Virtualization with trustzone into mx53

Stefan Kalkowski stefan.kalkowski at ...1...
Thu Nov 28 11:07:53 CET 2013


Hi Pablo,

On 11/28/2013 10:52 AM, panton wrote:
> Hi Stefan,
> 
> Thank you very much for your detailed explication. I am really lucky 
> beacause it seems you are working right now on that matter (last 
> genode/staging branch update was yesterday :)).
> 
>> well, this depends. There are trustzone.cc files for different
>> platforms/configurations. In general, that file only contains 
>> additional
>> kernel initialization routines needed. For instance, configuring IRQs 
>> to
>> be "secure", or "non-secure", or configure TrustZone specific devices
>> that can be configured in supervisor mode only.
>> For configurations where no TrustZone is supported, or used that file
>> contains an empty initialization indeed. I assume you've found that 
>> file.
> 
> Now I am able to see files on ./base-hw/src/core/imx53/trustzone.
> 
>> To sum it up, the non-secure guest has to behave cooperatively, or it
>> will fail. Trap-and-emulate doesn't work in general. Therefore, some
>> lightweight form of para-virtualization of the guest OS is needed.
> 
> So, I assume the linux image on 
> http://genode.org/files/images/imx53_qsb/linux_trustzone.bin is not a 
> normal linux image for imx53_loco but neither a L4Linux (since the 
> example is running without Fiasco.OC). Is there any repository where we 
> could take that linux code?
> 

Sure, branches including the changes for Versatile Express, and i.MX53
QSB/Tablet can be found on Github too:

  git at ...116...:skalk/linux.git

The branches are titled 'vexpress-tz', and 'imx53-tz'

> 
> About the example I only can say "Great work".

Thanks, that's music to my ears.

> I was able to run it on 
> hardware. Some little details that could help people:
> 
>> After that, do a 'make run/tz_vmm' in the build directory. The 
>> resulting
>> image is located in 'var/run/tz_vmm/uImage'
> 
> The resulting image is on elf, if you want to run it with uboot you 
> should create a valid uImage using mkimage tool.
> 

If you add a '--target uboot' to the RUN_OPT environment variable, the
uImage is built automatically. Just add the following to your
'etc/build.conf' (I've missed that in the previous mail):

  RUN_OPT = --target uboot

> Now, I go to play!

Good luck, and
best regards
Stefan

> 
> Best regards
> Pablo Antón.
> 
> 
> El 27.11.2013 22:47, Stefan Kalkowski escribió:
>> Hi Pablo,
>>
>> On 11/26/2013 06:11 PM, panton wrote:
>>> Hello,
>>>
>>> I want to create a virtualized system with Genode in my imx53 board. 
>>> At
>>> the moment, I am able to run Genode on the board with base-foc and 
>>> also
>>> directly on hardware (base-hw). Thus, my plan was to run a linux 
>>> kernel
>>> as a child node and hopefully run it into trustzone NS. Looking into
>>> Genode code I found base-hw/include/vm_session that seems to deal with
>>> virtualization. Furthermore there is a trustzone.cc into
>>> base-hw/src/core.., but without real useful code.
>>
>> well, this depends. There are trustzone.cc files for different
>> platforms/configurations. In general, that file only contains 
>> additional
>> kernel initialization routines needed. For instance, configuring IRQs 
>> to
>> be "secure", or "non-secure", or configure TrustZone specific devices
>> that can be configured in supervisor mode only.
>> For configurations where no TrustZone is supported, or used that file
>> contains an empty initialization indeed. I assume you've found that 
>> file.
>>
>>>
>>> I was wondering if there are implemented virtualization capabilities
>>> using trustzone or even without trustzone?
>>
>> In fact, there is some kind of virtualization support using TrustZone.
>> Although, TrustZone isn't designed to be a virtualization solution.
>> Therefore, the "guest" needs to be aware what devices it is allowed to
>> use. In contrast to the CPU (including MMU, Caches, etc.), there is no
>> support to virtualize physical memory (including memory mapped I/O) for
>> the non-secure "guest". That means guest physical addresses are in fact
>> physical addresses. Dependent on the concrete platform, it might be
>> possible to deny non-secure access to certain physical memory regions,
>> like I/O memory of certain devices, and then use a trap-emulate
>> approach. But in general this approach isn't guaranteed to work.
>> Dependent on where the unit, which controls peripheral device memory 
>> (if
>> existent at all), is located in the bus hierarchy of the SoC, it might
>> provoke asynchronous external data-aborts in the CPU core, instead of
>> synchronous ones. Thereby, it is impossible to recover the state, in
>> which the protection fault was raised.
>> To sum it up, the non-secure guest has to behave cooperatively, or it
>> will fail. Trap-and-emulate doesn't work in general. Therefore, some
>> lightweight form of para-virtualization of the guest OS is needed.
>>
>> On ARM platforms, apart from the TrustZone "virtualization", Genode
>> includes support of L4Linux, a para-virtualized Linux for the Fiasco.OC
>> kernel. ARM's virtualization extensions aren't supported yet, but we'll
>> investigate it certainly.
>>
>>> If so, it would be great to
>>> have an example of how to use it.
>>
>> A working basic example is available on Genode's current staging 
>> branch,
>> and will be available in Genode's upcoming release 13.11, that will be
>> announced this week.
>> The example should work out of the box for ARM's Versatile Express
>> Coretile A9x4, and Freescale's i.MX53 Quickstart board. You'll have to
>> create a build directory for 'hw_imx53'. After creating the build
>> directory, you've to adapt the 'etc/specs.conf' file, and add the
>> following SPEC variable:
>>
>>   SPECS += trustzone
>>
>> After that, do a 'make run/tz_vmm' in the build directory. The 
>> resulting
>> image is located in 'var/run/tz_vmm/uImage'. The example scenario 
>> starts
>> Genode's hw kernel, core, init, and the virtual machine monitor, which
>> will boot Linux with a small busybox initramfs on the non-secure side.
>>
>> A more sophisticated example, which runs on the i.MX53 SABRE tablet
>> only, can be found on this topic branch:
>>
>> https://github.com/skalk/genode/tree/i.MX53_tablet_demo
>>
>> That example include virtual touchscreen support for the non-secure
>> guest, so that you can interact with the secure Genode system, and the
>> non-secure Android guest side-by-side.
>>
>>>
>>> Thanks in advance for answers!
>>
>> You're welcome.
>>
>> Best Regards
>> Stefan
>>
>>>
>>> Best regards,
>>> Pablo Anton
>>>
>>> ------------------------------------------------------------------------------
>>> Rapidly troubleshoot problems before they affect your business. Most 
>>> IT
>>> organizations don't have a clear picture of how application 
>>> performance
>>> affects their revenue. With AppDynamics, you get 100% visibility into 
>>> your
>>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of 
>>> AppDynamics Pro!
>>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>>> _______________________________________________
>>> Genode-main mailing list
>>> Genode-main at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>
>>
>> --
>> Stefan Kalkowski
>> Genode Labs
>>
>> http://www.genode-labs.com/ · http://genode.org/
>>
>> ------------------------------------------------------------------------------
>> Rapidly troubleshoot problems before they affect your business. Most IT
>> organizations don't have a clear picture of how application performance
>> affects their revenue. With AppDynamics, you get 100% visibility into 
>> your
>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of 
>> AppDynamics Pro!
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Genode-main mailing list
>> Genode-main at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
> 
> ------------------------------------------------------------------------------
> Rapidly troubleshoot problems before they affect your business. Most IT 
> organizations don't have a clear picture of how application performance 
> affects their revenue. With AppDynamics, you get 100% visibility into your 
> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
> http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
> _______________________________________________
> Genode-main mailing list
> Genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

-- 
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/




More information about the users mailing list