tz_vmm : VM access a address which isn't allowed

chirag garg chiragdthinker at ...9...
Tue Dec 16 10:27:51 CET 2014 

Hi Stefan,

On Tue, Dec 16, 2014 at 2:36 PM, Stefan Kalkowski <
stefan.kalkowski at ...1...> wrote:
>
> Hi,
>
> On 12/16/2014 08:39 AM, chirag garg wrote:
> > Hi all,
> >
> > I am trying to run *tz_vmm* script on the *imx6 platform*. In which I
> > have tried to put Genode (without trustzone) OS image instead of linux
> > image as a guest OS which is configured according to normal world. we
> > changed the CSU also according to imx6 security manual. So now we are
> > getting the following error :
> >
> >
> > Starting kernel ...
> >
> > kernel initialized
> > Genode 14.08
> > int main(): --- create local services ---
> > Core virtual memory allocator
> > ---------------------
> > Allocator 101318e4 dump:
> >  Block: [00001000,00002000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [00002000,00003000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [00003000,00004000) size=00001000 avail=00000000
> max_avail=ef9c1000
> >  Block: [00004000,00005000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [00005000,00006000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [00006000,10001000) size=0fffb000 avail=0fffb000
> max_avail=ef9c1000
> >  Block: [1062f000,ffff0000) size=ef9c1000 avail=ef9c1000
> max_avail=ef9c1000
> >  => mem_size=4288417792 (4089 MB) / mem_avail=4288397312 (4089 MB)
> >
> > RAM memory allocator
> > ---------------------
> > Allocator 10130888 dump:
> >  Block: [10000000,10001000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [1062f000,10630000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [10630000,10631000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [10631000,10632000) size=00001000 avail=00000000
> max_avail=1f9cd000
> >  Block: [10632000,10633000) size=00001000 avail=00000000
> max_avail=00000000
> >  Block: [10633000,30000000) size=1f9cd000 avail=1f9cd000
> max_avail=1f9cd000
> >  => mem_size=530391040 (505 MB) / mem_avail=530370560 (505 MB)
> >
> > IO memory allocator
> > -------------------
> > Allocator 1013294c dump:
> >  Block: [00000000,00a00000) size=00a00000 avail=00a00000
> max_avail=00a00000
> >  Block: [00a02000,020d0000) size=016ce000 avail=016ce000
> max_avail=016ce000
> >  Block: [020d4000,021c0000) size=000ec000 avail=000ec000
> max_avail=20000000
> >  Block: [021c1000,021e8000) size=00027000 avail=00027000
> max_avail=00027000
> >  Block: [021ec000,10000000) size=0de14000 avail=0de14000
> max_avail=20000000
> >  Block: [30000000,50000000) size=20000000 avail=20000000
> max_avail=20000000
> >  => mem_size=805261312 (767 MB) / mem_avail=805261312 (767 MB)
> >
> > IRQ allocator
> > -------------------
> > Allocator 101339a8 dump:
> >  Block: [00000000,00000400) size=00000400 avail=00000400
> max_avail=00000400
> >  => mem_size=1024 (0 MB) / mem_avail=1024 (0 MB)
> >
> > int main(): --- start init ---
> > int main(): transferred 505 MB to init
> > int main(): --- init created, waiting for exit condition ---
> > [init] Could not open file "ld.lib.so <http://ld.lib.so>"
> > [init] parent provides
> > [init]   service "ROM"
> > [init]   service "RAM"
> > [init]   service "IRQ"
> > [init]   service "IO_MEM"
> > [init]   service "CAP"
> > [init]   service "PD"
> > [init]   service "RM"
> > [init]   service "CPU"
> > [init]   service "LOG"
> > [init]   service "SIGNAL"
> > [init]   service "VM"
> > [init] child "tz_vmm"
> > [init]   RAM quota:  3932160
> > [init]   ELF binary: tz_vmm
> > [init]   priority:   0
> > [init -> tz_vmm] Start virtual machine
> > [init -> tz_vmm] *Vm tried to access 30008040 which isn't allowed*
> > [init -> tz_vmm] Cpu state:
> > [init -> tz_vmm]   Register     Virt     Phys
> > [init -> tz_vmm] ---------------------------------
> > [init -> tz_vmm]   r0         = 00000000 [00000000]
> > [init -> tz_vmm]   r1         = 00000eb9 [00000000]
> > [init -> tz_vmm]   r2         = 30000100 [00000000]
> > [init -> tz_vmm]   r3         = 00000000 [00000000]
> > [init -> tz_vmm]   r4         = 00000000 [00000000]
> > [init -> tz_vmm]   r5         = 00000000 [00000000]
> > [init -> tz_vmm]   r6         = 00000000 [00000000]
> > [init -> tz_vmm]   r7         = 00000000 [00000000]
> > [init -> tz_vmm]   r8         = 00000000 [00000000]
> > [init -> tz_vmm]   r9         = 00000000 [00000000]
> > [init -> tz_vmm]   r10        = 00000000 [00000000]
> > [init -> tz_vmm]   r11        = 00000000 [00000000]
> > [init -> tz_vmm]   r12        = 00000000 [00000000]
> > [init -> tz_vmm]   sp         = 00000000 [00000000]
> > [init -> tz_vmm]   lr         = 00000000 [00000000]
> > [init -> tz_vmm]   ip         = 30008000 [00000000]
> > [init -> tz_vmm]   cpsr       = 00000093
> > [init -> tz_vmm]   sp_und     = 00000000 [00000000]
> > [init -> tz_vmm]   lr_und     = 00000000 [00000000]
> > [init -> tz_vmm]   spsr_und   = 00000000 [00000000]
> > [init -> tz_vmm]   sp_svc     = 00000000 [00000000]
> > [init -> tz_vmm]   lr_svc     = 00000000 [00000000]
> > [init -> tz_vmm]   spsr_svc   = 00000000 [00000000]
> > [init -> tz_vmm]   sp_abt     = 00000000 [00000000]
> > [init -> tz_vmm]   lr_abt     = 00000000 [00000000]
> > [init -> tz_vmm]   spsr_abt   = 00000000 [00000000]
> > [init -> tz_vmm]   sp_irq     = 00000000 [00000000]
> > [init -> tz_vmm]   lr_irq     = 00000000 [00000000]
> > [init -> tz_vmm]   spsr_irq   = 00000000 [00000000]
> > [init -> tz_vmm]   sp_fiq     = 00000000 [00000000]
> > [init -> tz_vmm]   lr_fiq     = 00000000 [00000000]
> > [init -> tz_vmm]   spsr_fiq   = 00000000 [00000000]
> > [init -> tz_vmm]   ttbr0      = 112a1041
> > [init -> tz_vmm]   ttbr1      = 93a2c043
> > [init -> tz_vmm]   ttbrc      = 00000000
> > [init -> tz_vmm]   dfar       = 00000000 [00000000]
> > [init -> tz_vmm]   *exception  = data_abort*
> > [init -> tz_vmm] *Could not handle data-abort will exit!*
> > [init -> tz_vmm] *Destructing undissolved signal context*
> >
> > I divided the RAM into two portions: 0x10000000-0x30000000 for secure
> > world and 0x30000000-0x50000000 for Normal world.
> >
> > After VM start, we are getting "*VM tried to access 30008040 which isn't
> > allowed"  *error. Also, tried to compile the image by changing this
> > address to 0x10001000 in the file spec_hw_imx6.mk
> > <http://spec_hw_imx6.mk> file (for the normal world OS image). We get
> > the same error as above but only with the memory address changed in the
> > error message.
> > Kindly let us know the possible reasons behind getting this error.
>
> If you want to run Genode's hw kernel as normal world OS beside the
> secure world version, you have to link it to the right address. For
> doing so, use the LD_TEXT_ADDR variable in the spec file you already
> mentioned. Nevertheless, of course you have to set the instruction
> pointer according to the binary's entrypoint which is probably not
> 0x30008000 as long as you didn't linked the kernel to that address.
>
> Can we choose any random address in the Non-secure RAM region to link the
Normal OS image ?


> The next question would be: how do you load the Genode normal world
> guest? Do you use an ELF image, a raw binary, or an u-boot image? The
> original VMM implementation only handles a raw Linux kernel binary, no
> ELF nor u-boot image.
>
> I used a raw binary to load the Genode normal world guest instead of Linux
raw binary file. Is this will work fine or we have to change other things
to load the image ?

I wonder what code base do you used for implementing the VMM for your
> example? In the mainline Genode repository there is one for i.MX53 and
> one for Versatile Express. Although both are looking quite similar they
> are using completely different TrustZone-aware devices of the related
> SoCs to provide protection. When looking at your print messages it seems
> you are using the Versatile Express code, do you?
>
> Yes, I used Versetile Express VMM, but I modified it according imx6
TrustZone aware devices.


> Regards
> Stefan
>
> >
> > Thanks in advance.
> >
> > Regards
> >
> > Chirag Garg
> > IIT Madras , Rise Lab
> >
> >
> >
> ------------------------------------------------------------------------------
> > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> > from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> > with Interactivity, Sharing, Native Excel Exports, App Integration & more
> > Get technology previously reserved for billion-dollar corporations, FREE
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ ยท http://genode.org/
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20141216/d4f40512/attachment.html>

More information about the users mailing list