC >>>>>>> kernel. ARM's virtualization extensions aren't supported >>>>>>> yet, >>>>>>> but >>>>>>> we'll >>>>>>> investigate it certainly. >>>>>>> >>>>>>>> If so, it would be great to >>>>>>>> have an example of how to use it. >>>>>>> >>>>>>> A working basic example is available on Genode's current >>>>>>> staging >>>>>>> branch, >>>>>>> and will be available in Genode's upcoming release 13.11, >>>>>>> that >>>>>>> will >>>>>>> be >>>>>>> announced this week. >>>>>>> The example should work out of the box for ARM's Versatile >>>>>>> Express >>>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. >>>>>>> You'll >>>>>>> have >>>>>>> to >>>>>>> create a build directory for 'hw_imx53'. After creating the >>>>>>> build >>>>>>> directory, you've to adapt the 'etc/specs.conf' file, and >>>>>>> add >>>>>>> the >>>>>>> following SPEC variable: >>>>>>> >>>>>>> SPECS += trustzone >>>>>>> >>>>>>> After that, do a 'make run/tz_vmm' in the build directory. >>>>>>> The >>>>>>> resulting >>>>>>> image is located in 'var/run/tz_vmm/uImage'. The example >>>>>>> scenario >>>>>>> starts >>>>>>> Genode's hw kernel, core, init, and the virtual machine >>>>>>> monitor, >>>>>>> which >>>>>>> will boot Linux with a small busybox initramfs on the >>>>>>> non-secure >>>>>>> side. >>>>>>> >>>>>>> A more sophisticated example, which runs on the i.MX53 SABRE >>>>>>> tablet >>>>>>> only, can be found on this topic branch: >>>>>>> >>>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo >>>>>>> >>>>>>> That example include virtual touchscreen support for the >>>>>>> non-secure >>>>>>> guest, so that you can interact with the secure Genode >>>>>>> system, >>>>>>> and >>>>>>> the >>>>>>> non-secure Android guest side-by-side. >>>>>>> >>>>>>>> >>>>>>>> Thanks in advance for answers! >>>>>>> >>>>>>> You're welcome. >>>>>>> >>>>>>> Best Regards >>>>>>> Stefan >>>>>>> >>>>>>>> >>>>>>>> Best regards, >>>>>>>> Pablo Anton >>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>> business. >>>>>>>> Most >>>>>>>> IT >>>>>>>> organizations don't have a clear picture of how application >>>>>>>> performance >>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>> visibility >>>>>>>> into >>>>>>>> your >>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>>> of >>>>>>>> AppDynamics Pro! >>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>> _______________________________________________ >>>>>>>> Genode-main mailing list >>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Stefan Kalkowski >>>>>>> Genode Labs >>>>>>> >>>>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>> business. >>>>>>> Most >>>>>>> IT >>>>>>> organizations don't have a clear picture of how application >>>>>>> performance >>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>> visibility >>>>>>> into >>>>>>> your >>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>> of >>>>>>> AppDynamics Pro! >>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>> _______________________________________________ >>>>>>> Genode-main mailing list >>>>>>> Genode-main@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Rapidly troubleshoot problems before they affect your >>>>>> business. >>>>>> Most >>>>>> IT >>>>>> organizations don't have a clear picture of how application >>>>>> performance >>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>> visibility >>>>>> into >>>>>> your >>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>>> AppDynamics Pro! >>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>> _______________________________________________ >>>>>> Genode-main mailing list >>>>>> Genode-main@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>> >>>>> >>>>> -- >>>>> Stefan Kalkowski >>>>> Genode Labs >>>>> >>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Rapidly troubleshoot problems before they affect your >>>>> business. >>>>> Most >>>>> IT >>>>> organizations don't have a clear picture of how application >>>>> performance >>>>> affects their revenue. With AppDynamics, you get 100% >>>>> visibility >>>>> into >>>>> your >>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>> AppDynamics Pro! >>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>> _______________________________________________ >>>>> Genode-main mailing list >>>>> Genode-main@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>>> ------------------------------------------------------------------------------ >>>> Rapidly troubleshoot problems before they affect your business. >>>> Most >>>> IT >>>> organizations don't have a clear picture of how application >>>> performance >>>> affects their revenue. With AppDynamics, you get 100% >>>> visibility >>>> into >>>> your >>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>> AppDynamics Pro! >>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>> _______________________________________________ >>>> Genode-main mailing list >>>> Genode-main@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>> >>> >>> -- >>> Stefan Kalkowski >>> Genode Labs >>> >>> http://www.genode-labs.com/ · http://genode.org/ >>> >>> ------------------------------------------------------------------------------ >>> Rapidly troubleshoot problems before they affect your business. >>> Most >>> IT >>> organizations don't have a clear picture of how application >>> performance >>> affects their revenue. With AppDynamics, you get 100% visibility >>> into >>> your >>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>> AppDynamics Pro! >>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>> _______________________________________________ >>> Genode-main mailing list >>> Genode-main@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/genode-main >> >> ------------------------------------------------------------------------------ >> Sponsored by Intel(R) XDK >> Develop, test and display web and hybrid apps with a single code >> base. >> Download it for free now! >> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main >> > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > ------------------------------------------------------------------------------ > Sponsored by Intel(R) XDK > Develop, test and display web and hybrid apps with a single code > base. > Download it for free now! > http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

Hi Pablo,

On 01/23/2014 11:40 AM, panton wrote:

Hi Stefan,

I am using Quickstart board and the master branch (Genode 13.11). As you say, into os/drivers/framebuffer/imx53/driver.h is assumed LCD display which is not what I am using. Actually, I am using lvds screen (connected to lvds port). I suposse it is necessary to change screen configuration (width, height, bbp) and probably also into gpio configuration, am I right? But I do not understand how is the connection between GPIO and the Framebuffer driver, why I get power on lvds screen when "gpio_bl.write(true);"??

well, I've to admit you've got me stumped. I assume the wire of the corresponging GPIO line to enable the backlight of LVDS is the same for the LCD display. Changing the display configuration (also including timings) most likely is necessary, and would clarify why you don't see anything.

I've traced Linux I/O accesses related to the IPU to get proper values. Just following the reference manual seemed to be almost impossible. But be warned, while extending normal Linux log output just a bit, my i.MX53 tablet's display remained dark. So it seems to be a bit shaky ;-)

Good luck! Regards Stefan

Thanks again.

Regards, Pablo.

El 23.01.2014 10:55, Stefan Kalkowski escribió:

...

Hi Pablo,

the i.MX53 framebuffer driver does't detect your current display setup automatically. It only checks whether it's running on top of i.MX53 Quickstart board, or the i.MX53 SABRE tablet. When running on the first one, it assumes you've a connected LCD display (MCIMX28LCD), and when running on the tablet it uses the tablet screen.

I assume you're using the Quickstart board? Do you use Genode's current staging, or master branch?

Regards Stefan

On 01/22/2014 06:39 PM, panton wrote:

...

Regarding my incompetence with trustzone and framebuffer, I have tried to check if at least the framebuffer implemented in Genode works (for sure it works) without any trustzone module. I have run os/src/test/framebuffer/main.cc toguether with drivers/fb_drv, drivers/timer, drivers/gpio_drv, drivers/platform_drv. Everything seems to work fine (except some "no found config file" output).

..... [init -> test-framebuffer] framebuffer is 800x480@...23... [init -> test-framebuffer] black [init -> test-framebuffer] blue [init -> test-framebuffer] green

The problem is that I get nothing on screen. Whit VGA I have no signal on the screen, with the lvds connector I get screen signal at least. Any ideas??

Sorry to be boring about that matter, and thanks.

Regards, Pablo.

El 22.01.2014 15:36, panton escribió:

...

Hi Stefan,

thanks again for your help.

...

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

I did some changes according with indications you gave me. Unfortunately, I can not say it was success. I am having troubles when linux try to configure some GPIO directions. Should I change some specific thing into Genode to allow Linux handle GPIO?

Thanks.

Regards, Pablo.

El 17.01.2014 22:40, Stefan Kalkowski escribió:

...

Hi Pablo,

On 01/15/2014 05:50 PM, panton wrote:

...

Hi all,

We continue working with Genode and Trustzone. We have created a architecture a little more complex that the one into os/server/tz_vmm. The idea is to have a secure DRM app (running on genode side) and a player App running on Non Secure linux. At this point, we would like to have some video output controling by non secure linux side.

Looking at specific modified Linux for imx53, we have realised about several modifications into drivers/video/mxc/mxc_ipuv3_fb.c which avoid the access to IPU directly from linux (making a smc call that is handled by vmm). I am wondering if will be possible of configuring the system to allow mxc framebuffer working on linux without the knowledge of Genode?

first I've to say, in our TrustZone Genode/Android scenario both worlds secure and non-secure side can render output on the screen, but the secure, Genode side controls where/when the non-secure framebuffer is displayed. The 'smc' call from Linux to the VMM only transfers the memory address of the framebuffer, which Linux is using. The VMM uses a special overlay mechanism of the Freescale IPU hardware via our framebuffer driver, to show Linux' framebuffer at some offset of the screen. With other words, the hardware directly copies Linux framebuffer content without additional interaction with the VMM. Moreover, Linux/Android also uses the GPU directly and exclusively for 2D and 3D optimizations. Therefore, Linux/Android's graphical performance is almost the same, running natively on the hardware, or within the non-secure environment, and without direct access to the IPU.

Nevertheless, if you don't want Genode to access the IPU at all, but use it from the non-secure side exclusively, that is of course possible too. In fact, it is a much easier solution to implement. Assuming input events are handled exclusively by Linux too, you can remove the corresponding drivers (input_drv, fb_drv) from Genode's configuration, and remove all of my changes to the Linux kernel regarding IPU, touchscreen, GPIO, and I2C access. Probably you just need to remove the last four commits from the "imx53-tz" branch.

Regards Stefan

...

Thanks in advance, Pablo.

El 17.12.2013 13:54, panton escribió: > Hi Stefan, > > thank you again. I added a "flush_cache_all();" before the "smc > #0" > just > to see the result and it works! Now, I am going to look for a > better > option, since I guess flushing all cache is not necessary. > > Regards. > Pablo > > El 17.12.2013 11:24, Stefan Kalkowski escribió: >> Hi Pablo, >> >> On 12/16/2013 05:06 PM, panton wrote: >>> Hi, >>> >>> I am having some unexpected behavior accessing from Genode VMM >>> to >>> guest >>> VM RAM. >>> >>> >>>> Assuming, you've put the corresponding memory >>>> region's address into register r3 within your >>>> para-virtualization >>>> code >>>> in the guest VM. Then the following procedure will give you the >>>> memory >>>> region within the VMM object: >>>> >>>> addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); // Only >>>> if >>>> r3 >>>> has a virtual address >>>> addr_t virt_addr = _vm->ram()->va(phys_addr); >>> >>> >>> Following the indication Stefan gave me, I am able to access to >>> linux >>> guest's memory by passing virtual address of desired memory >>> region >>> into >>> registers (_vm->state()->r3), it also could be performed by >>> passing >>> physical addr instead of virtual addr and removing first >>> instruction. >>> >>> Problem is when you access to calculated virtual address's >>> content >>> (virt_addr), it is not always correct. First time I run my >>> example >>> app >>> everything works fine, but next times, I gets unexpected values. >>> I >>> ckeck >>> the physical address is right and the virtual address is just: >>> >>> virt_addr = _local + (phys - _base); >>> >>> I really don't know why that happen, the loaded memory sometime >>> is >>> the >>> good one and sometimes is not. The MMU implementation used on >>> VMM >>> works >>> fine, since it gives correct physical address from virtual one. >>> The >>> address passes into the register is also correct. Any idea of >>> what >>> could >>> be happening??? Probably, I am missing some concepts of how mmu >>> works, >>> but I do not understand why it just fail in some cases. >> >> If you observe differences between VMM and VM when accessing the >> same >> physical memory region, there are two possibilities. First: the >> cache >> of >> the non-secure side isn't flushed, or second the secure side is >> using >> the non-secure side's RAM portion through the cache. As both >> side's >> cache entries are handled independently of each other, the secure >> side >> doesn't see non-secure cache entries, and vice versa. >> >> On the secure side, we've enforced that the non-secure side's RAM >> doesn't pollute the cache, by marking the corresponding page >> table >> entries as being non-cacheable. >> >> On the VM's side, you've to ensure to either mark the >> corresponding >> memory region, you want to share with the secure side, as being >> non-cacheable memory (like it's done for I/O memory), or by >> selectively >> flushing that memory area within the cache, before doing a VMM >> call. >> >> Best regards >> Stefan >> >>> >>> Thanks in advanced. >>> >>> Best regards, >>> Pablo Anton. >>> >>> El 10.12.2013 11:49, Stefan Kalkowski escribió: >>>> Hi Pablo, >>>> >>>> On 12/09/2013 04:31 PM, panton wrote: >>>>> Hi, >>>>> >>>>> I am a little confused about creating a share memory between a >>>>> Non >>>>> Secure and Secure worlds. As far as I understood, memory >>>>> region >>>>> should >>>>> be placed in Non Secure Side (Linux in tz_vmm example), when a >>>>> change >>>>> of >>>>> context is done you can send the addresses of that regions >>>>> using >>>>> cpu >>>>> registers and looking into vm_state struct. Then, from Secure >>>>> side >>>>> must >>>>> be a method to access to that region but I do not find the >>>>> good >>>>> way >>>>> to >>>>> configure Genode to perform that access. Is there any example >>>>> of >>>>> how >>>>> that works? >>>> >>>> actually, the whole main memory used by the non-secure side is >>>> available >>>> in the virtual machine monitor of our small example. Before >>>> booting, >>>> it >>>> is used to put the kernel image, and initramfs into it. After >>>> that, >>>> it >>>> can be used to reproduce processing of the virtual machine, for >>>> instance >>>> you might walk the page-tables of the VM to reconstruct >>>> pointers >>>> in >>>> the >>>> VM's registers etc. >>>> >>>> Of course, you can use the shared main memory to transfer data >>>> between >>>> VMM and VM too. However, you would have to either transfer the >>>> physical >>>> address of the corresponding memory region via the VM's >>>> registers, >>>> or >>>> implement an appropriated software MMU to translate the VM's >>>> virtual >>>> address in the register into a physical address that can be >>>> located >>>> by >>>> the VMM. Luckily, there is already a simplified software MMU >>>> implementation within the VMM example code >>>> ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical >>>> address >>>> of the memory region laying in the main memory of the VM, >>>> you've >>>> of >>>> course to translate again that physical address to the position >>>> in >>>> the >>>> address space of the VMM. Assuming, you've put the >>>> corresponding >>>> memory >>>> region's address into register r3 within your >>>> para-virtualization >>>> code >>>> in the guest VM. Then the following procedure will give you the >>>> memory >>>> region within the VMM object: >>>> >>>> addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3); >>>> addr_t virt_addr = _vm->ram()->va(phys_addr); >>>> >>>> I hope this is what you're looking for. >>>> >>>> Regards >>>> Stefan >>>> >>>>> >>>>> Regards, >>>>> Pablo Anton. >>>>> >>>>> El 02.12.2013 16:19, Stefan Kalkowski escribió: >>>>>> Hi, >>>>>> >>>>>> On 12/02/2013 03:48 PM, panton wrote: >>>>>>> Hi Stefan, >>>>>>> >>>>>>> I know this is not a question about genode but I am having >>>>>>> troubles >>>>>>> compiling linux image for tz-vmm. Did you use genode >>>>>>> toolchain?? >>>>>>> Could >>>>>>> I >>>>>>> ask you the config options file you used for compiling (I >>>>>>> was >>>>>>> not >>>>>>> able >>>>>>> to get it from linux image)?? >>>>>> >>>>>> I didn't used the Genode toolchain, but the Codesourcery ARM >>>>>> cross >>>>>> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the >>>>>> Genode >>>>>> toolchain isn't used to compile a Linux system, it misses >>>>>> certain >>>>>> defines you need when compiling the Linux kernel. >>>>>> >>>>>> The adapted kernel configuration file is part of the Linux >>>>>> fork >>>>>> I've >>>>>> mentioned in my previous mail. Here is the concrete file: >>>>>> >>>>>> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_t... >>>>>> >>>>>> Regards >>>>>> Stefan >>>>>> >>>>>>> >>>>>>> Thanks you in advance. >>>>>>> >>>>>>> Best regards. >>>>>>> Pablo Anton. >>>>>>> >>>>>>> El 28.11.2013 11:07, Stefan Kalkowski escribió: >>>>>>>> Hi Pablo, >>>>>>>> >>>>>>>> On 11/28/2013 10:52 AM, panton wrote: >>>>>>>>> Hi Stefan, >>>>>>>>> >>>>>>>>> Thank you very much for your detailed explication. I am >>>>>>>>> really >>>>>>>>> lucky >>>>>>>>> beacause it seems you are working right now on that matter >>>>>>>>> (last >>>>>>>>> genode/staging branch update was yesterday :)). >>>>>>>>> >>>>>>>>>> well, this depends. There are trustzone.cc files for >>>>>>>>>> different >>>>>>>>>> platforms/configurations. In general, that file only >>>>>>>>>> contains >>>>>>>>>> additional >>>>>>>>>> kernel initialization routines needed. For instance, >>>>>>>>>> configuring >>>>>>>>>> IRQs >>>>>>>>>> to >>>>>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>>>>> specific >>>>>>>>>> devices >>>>>>>>>> that can be configured in supervisor mode only. >>>>>>>>>> For configurations where no TrustZone is supported, or >>>>>>>>>> used >>>>>>>>>> that >>>>>>>>>> file >>>>>>>>>> contains an empty initialization indeed. I assume you've >>>>>>>>>> found >>>>>>>>>> that >>>>>>>>>> file. >>>>>>>>> >>>>>>>>> Now I am able to see files on >>>>>>>>> ./base-hw/src/core/imx53/trustzone. >>>>>>>>> >>>>>>>>>> To sum it up, the non-secure guest has to behave >>>>>>>>>> cooperatively, >>>>>>>>>> or >>>>>>>>>> it >>>>>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>>>>> Therefore, >>>>>>>>>> some >>>>>>>>>> lightweight form of para-virtualization of the guest OS >>>>>>>>>> is >>>>>>>>>> needed. >>>>>>>>> >>>>>>>>> So, I assume the linux image on >>>>>>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin >>>>>>>>> is >>>>>>>>> not >>>>>>>>> a >>>>>>>>> normal linux image for imx53_loco but neither a L4Linux >>>>>>>>> (since >>>>>>>>> the >>>>>>>>> example is running without Fiasco.OC). Is there any >>>>>>>>> repository >>>>>>>>> where >>>>>>>>> we >>>>>>>>> could take that linux code? >>>>>>>>> >>>>>>>> >>>>>>>> Sure, branches including the changes for Versatile Express, >>>>>>>> and >>>>>>>> i.MX53 >>>>>>>> QSB/Tablet can be found on Github too: >>>>>>>> >>>>>>>> git@...116...:skalk/linux.git >>>>>>>> >>>>>>>> The branches are titled 'vexpress-tz', and 'imx53-tz' >>>>>>>> >>>>>>>>> >>>>>>>>> About the example I only can say "Great work". >>>>>>>> >>>>>>>> Thanks, that's music to my ears. >>>>>>>> >>>>>>>>> I was able to run it on >>>>>>>>> hardware. Some little details that could help people: >>>>>>>>> >>>>>>>>>> After that, do a 'make run/tz_vmm' in the build >>>>>>>>>> directory. >>>>>>>>>> The >>>>>>>>>> resulting >>>>>>>>>> image is located in 'var/run/tz_vmm/uImage' >>>>>>>>> >>>>>>>>> The resulting image is on elf, if you want to run it with >>>>>>>>> uboot >>>>>>>>> you >>>>>>>>> should create a valid uImage using mkimage tool. >>>>>>>>> >>>>>>>> >>>>>>>> If you add a '--target uboot' to the RUN_OPT environment >>>>>>>> variable, >>>>>>>> the >>>>>>>> uImage is built automatically. Just add the following to >>>>>>>> your >>>>>>>> 'etc/build.conf' (I've missed that in the previous mail): >>>>>>>> >>>>>>>> RUN_OPT = --target uboot >>>>>>>> >>>>>>>>> Now, I go to play! >>>>>>>> >>>>>>>> Good luck, and >>>>>>>> best regards >>>>>>>> Stefan >>>>>>>> >>>>>>>>> >>>>>>>>> Best regards >>>>>>>>> Pablo Antón. >>>>>>>>> >>>>>>>>> >>>>>>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió: >>>>>>>>>> Hi Pablo, >>>>>>>>>> >>>>>>>>>> On 11/26/2013 06:11 PM, panton wrote: >>>>>>>>>>> Hello, >>>>>>>>>>> >>>>>>>>>>> I want to create a virtualized system with Genode in my >>>>>>>>>>> imx53 >>>>>>>>>>> board. >>>>>>>>>>> At >>>>>>>>>>> the moment, I am able to run Genode on the board with >>>>>>>>>>> base-foc >>>>>>>>>>> and >>>>>>>>>>> also >>>>>>>>>>> directly on hardware (base-hw). Thus, my plan was to run >>>>>>>>>>> a >>>>>>>>>>> linux >>>>>>>>>>> kernel >>>>>>>>>>> as a child node and hopefully run it into trustzone NS. >>>>>>>>>>> Looking >>>>>>>>>>> into >>>>>>>>>>> Genode code I found base-hw/include/vm_session that >>>>>>>>>>> seems >>>>>>>>>>> to >>>>>>>>>>> deal >>>>>>>>>>> with >>>>>>>>>>> virtualization. Furthermore there is a trustzone.cc into >>>>>>>>>>> base-hw/src/core.., but without real useful code. >>>>>>>>>> >>>>>>>>>> well, this depends. There are trustzone.cc files for >>>>>>>>>> different >>>>>>>>>> platforms/configurations. In general, that file only >>>>>>>>>> contains >>>>>>>>>> additional >>>>>>>>>> kernel initialization routines needed. For instance, >>>>>>>>>> configuring >>>>>>>>>> IRQs >>>>>>>>>> to >>>>>>>>>> be "secure", or "non-secure", or configure TrustZone >>>>>>>>>> specific >>>>>>>>>> devices >>>>>>>>>> that can be configured in supervisor mode only. >>>>>>>>>> For configurations where no TrustZone is supported, or >>>>>>>>>> used >>>>>>>>>> that >>>>>>>>>> file >>>>>>>>>> contains an empty initialization indeed. I assume you've >>>>>>>>>> found >>>>>>>>>> that >>>>>>>>>> file. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> I was wondering if there are implemented virtualization >>>>>>>>>>> capabilities >>>>>>>>>>> using trustzone or even without trustzone? >>>>>>>>>> >>>>>>>>>> In fact, there is some kind of virtualization support >>>>>>>>>> using >>>>>>>>>> TrustZone. >>>>>>>>>> Although, TrustZone isn't designed to be a virtualization >>>>>>>>>> solution. >>>>>>>>>> Therefore, the "guest" needs to be aware what devices it >>>>>>>>>> is >>>>>>>>>> allowed >>>>>>>>>> to >>>>>>>>>> use. In contrast to the CPU (including MMU, Caches, >>>>>>>>>> etc.), >>>>>>>>>> there >>>>>>>>>> is >>>>>>>>>> no >>>>>>>>>> support to virtualize physical memory (including memory >>>>>>>>>> mapped >>>>>>>>>> I/O) >>>>>>>>>> for >>>>>>>>>> the non-secure "guest". That means guest physical >>>>>>>>>> addresses >>>>>>>>>> are >>>>>>>>>> in >>>>>>>>>> fact >>>>>>>>>> physical addresses. Dependent on the concrete platform, >>>>>>>>>> it >>>>>>>>>> might >>>>>>>>>> be >>>>>>>>>> possible to deny non-secure access to certain physical >>>>>>>>>> memory >>>>>>>>>> regions, >>>>>>>>>> like I/O memory of certain devices, and then use a >>>>>>>>>> trap-emulate >>>>>>>>>> approach. But in general this approach isn't guaranteed >>>>>>>>>> to >>>>>>>>>> work. >>>>>>>>>> Dependent on where the unit, which controls peripheral >>>>>>>>>> device >>>>>>>>>> memory >>>>>>>>>> (if >>>>>>>>>> existent at all), is located in the bus hierarchy of the >>>>>>>>>> SoC, >>>>>>>>>> it >>>>>>>>>> might >>>>>>>>>> provoke asynchronous external data-aborts in the CPU >>>>>>>>>> core, >>>>>>>>>> instead >>>>>>>>>> of >>>>>>>>>> synchronous ones. Thereby, it is impossible to recover >>>>>>>>>> the >>>>>>>>>> state, >>>>>>>>>> in >>>>>>>>>> which the protection fault was raised. >>>>>>>>>> To sum it up, the non-secure guest has to behave >>>>>>>>>> cooperatively, >>>>>>>>>> or >>>>>>>>>> it >>>>>>>>>> will fail. Trap-and-emulate doesn't work in general. >>>>>>>>>> Therefore, >>>>>>>>>> some >>>>>>>>>> lightweight form of para-virtualization of the guest OS >>>>>>>>>> is >>>>>>>>>> needed. >>>>>>>>>> >>>>>>>>>> On ARM platforms, apart from the TrustZone >>>>>>>>>> "virtualization", >>>>>>>>>> Genode >>>>>>>>>> includes support of L4Linux, a para-virtualized Linux for >>>>>>>>>> the >>>>>>>>>> Fiasco.OC >>>>>>>>>> kernel. ARM's virtualization extensions aren't supported >>>>>>>>>> yet, >>>>>>>>>> but >>>>>>>>>> we'll >>>>>>>>>> investigate it certainly. >>>>>>>>>> >>>>>>>>>>> If so, it would be great to >>>>>>>>>>> have an example of how to use it. >>>>>>>>>> >>>>>>>>>> A working basic example is available on Genode's current >>>>>>>>>> staging >>>>>>>>>> branch, >>>>>>>>>> and will be available in Genode's upcoming release 13.11, >>>>>>>>>> that >>>>>>>>>> will >>>>>>>>>> be >>>>>>>>>> announced this week. >>>>>>>>>> The example should work out of the box for ARM's >>>>>>>>>> Versatile >>>>>>>>>> Express >>>>>>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. >>>>>>>>>> You'll >>>>>>>>>> have >>>>>>>>>> to >>>>>>>>>> create a build directory for 'hw_imx53'. After creating >>>>>>>>>> the >>>>>>>>>> build >>>>>>>>>> directory, you've to adapt the 'etc/specs.conf' file, and >>>>>>>>>> add >>>>>>>>>> the >>>>>>>>>> following SPEC variable: >>>>>>>>>> >>>>>>>>>> SPECS += trustzone >>>>>>>>>> >>>>>>>>>> After that, do a 'make run/tz_vmm' in the build >>>>>>>>>> directory. >>>>>>>>>> The >>>>>>>>>> resulting >>>>>>>>>> image is located in 'var/run/tz_vmm/uImage'. The example >>>>>>>>>> scenario >>>>>>>>>> starts >>>>>>>>>> Genode's hw kernel, core, init, and the virtual machine >>>>>>>>>> monitor, >>>>>>>>>> which >>>>>>>>>> will boot Linux with a small busybox initramfs on the >>>>>>>>>> non-secure >>>>>>>>>> side. >>>>>>>>>> >>>>>>>>>> A more sophisticated example, which runs on the i.MX53 >>>>>>>>>> SABRE >>>>>>>>>> tablet >>>>>>>>>> only, can be found on this topic branch: >>>>>>>>>> >>>>>>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo >>>>>>>>>> >>>>>>>>>> That example include virtual touchscreen support for the >>>>>>>>>> non-secure >>>>>>>>>> guest, so that you can interact with the secure Genode >>>>>>>>>> system, >>>>>>>>>> and >>>>>>>>>> the >>>>>>>>>> non-secure Android guest side-by-side. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Thanks in advance for answers! >>>>>>>>>> >>>>>>>>>> You're welcome. >>>>>>>>>> >>>>>>>>>> Best Regards >>>>>>>>>> Stefan >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Best regards, >>>>>>>>>>> Pablo Anton >>>>>>>>>>> >>>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>>>>> business. >>>>>>>>>>> Most >>>>>>>>>>> IT >>>>>>>>>>> organizations don't have a clear picture of how >>>>>>>>>>> application >>>>>>>>>>> performance >>>>>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>>>>> visibility >>>>>>>>>>> into >>>>>>>>>>> your >>>>>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE >>>>>>>>>>> TRIAL >>>>>>>>>>> of >>>>>>>>>>> AppDynamics Pro! >>>>>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Genode-main mailing list >>>>>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Stefan Kalkowski >>>>>>>>>> Genode Labs >>>>>>>>>> >>>>>>>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>>>>>>> >>>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>>>> business. >>>>>>>>>> Most >>>>>>>>>> IT >>>>>>>>>> organizations don't have a clear picture of how >>>>>>>>>> application >>>>>>>>>> performance >>>>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>>>> visibility >>>>>>>>>> into >>>>>>>>>> your >>>>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE >>>>>>>>>> TRIAL >>>>>>>>>> of >>>>>>>>>> AppDynamics Pro! >>>>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>>>> _______________________________________________ >>>>>>>>>> Genode-main mailing list >>>>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>>> business. >>>>>>>>> Most >>>>>>>>> IT >>>>>>>>> organizations don't have a clear picture of how >>>>>>>>> application >>>>>>>>> performance >>>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>>> visibility >>>>>>>>> into >>>>>>>>> your >>>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>>>> of >>>>>>>>> AppDynamics Pro! >>>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>>> _______________________________________________ >>>>>>>>> Genode-main mailing list >>>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Stefan Kalkowski >>>>>>>> Genode Labs >>>>>>>> >>>>>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>>>>> >>>>>>>> ------------------------------------------------------------------------------ >>>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>>> business. >>>>>>>> Most >>>>>>>> IT >>>>>>>> organizations don't have a clear picture of how application >>>>>>>> performance >>>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>>> visibility >>>>>>>> into >>>>>>>> your >>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>>> of >>>>>>>> AppDynamics Pro! >>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>>> _______________________________________________ >>>>>>>> Genode-main mailing list >>>>>>>> Genode-main@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Rapidly troubleshoot problems before they affect your >>>>>>> business. >>>>>>> Most >>>>>>> IT >>>>>>> organizations don't have a clear picture of how application >>>>>>> performance >>>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>>> visibility >>>>>>> into >>>>>>> your >>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL >>>>>>> of >>>>>>> AppDynamics Pro! >>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>>> _______________________________________________ >>>>>>> Genode-main mailing list >>>>>>> Genode-main@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>>>> >>>>>> >>>>>> -- >>>>>> Stefan Kalkowski >>>>>> Genode Labs >>>>>> >>>>>> http://www.genode-labs.com/ · http://genode.org/ >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Rapidly troubleshoot problems before they affect your >>>>>> business. >>>>>> Most >>>>>> IT >>>>>> organizations don't have a clear picture of how application >>>>>> performance >>>>>> affects their revenue. With AppDynamics, you get 100% >>>>>> visibility >>>>>> into >>>>>> your >>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>>>>> AppDynamics Pro! >>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clk... >>>>>> _______________________________________________ >>>>>> Genode-main mailing list >>>>>> Genode-main@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Sponsored by Intel(R) XDK >>>>> Develop, test and display web and hybrid apps with a single >>>>> code >>>>> base. >>>>> Download it for free now! >>>>> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... >>>>> _______________________________________________ >>>>> Genode-main mailing list >>>>> Genode-main@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>>>> >>>> >>>> -- >>>> Stefan Kalkowski >>>> Genode Labs >>>> >>>> http://www.genode-labs.com/ · http://genode.org/ >>>> >>>> ------------------------------------------------------------------------------ >>>> Sponsored by Intel(R) XDK >>>> Develop, test and display web and hybrid apps with a single >>>> code >>>> base. >>>> Download it for free now! >>>> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.cl... >>>> _______________________________________________ >>>> Genode-main mailing list >>>> Genode-main@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/genode-main >>> >>> ------------------------------------------------------------------------------ >>> Rapidly troubleshoot problems before they affect your business. >>> Most >>> IT >>> organizations don't have a clear picture of how application >>> performance >>> affects their revenue. With AppDynamics, you get 100% visibility >>> into >>> your >>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >>> AppDynamics Pro! >>> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... >>> _______________________________________________ >>> Genode-main mailing list >>> Genode-main@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/genode-main >>> >> >> -- >> Stefan Kalkowski >> Genode Labs >> >> http://www.genode-labs.com/ · http://genode.org/ >> >> ------------------------------------------------------------------------------ >> Rapidly troubleshoot problems before they affect your business. >> Most >> IT >> organizations don't have a clear picture of how application >> performance >> affects their revenue. With AppDynamics, you get 100% visibility >> into >> your >> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of >> AppDynamics Pro! >> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... >> _______________________________________________ >> Genode-main mailing list >> Genode-main@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/genode-main > > ------------------------------------------------------------------------------ > Rapidly troubleshoot problems before they affect your business. > Most > IT > organizations don't have a clear picture of how application > performance > affects their revenue. With AppDynamics, you get 100% visibility > into > your > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of > AppDynamics Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clk... > _______________________________________________ > Genode-main mailing list > Genode-main@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

-- Stefan Kalkowski Genode Labs

http://www.genode-labs.com/ · http://genode.org/

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main

---

CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.cl... _______________________________________________ Genode-main mailing list Genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main