Virtualization with trustzone into mx53
Stefan Kalkowski
stefan.kalkowski at ...1...
Tue Dec 10 11:49:27 CET 2013
Hi Pablo,
On 12/09/2013 04:31 PM, panton wrote:
> Hi,
>
> I am a little confused about creating a share memory between a Non
> Secure and Secure worlds. As far as I understood, memory region should
> be placed in Non Secure Side (Linux in tz_vmm example), when a change of
> context is done you can send the addresses of that regions using cpu
> registers and looking into vm_state struct. Then, from Secure side must
> be a method to access to that region but I do not find the good way to
> configure Genode to perform that access. Is there any example of how
> that works?
actually, the whole main memory used by the non-secure side is available
in the virtual machine monitor of our small example. Before booting, it
is used to put the kernel image, and initramfs into it. After that, it
can be used to reproduce processing of the virtual machine, for instance
you might walk the page-tables of the VM to reconstruct pointers in the
VM's registers etc.
Of course, you can use the shared main memory to transfer data between
VMM and VM too. However, you would have to either transfer the physical
address of the corresponding memory region via the VM's registers, or
implement an appropriated software MMU to translate the VM's virtual
address in the register into a physical address that can be located by
the VMM. Luckily, there is already a simplified software MMU
implementation within the VMM example code
('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address
of the memory region laying in the main memory of the VM, you've of
course to translate again that physical address to the position in the
address space of the VMM. Assuming, you've put the corresponding memory
region's address into register r3 within your para-virtualization code
in the guest VM. Then the following procedure will give you the memory
region within the VMM object:
addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3);
addr_t virt_addr = _vm->ram()->va(phys_addr);
I hope this is what you're looking for.
Regards
Stefan
>
> Regards,
> Pablo Anton.
>
> El 02.12.2013 16:19, Stefan Kalkowski escribió:
>> Hi,
>>
>> On 12/02/2013 03:48 PM, panton wrote:
>>> Hi Stefan,
>>>
>>> I know this is not a question about genode but I am having troubles
>>> compiling linux image for tz-vmm. Did you use genode toolchain?? Could
>>> I
>>> ask you the config options file you used for compiling (I was not able
>>> to get it from linux image)??
>>
>> I didn't used the Genode toolchain, but the Codesourcery ARM cross
>> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode
>> toolchain isn't used to compile a Linux system, it misses certain
>> defines you need when compiling the Linux kernel.
>>
>> The adapted kernel configuration file is part of the Linux fork I've
>> mentioned in my previous mail. Here is the concrete file:
>>
>> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_tz_defconfig
>>
>> Regards
>> Stefan
>>
>>>
>>> Thanks you in advance.
>>>
>>> Best regards.
>>> Pablo Anton.
>>>
>>> El 28.11.2013 11:07, Stefan Kalkowski escribió:
>>>> Hi Pablo,
>>>>
>>>> On 11/28/2013 10:52 AM, panton wrote:
>>>>> Hi Stefan,
>>>>>
>>>>> Thank you very much for your detailed explication. I am really lucky
>>>>> beacause it seems you are working right now on that matter (last
>>>>> genode/staging branch update was yesterday :)).
>>>>>
>>>>>> well, this depends. There are trustzone.cc files for different
>>>>>> platforms/configurations. In general, that file only contains
>>>>>> additional
>>>>>> kernel initialization routines needed. For instance, configuring
>>>>>> IRQs
>>>>>> to
>>>>>> be "secure", or "non-secure", or configure TrustZone specific
>>>>>> devices
>>>>>> that can be configured in supervisor mode only.
>>>>>> For configurations where no TrustZone is supported, or used that
>>>>>> file
>>>>>> contains an empty initialization indeed. I assume you've found that
>>>>>> file.
>>>>>
>>>>> Now I am able to see files on ./base-hw/src/core/imx53/trustzone.
>>>>>
>>>>>> To sum it up, the non-secure guest has to behave cooperatively, or
>>>>>> it
>>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore,
>>>>>> some
>>>>>> lightweight form of para-virtualization of the guest OS is needed.
>>>>>
>>>>> So, I assume the linux image on
>>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not
>>>>> a
>>>>> normal linux image for imx53_loco but neither a L4Linux (since the
>>>>> example is running without Fiasco.OC). Is there any repository where
>>>>> we
>>>>> could take that linux code?
>>>>>
>>>>
>>>> Sure, branches including the changes for Versatile Express, and
>>>> i.MX53
>>>> QSB/Tablet can be found on Github too:
>>>>
>>>> git at ...116...:skalk/linux.git
>>>>
>>>> The branches are titled 'vexpress-tz', and 'imx53-tz'
>>>>
>>>>>
>>>>> About the example I only can say "Great work".
>>>>
>>>> Thanks, that's music to my ears.
>>>>
>>>>> I was able to run it on
>>>>> hardware. Some little details that could help people:
>>>>>
>>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>>> resulting
>>>>>> image is located in 'var/run/tz_vmm/uImage'
>>>>>
>>>>> The resulting image is on elf, if you want to run it with uboot you
>>>>> should create a valid uImage using mkimage tool.
>>>>>
>>>>
>>>> If you add a '--target uboot' to the RUN_OPT environment variable,
>>>> the
>>>> uImage is built automatically. Just add the following to your
>>>> 'etc/build.conf' (I've missed that in the previous mail):
>>>>
>>>> RUN_OPT = --target uboot
>>>>
>>>>> Now, I go to play!
>>>>
>>>> Good luck, and
>>>> best regards
>>>> Stefan
>>>>
>>>>>
>>>>> Best regards
>>>>> Pablo Antón.
>>>>>
>>>>>
>>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió:
>>>>>> Hi Pablo,
>>>>>>
>>>>>> On 11/26/2013 06:11 PM, panton wrote:
>>>>>>> Hello,
>>>>>>>
>>>>>>> I want to create a virtualized system with Genode in my imx53
>>>>>>> board.
>>>>>>> At
>>>>>>> the moment, I am able to run Genode on the board with base-foc and
>>>>>>> also
>>>>>>> directly on hardware (base-hw). Thus, my plan was to run a linux
>>>>>>> kernel
>>>>>>> as a child node and hopefully run it into trustzone NS. Looking
>>>>>>> into
>>>>>>> Genode code I found base-hw/include/vm_session that seems to deal
>>>>>>> with
>>>>>>> virtualization. Furthermore there is a trustzone.cc into
>>>>>>> base-hw/src/core.., but without real useful code.
>>>>>>
>>>>>> well, this depends. There are trustzone.cc files for different
>>>>>> platforms/configurations. In general, that file only contains
>>>>>> additional
>>>>>> kernel initialization routines needed. For instance, configuring
>>>>>> IRQs
>>>>>> to
>>>>>> be "secure", or "non-secure", or configure TrustZone specific
>>>>>> devices
>>>>>> that can be configured in supervisor mode only.
>>>>>> For configurations where no TrustZone is supported, or used that
>>>>>> file
>>>>>> contains an empty initialization indeed. I assume you've found that
>>>>>> file.
>>>>>>
>>>>>>>
>>>>>>> I was wondering if there are implemented virtualization
>>>>>>> capabilities
>>>>>>> using trustzone or even without trustzone?
>>>>>>
>>>>>> In fact, there is some kind of virtualization support using
>>>>>> TrustZone.
>>>>>> Although, TrustZone isn't designed to be a virtualization solution.
>>>>>> Therefore, the "guest" needs to be aware what devices it is allowed
>>>>>> to
>>>>>> use. In contrast to the CPU (including MMU, Caches, etc.), there is
>>>>>> no
>>>>>> support to virtualize physical memory (including memory mapped I/O)
>>>>>> for
>>>>>> the non-secure "guest". That means guest physical addresses are in
>>>>>> fact
>>>>>> physical addresses. Dependent on the concrete platform, it might be
>>>>>> possible to deny non-secure access to certain physical memory
>>>>>> regions,
>>>>>> like I/O memory of certain devices, and then use a trap-emulate
>>>>>> approach. But in general this approach isn't guaranteed to work.
>>>>>> Dependent on where the unit, which controls peripheral device
>>>>>> memory
>>>>>> (if
>>>>>> existent at all), is located in the bus hierarchy of the SoC, it
>>>>>> might
>>>>>> provoke asynchronous external data-aborts in the CPU core, instead
>>>>>> of
>>>>>> synchronous ones. Thereby, it is impossible to recover the state,
>>>>>> in
>>>>>> which the protection fault was raised.
>>>>>> To sum it up, the non-secure guest has to behave cooperatively, or
>>>>>> it
>>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore,
>>>>>> some
>>>>>> lightweight form of para-virtualization of the guest OS is needed.
>>>>>>
>>>>>> On ARM platforms, apart from the TrustZone "virtualization", Genode
>>>>>> includes support of L4Linux, a para-virtualized Linux for the
>>>>>> Fiasco.OC
>>>>>> kernel. ARM's virtualization extensions aren't supported yet, but
>>>>>> we'll
>>>>>> investigate it certainly.
>>>>>>
>>>>>>> If so, it would be great to
>>>>>>> have an example of how to use it.
>>>>>>
>>>>>> A working basic example is available on Genode's current staging
>>>>>> branch,
>>>>>> and will be available in Genode's upcoming release 13.11, that will
>>>>>> be
>>>>>> announced this week.
>>>>>> The example should work out of the box for ARM's Versatile Express
>>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have
>>>>>> to
>>>>>> create a build directory for 'hw_imx53'. After creating the build
>>>>>> directory, you've to adapt the 'etc/specs.conf' file, and add the
>>>>>> following SPEC variable:
>>>>>>
>>>>>> SPECS += trustzone
>>>>>>
>>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>>> resulting
>>>>>> image is located in 'var/run/tz_vmm/uImage'. The example scenario
>>>>>> starts
>>>>>> Genode's hw kernel, core, init, and the virtual machine monitor,
>>>>>> which
>>>>>> will boot Linux with a small busybox initramfs on the non-secure
>>>>>> side.
>>>>>>
>>>>>> A more sophisticated example, which runs on the i.MX53 SABRE tablet
>>>>>> only, can be found on this topic branch:
>>>>>>
>>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo
>>>>>>
>>>>>> That example include virtual touchscreen support for the non-secure
>>>>>> guest, so that you can interact with the secure Genode system, and
>>>>>> the
>>>>>> non-secure Android guest side-by-side.
>>>>>>
>>>>>>>
>>>>>>> Thanks in advance for answers!
>>>>>>
>>>>>> You're welcome.
>>>>>>
>>>>>> Best Regards
>>>>>> Stefan
>>>>>>
>>>>>>>
>>>>>>> Best regards,
>>>>>>> Pablo Anton
>>>>>>>
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Rapidly troubleshoot problems before they affect your business.
>>>>>>> Most
>>>>>>> IT
>>>>>>> organizations don't have a clear picture of how application
>>>>>>> performance
>>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>>> into
>>>>>>> your
>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>>> AppDynamics Pro!
>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>>> _______________________________________________
>>>>>>> Genode-main mailing list
>>>>>>> Genode-main at lists.sourceforge.net
>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Stefan Kalkowski
>>>>>> Genode Labs
>>>>>>
>>>>>> http://www.genode-labs.com/ · http://genode.org/
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Rapidly troubleshoot problems before they affect your business.
>>>>>> Most
>>>>>> IT
>>>>>> organizations don't have a clear picture of how application
>>>>>> performance
>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>> into
>>>>>> your
>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>> AppDynamics Pro!
>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>> _______________________________________________
>>>>>> Genode-main mailing list
>>>>>> Genode-main at lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Rapidly troubleshoot problems before they affect your business. Most
>>>>> IT
>>>>> organizations don't have a clear picture of how application
>>>>> performance
>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>> into
>>>>> your
>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>> AppDynamics Pro!
>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>> _______________________________________________
>>>>> Genode-main mailing list
>>>>> Genode-main at lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>
>>>>
>>>> --
>>>> Stefan Kalkowski
>>>> Genode Labs
>>>>
>>>> http://www.genode-labs.com/ · http://genode.org/
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Rapidly troubleshoot problems before they affect your business. Most
>>>> IT
>>>> organizations don't have a clear picture of how application
>>>> performance
>>>> affects their revenue. With AppDynamics, you get 100% visibility into
>>>> your
>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>> AppDynamics Pro!
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Genode-main mailing list
>>>> Genode-main at lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>
>>> ------------------------------------------------------------------------------
>>> Rapidly troubleshoot problems before they affect your business. Most
>>> IT
>>> organizations don't have a clear picture of how application
>>> performance
>>> affects their revenue. With AppDynamics, you get 100% visibility into
>>> your
>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>> AppDynamics Pro!
>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Genode-main mailing list
>>> Genode-main at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>
>>
>> --
>> Stefan Kalkowski
>> Genode Labs
>>
>> http://www.genode-labs.com/ · http://genode.org/
>>
>> ------------------------------------------------------------------------------
>> Rapidly troubleshoot problems before they affect your business. Most IT
>> organizations don't have a clear picture of how application performance
>> affects their revenue. With AppDynamics, you get 100% visibility into
>> your
>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>> AppDynamics Pro!
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Genode-main mailing list
>> Genode-main at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
>
> ------------------------------------------------------------------------------
> Sponsored by Intel(R) XDK
> Develop, test and display web and hybrid apps with a single code base.
> Download it for free now!
> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
> _______________________________________________
> Genode-main mailing list
> Genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
More information about the users
mailing list