Virtualization with trustzone into mx53

panton panton at ...215...
Tue Dec 10 15:19:58 CET 2013


Hi Stefan,

Thanks to your explanation and a trial and error process It works 
perfectly. I was having some problems with virtual and physical 
addresses.

Thanks again.

Regards
Pablo.



El 10.12.2013 11:49, Stefan Kalkowski escribió:
> Hi Pablo,
> 
> On 12/09/2013 04:31 PM, panton wrote:
>> Hi,
>> 
>> I am a little confused about creating a share memory between a Non
>> Secure and Secure worlds. As far as I understood, memory region should
>> be placed in Non Secure Side (Linux in tz_vmm example), when a change 
>> of
>> context is done you can send the addresses of that regions using cpu
>> registers and looking into vm_state struct. Then, from Secure side 
>> must
>> be a method to access to that region but I do not find the good way to
>> configure Genode to perform that access. Is there any example of how
>> that works?
> 
> actually, the whole main memory used by the non-secure side is 
> available
> in the virtual machine monitor of our small example. Before booting, it
> is used to put the kernel image, and initramfs into it. After that, it
> can be used to reproduce processing of the virtual machine, for 
> instance
> you might walk the page-tables of the VM to reconstruct pointers in the
> VM's registers etc.
> 
> Of course, you can use the shared main memory to transfer data between
> VMM and VM too. However, you would have to either transfer the physical
> address of the corresponding memory region via the VM's registers, or
> implement an appropriated software MMU to translate the VM's virtual
> address in the register into a physical address that can be located by
> the VMM. Luckily, there is already a simplified software MMU
> implementation within the VMM example code
> ('os/src/server/tz_vmm/include/mmu.h'). Once you've a physical address
> of the memory region laying in the main memory of the VM, you've of
> course to translate again that physical address to the position in the
> address space of the VMM. Assuming, you've put the corresponding memory
> region's address into register r3 within your para-virtualization code
> in the guest VM. Then the following procedure will give you the memory
> region within the VMM object:
> 
>   addr_t phys_addr = _vm->va_to_pa(_vm->state()->r3);
>   addr_t virt_addr = _vm->ram()->va(phys_addr);
> 
> I hope this is what you're looking for.
> 
> Regards
> Stefan
> 
>> 
>> Regards,
>> Pablo Anton.
>> 
>> El 02.12.2013 16:19, Stefan Kalkowski escribió:
>>> Hi,
>>> 
>>> On 12/02/2013 03:48 PM, panton wrote:
>>>> Hi Stefan,
>>>> 
>>>> I know this is not a question about genode but I am having troubles
>>>> compiling linux image for tz-vmm. Did you use genode toolchain?? 
>>>> Could
>>>> I
>>>> ask you the config options file you used for compiling (I was not 
>>>> able
>>>> to get it from linux image)??
>>> 
>>> I didn't used the Genode toolchain, but the Codesourcery ARM cross
>>> compiler for Linux (Sourcery G++ Lite 2009q1-203). As the Genode
>>> toolchain isn't used to compile a Linux system, it misses certain
>>> defines you need when compiling the Linux kernel.
>>> 
>>> The adapted kernel configuration file is part of the Linux fork I've
>>> mentioned in my previous mail. Here is the concrete file:
>>> 
>>> https://github.com/skalk/linux/blob/imx53-tz/arch/arm/configs/imx5_android_tz_defconfig
>>> 
>>> Regards
>>> Stefan
>>> 
>>>> 
>>>> Thanks you in advance.
>>>> 
>>>> Best regards.
>>>> Pablo Anton.
>>>> 
>>>> El 28.11.2013 11:07, Stefan Kalkowski escribió:
>>>>> Hi Pablo,
>>>>> 
>>>>> On 11/28/2013 10:52 AM, panton wrote:
>>>>>> Hi Stefan,
>>>>>> 
>>>>>> Thank you very much for your detailed explication. I am really 
>>>>>> lucky
>>>>>> beacause it seems you are working right now on that matter (last
>>>>>> genode/staging branch update was yesterday :)).
>>>>>> 
>>>>>>> well, this depends. There are trustzone.cc files for different
>>>>>>> platforms/configurations. In general, that file only contains
>>>>>>> additional
>>>>>>> kernel initialization routines needed. For instance, configuring
>>>>>>> IRQs
>>>>>>> to
>>>>>>> be "secure", or "non-secure", or configure TrustZone specific
>>>>>>> devices
>>>>>>> that can be configured in supervisor mode only.
>>>>>>> For configurations where no TrustZone is supported, or used that
>>>>>>> file
>>>>>>> contains an empty initialization indeed. I assume you've found 
>>>>>>> that
>>>>>>> file.
>>>>>> 
>>>>>> Now I am able to see files on ./base-hw/src/core/imx53/trustzone.
>>>>>> 
>>>>>>> To sum it up, the non-secure guest has to behave cooperatively, 
>>>>>>> or
>>>>>>> it
>>>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore,
>>>>>>> some
>>>>>>> lightweight form of para-virtualization of the guest OS is 
>>>>>>> needed.
>>>>>> 
>>>>>> So, I assume the linux image on
>>>>>> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is 
>>>>>> not
>>>>>> a
>>>>>> normal linux image for imx53_loco but neither a L4Linux (since the
>>>>>> example is running without Fiasco.OC). Is there any repository 
>>>>>> where
>>>>>> we
>>>>>> could take that linux code?
>>>>>> 
>>>>> 
>>>>> Sure, branches including the changes for Versatile Express, and
>>>>> i.MX53
>>>>> QSB/Tablet can be found on Github too:
>>>>> 
>>>>>   git at ...116...:skalk/linux.git
>>>>> 
>>>>> The branches are titled 'vexpress-tz', and 'imx53-tz'
>>>>> 
>>>>>> 
>>>>>> About the example I only can say "Great work".
>>>>> 
>>>>> Thanks, that's music to my ears.
>>>>> 
>>>>>> I was able to run it on
>>>>>> hardware. Some little details that could help people:
>>>>>> 
>>>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>>>> resulting
>>>>>>> image is located in 'var/run/tz_vmm/uImage'
>>>>>> 
>>>>>> The resulting image is on elf, if you want to run it with uboot 
>>>>>> you
>>>>>> should create a valid uImage using mkimage tool.
>>>>>> 
>>>>> 
>>>>> If you add a '--target uboot' to the RUN_OPT environment variable,
>>>>> the
>>>>> uImage is built automatically. Just add the following to your
>>>>> 'etc/build.conf' (I've missed that in the previous mail):
>>>>> 
>>>>>   RUN_OPT = --target uboot
>>>>> 
>>>>>> Now, I go to play!
>>>>> 
>>>>> Good luck, and
>>>>> best regards
>>>>> Stefan
>>>>> 
>>>>>> 
>>>>>> Best regards
>>>>>> Pablo Antón.
>>>>>> 
>>>>>> 
>>>>>> El 27.11.2013 22:47, Stefan Kalkowski escribió:
>>>>>>> Hi Pablo,
>>>>>>> 
>>>>>>> On 11/26/2013 06:11 PM, panton wrote:
>>>>>>>> Hello,
>>>>>>>> 
>>>>>>>> I want to create a virtualized system with Genode in my imx53
>>>>>>>> board.
>>>>>>>> At
>>>>>>>> the moment, I am able to run Genode on the board with base-foc 
>>>>>>>> and
>>>>>>>> also
>>>>>>>> directly on hardware (base-hw). Thus, my plan was to run a linux
>>>>>>>> kernel
>>>>>>>> as a child node and hopefully run it into trustzone NS. Looking
>>>>>>>> into
>>>>>>>> Genode code I found base-hw/include/vm_session that seems to 
>>>>>>>> deal
>>>>>>>> with
>>>>>>>> virtualization. Furthermore there is a trustzone.cc into
>>>>>>>> base-hw/src/core.., but without real useful code.
>>>>>>> 
>>>>>>> well, this depends. There are trustzone.cc files for different
>>>>>>> platforms/configurations. In general, that file only contains
>>>>>>> additional
>>>>>>> kernel initialization routines needed. For instance, configuring
>>>>>>> IRQs
>>>>>>> to
>>>>>>> be "secure", or "non-secure", or configure TrustZone specific
>>>>>>> devices
>>>>>>> that can be configured in supervisor mode only.
>>>>>>> For configurations where no TrustZone is supported, or used that
>>>>>>> file
>>>>>>> contains an empty initialization indeed. I assume you've found 
>>>>>>> that
>>>>>>> file.
>>>>>>> 
>>>>>>>> 
>>>>>>>> I was wondering if there are implemented virtualization
>>>>>>>> capabilities
>>>>>>>> using trustzone or even without trustzone?
>>>>>>> 
>>>>>>> In fact, there is some kind of virtualization support using
>>>>>>> TrustZone.
>>>>>>> Although, TrustZone isn't designed to be a virtualization 
>>>>>>> solution.
>>>>>>> Therefore, the "guest" needs to be aware what devices it is 
>>>>>>> allowed
>>>>>>> to
>>>>>>> use. In contrast to the CPU (including MMU, Caches, etc.), there 
>>>>>>> is
>>>>>>> no
>>>>>>> support to virtualize physical memory (including memory mapped 
>>>>>>> I/O)
>>>>>>> for
>>>>>>> the non-secure "guest". That means guest physical addresses are 
>>>>>>> in
>>>>>>> fact
>>>>>>> physical addresses. Dependent on the concrete platform, it might 
>>>>>>> be
>>>>>>> possible to deny non-secure access to certain physical memory
>>>>>>> regions,
>>>>>>> like I/O memory of certain devices, and then use a trap-emulate
>>>>>>> approach. But in general this approach isn't guaranteed to work.
>>>>>>> Dependent on where the unit, which controls peripheral device
>>>>>>> memory
>>>>>>> (if
>>>>>>> existent at all), is located in the bus hierarchy of the SoC, it
>>>>>>> might
>>>>>>> provoke asynchronous external data-aborts in the CPU core, 
>>>>>>> instead
>>>>>>> of
>>>>>>> synchronous ones. Thereby, it is impossible to recover the state,
>>>>>>> in
>>>>>>> which the protection fault was raised.
>>>>>>> To sum it up, the non-secure guest has to behave cooperatively, 
>>>>>>> or
>>>>>>> it
>>>>>>> will fail. Trap-and-emulate doesn't work in general. Therefore,
>>>>>>> some
>>>>>>> lightweight form of para-virtualization of the guest OS is 
>>>>>>> needed.
>>>>>>> 
>>>>>>> On ARM platforms, apart from the TrustZone "virtualization", 
>>>>>>> Genode
>>>>>>> includes support of L4Linux, a para-virtualized Linux for the
>>>>>>> Fiasco.OC
>>>>>>> kernel. ARM's virtualization extensions aren't supported yet, but
>>>>>>> we'll
>>>>>>> investigate it certainly.
>>>>>>> 
>>>>>>>> If so, it would be great to
>>>>>>>> have an example of how to use it.
>>>>>>> 
>>>>>>> A working basic example is available on Genode's current staging
>>>>>>> branch,
>>>>>>> and will be available in Genode's upcoming release 13.11, that 
>>>>>>> will
>>>>>>> be
>>>>>>> announced this week.
>>>>>>> The example should work out of the box for ARM's Versatile 
>>>>>>> Express
>>>>>>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll 
>>>>>>> have
>>>>>>> to
>>>>>>> create a build directory for 'hw_imx53'. After creating the build
>>>>>>> directory, you've to adapt the 'etc/specs.conf' file, and add the
>>>>>>> following SPEC variable:
>>>>>>> 
>>>>>>>   SPECS += trustzone
>>>>>>> 
>>>>>>> After that, do a 'make run/tz_vmm' in the build directory. The
>>>>>>> resulting
>>>>>>> image is located in 'var/run/tz_vmm/uImage'. The example scenario
>>>>>>> starts
>>>>>>> Genode's hw kernel, core, init, and the virtual machine monitor,
>>>>>>> which
>>>>>>> will boot Linux with a small busybox initramfs on the non-secure
>>>>>>> side.
>>>>>>> 
>>>>>>> A more sophisticated example, which runs on the i.MX53 SABRE 
>>>>>>> tablet
>>>>>>> only, can be found on this topic branch:
>>>>>>> 
>>>>>>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo
>>>>>>> 
>>>>>>> That example include virtual touchscreen support for the 
>>>>>>> non-secure
>>>>>>> guest, so that you can interact with the secure Genode system, 
>>>>>>> and
>>>>>>> the
>>>>>>> non-secure Android guest side-by-side.
>>>>>>> 
>>>>>>>> 
>>>>>>>> Thanks in advance for answers!
>>>>>>> 
>>>>>>> You're welcome.
>>>>>>> 
>>>>>>> Best Regards
>>>>>>> Stefan
>>>>>>> 
>>>>>>>> 
>>>>>>>> Best regards,
>>>>>>>> Pablo Anton
>>>>>>>> 
>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>> Rapidly troubleshoot problems before they affect your business.
>>>>>>>> Most
>>>>>>>> IT
>>>>>>>> organizations don't have a clear picture of how application
>>>>>>>> performance
>>>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>>>> into
>>>>>>>> your
>>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>>>> AppDynamics Pro!
>>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>>>> _______________________________________________
>>>>>>>> Genode-main mailing list
>>>>>>>> Genode-main at lists.sourceforge.net
>>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>>>> 
>>>>>>> 
>>>>>>> --
>>>>>>> Stefan Kalkowski
>>>>>>> Genode Labs
>>>>>>> 
>>>>>>> http://www.genode-labs.com/ · http://genode.org/
>>>>>>> 
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Rapidly troubleshoot problems before they affect your business.
>>>>>>> Most
>>>>>>> IT
>>>>>>> organizations don't have a clear picture of how application
>>>>>>> performance
>>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>>> into
>>>>>>> your
>>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>>> AppDynamics Pro!
>>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>>> _______________________________________________
>>>>>>> Genode-main mailing list
>>>>>>> Genode-main at lists.sourceforge.net
>>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>> 
>>>>>> ------------------------------------------------------------------------------
>>>>>> Rapidly troubleshoot problems before they affect your business. 
>>>>>> Most
>>>>>> IT
>>>>>> organizations don't have a clear picture of how application
>>>>>> performance
>>>>>> affects their revenue. With AppDynamics, you get 100% visibility
>>>>>> into
>>>>>> your
>>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>>> AppDynamics Pro!
>>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>>> _______________________________________________
>>>>>> Genode-main mailing list
>>>>>> Genode-main at lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>>>> 
>>>>> 
>>>>> --
>>>>> Stefan Kalkowski
>>>>> Genode Labs
>>>>> 
>>>>> http://www.genode-labs.com/ · http://genode.org/
>>>>> 
>>>>> ------------------------------------------------------------------------------
>>>>> Rapidly troubleshoot problems before they affect your business. 
>>>>> Most
>>>>> IT
>>>>> organizations don't have a clear picture of how application
>>>>> performance
>>>>> affects their revenue. With AppDynamics, you get 100% visibility 
>>>>> into
>>>>> your
>>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>>> AppDynamics Pro!
>>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>>> _______________________________________________
>>>>> Genode-main mailing list
>>>>> Genode-main at lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>> 
>>>> ------------------------------------------------------------------------------
>>>> Rapidly troubleshoot problems before they affect your business. Most
>>>> IT
>>>> organizations don't have a clear picture of how application
>>>> performance
>>>> affects their revenue. With AppDynamics, you get 100% visibility 
>>>> into
>>>> your
>>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>>> AppDynamics Pro!
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Genode-main mailing list
>>>> Genode-main at lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>> 
>>> 
>>> --
>>> Stefan Kalkowski
>>> Genode Labs
>>> 
>>> http://www.genode-labs.com/ · http://genode.org/
>>> 
>>> ------------------------------------------------------------------------------
>>> Rapidly troubleshoot problems before they affect your business. Most 
>>> IT
>>> organizations don't have a clear picture of how application 
>>> performance
>>> affects their revenue. With AppDynamics, you get 100% visibility into
>>> your
>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>>> AppDynamics Pro!
>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Genode-main mailing list
>>> Genode-main at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>> 
>> ------------------------------------------------------------------------------
>> Sponsored by Intel(R) XDK
>> Develop, test and display web and hybrid apps with a single code base.
>> Download it for free now!
>> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Genode-main mailing list
>> Genode-main at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
>> 
> 
> --
> Stefan Kalkowski
> Genode Labs
> 
> http://www.genode-labs.com/ · http://genode.org/
> 
> ------------------------------------------------------------------------------
> Sponsored by Intel(R) XDK
> Develop, test and display web and hybrid apps with a single code base.
> Download it for free now!
> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
> _______________________________________________
> Genode-main mailing list
> Genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main




More information about the users mailing list