Virtualization with trustzone into mx53

panton panton at ...215...
Mon Dec 9 16:31:22 CET 2013 

Hi,

I am a little confused about creating a share memory between a Non 
Secure and Secure worlds. As far as I understood, memory region should 
be placed in Non Secure Side (Linux in tz_vmm example), when a change of 
context is done you can send the addresses of that regions using cpu 
registers and looking into vm_state struct. Then, from Secure side must 
be a method to access to that region but I do not find the good way to 
configure Genode to perform that access. Is there any example of how 
that works?

Regards,
Pablo Anton.

El 02.12.2013 16:19, Stefan Kalkowski escribió:
> Hi,
> 
> On 12/02/2013 03:48 PM, panton wrote:
>> Hi Stefan,
>> 
>> I know this is not a question about genode but I am having troubles
>> compiling linux image for tz-vmm. Did you use genode toolchain?? Could 
>> I
>> ask you the config options file you used for compiling (I was not able
>> to get it from linux image)??
> 
> I didn't used the Genode toolchain, but the Codesourcery ARM cross
> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode
> toolchain isn't used to compile a Linux system, it misses certain
> defines you need when compiling the Linux kernel.
> 
> The adapted kernel configuration file is part of the Linux fork I've
> mentioned in my previous mail. Here is the concrete file:
> 
> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_tz_defconfig
> 
> Regards
> Stefan
> 
>> 
>> Thanks you in advance.
>> 
>> Best regards.
>> Pablo Anton.
>> 
>> El 28.11.2013 11:07, Stefan Kalkowski escribió:
>>> Hi Pablo,
>>> 
>>> On 11/28/2013 10:52 AM, panton wrote:
>>>> Hi Stefan,
>>>> 
>>>> Thank you very much for your detailed explication. I am really lucky
>>>> beacause it seems you are working right now on that matter (last
>>>> genode/staging branch update was yesterday :)).
>>>> 
>>>>> well, this depends. There are trustzone.cc files for different
>>>>> platforms/configurations. In general, that file only contains
>>>>> additional
>>>>> kernel initialization routines needed. For instance, configuring 
>>>>> IRQs
>>>>> to
>>>>> be "secure", or "non-secure", or configure TrustZone specific 
>>>>> devices
>>>>> that can be configured in supervisor mode only.
>>>>> For configurations where no TrustZone is supported, or used that 
>>>>> file
>>>>> contains an empty initialization indeed. I assume you've found that
>>>>> file.
>>>> 
>>>> Now I am able to see files on ./base-hw/src/core/imx53/trustzone.
>>>> 
>>>>> To sum it up, the non-secure guest has to behave cooperatively, or 
>>>>> it
>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore, 
>>>>> some
>>>>> lightweight form of para-virtualization of the guest OS is needed.
>>>> 
>>>> So, I assume the linux image on
>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not 
>>>> a
>>>> normal linux image for imx53_loco but neither a L4Linux (since the
>>>> example is running without Fiasco.OC). Is there any repository where
>>>> we
>>>> could take that linux code?
>>>> 
>>> 
>>> Sure, branches including the changes for Versatile Express, and 
>>> i.MX53
>>> QSB/Tablet can be found on Github too:
>>> 
>>>   git at ...116...:skalk/linux.git
>>> 
>>> The branches are titled 'vexpress-tz', and 'imx53-tz'
>>> 
>>>> 
>>>> About the example I only can say "Great work".
>>> 
>>> Thanks, that's music to my ears.
>>> 
>>>> I was able to run it on
>>>> hardware. Some little details that could help people:
>>>> 
>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>> resulting
>>>>> image is located in 'var/run/tz_vmm/uImage'
>>>> 
>>>> The resulting image is on elf, if you want to run it with uboot you
>>>> should create a valid uImage using mkimage tool.
>>>> 
>>> 
>>> If you add a '--target uboot' to the RUN_OPT environment variable, 
>>> the
>>> uImage is built automatically. Just add the following to your
>>> 'etc/build.conf' (I've missed that in the previous mail):
>>> 
>>>   RUN_OPT = --target uboot
>>> 
>>>> Now, I go to play!
>>> 
>>> Good luck, and
>>> best regards
>>> Stefan
>>> 
>>>> 
>>>> Best regards
>>>> Pablo Antón.
>>>> 
>>>> 
>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió:
>>>>> Hi Pablo,
>>>>> 
>>>>> On 11/26/2013 06:11 PM, panton wrote:
>>>>>> Hello,
>>>>>> 
>>>>>> I want to create a virtualized system with Genode in my imx53 
>>>>>> board.
>>>>>> At
>>>>>> the moment, I am able to run Genode on the board with base-foc and
>>>>>> also
>>>>>> directly on hardware (base-hw). Thus, my plan was to run a linux
>>>>>> kernel
>>>>>> as a child node and hopefully run it into trustzone NS. Looking 
>>>>>> into
>>>>>> Genode code I found base-hw/include/vm_session that seems to deal
>>>>>> with
>>>>>> virtualization. Furthermore there is a trustzone.cc into
>>>>>> base-hw/src/core.., but without real useful code.
>>>>> 
>>>>> well, this depends. There are trustzone.cc files for different
>>>>> platforms/configurations. In general, that file only contains
>>>>> additional
>>>>> kernel initialization routines needed. For instance, configuring 
>>>>> IRQs
>>>>> to
>>>>> be "secure", or "non-secure", or configure TrustZone specific 
>>>>> devices
>>>>> that can be configured in supervisor mode only.
>>>>> For configurations where no TrustZone is supported, or used that 
>>>>> file
>>>>> contains an empty initialization indeed. I assume you've found that
>>>>> file.
>>>>> 
>>>>>> 
>>>>>> I was wondering if there are implemented virtualization 
>>>>>> capabilities
>>>>>> using trustzone or even without trustzone?
>>>>> 
>>>>> In fact, there is some kind of virtualization support using
>>>>> TrustZone.
>>>>> Although, TrustZone isn't designed to be a virtualization solution.
>>>>> Therefore, the "guest" needs to be aware what devices it is allowed
>>>>> to
>>>>> use. In contrast to the CPU (including MMU, Caches, etc.), there is
>>>>> no
>>>>> support to virtualize physical memory (including memory mapped I/O)
>>>>> for
>>>>> the non-secure "guest". That means guest physical addresses are in
>>>>> fact
>>>>> physical addresses. Dependent on the concrete platform, it might be
>>>>> possible to deny non-secure access to certain physical memory
>>>>> regions,
>>>>> like I/O memory of certain devices, and then use a trap-emulate
>>>>> approach. But in general this approach isn't guaranteed to work.
>>>>> Dependent on where the unit, which controls peripheral device 
>>>>> memory
>>>>> (if
>>>>> existent at all), is located in the bus hierarchy of the SoC, it
>>>>> might
>>>>> provoke asynchronous external data-aborts in the CPU core, instead 
>>>>> of
>>>>> synchronous ones. Thereby, it is impossible to recover the state, 
>>>>> in
>>>>> which the protection fault was raised.
>>>>> To sum it up, the non-secure guest has to behave cooperatively, or 
>>>>> it
>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore, 
>>>>> some
>>>>> lightweight form of para-virtualization of the guest OS is needed.
>>>>> 
>>>>> On ARM platforms, apart from the TrustZone "virtualization", Genode
>>>>> includes support of L4Linux, a para-virtualized Linux for the
>>>>> Fiasco.OC
>>>>> kernel. ARM's virtualization extensions aren't supported yet, but
>>>>> we'll
>>>>> investigate it certainly.
>>>>> 
>>>>>> If so, it would be great to
>>>>>> have an example of how to use it.
>>>>> 
>>>>> A working basic example is available on Genode's current staging
>>>>> branch,
>>>>> and will be available in Genode's upcoming release 13.11, that will
>>>>> be
>>>>> announced this week.
>>>>> The example should work out of the box for ARM's Versatile Express
>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have
>>>>> to
>>>>> create a build directory for 'hw_imx53'. After creating the build
>>>>> directory, you've to adapt the 'etc/specs.conf' file, and add the
>>>>> following SPEC variable:
>>>>> 
>>>>>   SPECS += trustzone
>>>>> 
>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>> resulting
>>>>> image is located in 'var/run/tz_vmm/uImage'. The example scenario
>>>>> starts
>>>>> Genode's hw kernel, core, init, and the virtual machine monitor,
>>>>> which
>>>>> will boot Linux with a small busybox initramfs on the non-secure
>>>>> side.
>>>>> 
>>>>> A more sophisticated example, which runs on the i.MX53 SABRE tablet
>>>>> only, can be found on this topic branch:
>>>>> 
>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo
>>>>> 
>>>>> That example include virtual touchscreen support for the non-secure
>>>>> guest, so that you can interact with the secure Genode system, and
>>>>> the
>>>>> non-secure Android guest side-by-side.
>>>>> 
>>>>>> 
>>>>>> Thanks in advance for answers!
>>>>> 
>>>>> You're welcome.
>>>>> 
>>>>> Best Regards
>>>>> Stefan
>>>>> 
>>>>>> 
>>>>>> Best regards,
>>>>>> Pablo Anton
>>>>>> 
>>>>>> ------------------------------------------------------------------------------
>>>>>> Rapidly troubleshoot problems before they affect your business. 
>>>>>> Most
>>>>>> IT
>>>>>> organizations don't have a clear picture of how application
>>>>>> performance
>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>> into
>>>>>> your
>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>> AppDynamics Pro!
>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>> _______________________________________________
>>>>>> Genode-main mailing list
>>>>>> Genode-main at lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>> 
>>>>> 
>>>>> --
>>>>> Stefan Kalkowski
>>>>> Genode Labs
>>>>> 
>>>>> http://www.genode-labs.com/ · http://genode.org/
>>>>> 
>>>>> ------------------------------------------------------------------------------
>>>>> Rapidly troubleshoot problems before they affect your business. 
>>>>> Most
>>>>> IT
>>>>> organizations don't have a clear picture of how application
>>>>> performance
>>>>> affects their revenue. With AppDynamics, you get 100% visibility 
>>>>> into
>>>>> your
>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>> AppDynamics Pro!
>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>> _______________________________________________
>>>>> Genode-main mailing list
>>>>> Genode-main at lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>> 
>>>> ------------------------------------------------------------------------------
>>>> Rapidly troubleshoot problems before they affect your business. Most
>>>> IT
>>>> organizations don't have a clear picture of how application
>>>> performance
>>>> affects their revenue. With AppDynamics, you get 100% visibility 
>>>> into
>>>> your
>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>> AppDynamics Pro!
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Genode-main mailing list
>>>> Genode-main at lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>> 
>>> 
>>> --
>>> Stefan Kalkowski
>>> Genode Labs
>>> 
>>> http://www.genode-labs.com/ · http://genode.org/
>>> 
>>> ------------------------------------------------------------------------------
>>> Rapidly troubleshoot problems before they affect your business. Most 
>>> IT
>>> organizations don't have a clear picture of how application 
>>> performance
>>> affects their revenue. With AppDynamics, you get 100% visibility into
>>> your
>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>> AppDynamics Pro!
>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Genode-main mailing list
>>> Genode-main at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>> 
>> ------------------------------------------------------------------------------
>> Rapidly troubleshoot problems before they affect your business. Most 
>> IT
>> organizations don't have a clear picture of how application 
>> performance
>> affects their revenue. With AppDynamics, you get 100% visibility into 
>> your
>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of 
>> AppDynamics Pro!
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Genode-main mailing list
>> Genode-main at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
>> 
> 
> --
> Stefan Kalkowski
> Genode Labs
> 
> http://www.genode-labs.com/ · http://genode.org/
> 
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT
> organizations don't have a clear picture of how application performance
> affects their revenue. With AppDynamics, you get 100% visibility into 
> your
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of 
> AppDynamics Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
> _______________________________________________
> Genode-main mailing list
> Genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main

More information about the users mailing list