tz_vmm : VM access a address which isn't allowed

Stefan Kalkowski stefan.kalkowski at ...1...
Tue Dec 16 11:11:45 CET 2014


On 12/16/2014 10:27 AM, chirag garg wrote:
> 
> 
> Hi Stefan,
> 
> On Tue, Dec 16, 2014 at 2:36 PM, Stefan Kalkowski
> <stefan.kalkowski at ...1...
> <mailto:stefan.kalkowski at ...1...>> wrote:
> 
>     Hi,
> 
>     On 12/16/2014 08:39 AM, chirag garg wrote:
>     > Hi all,
>     >
>     > I am trying to run *tz_vmm* script on the *imx6 platform*. In which I
>     > have tried to put Genode (without trustzone) OS image instead of linux
>     > image as a guest OS which is configured according to normal world. we
>     > changed the CSU also according to imx6 security manual. So now we are
>     > getting the following error :
>     >
>     >
>     > Starting kernel ...
>     >
>     > kernel initialized
>     > Genode 14.08
>     > int main(): --- create local services ---
>     > Core virtual memory allocator
>     > ---------------------
>     > Allocator 101318e4 dump:
>     >  Block: [00001000,00002000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [00002000,00003000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [00003000,00004000) size=00001000 avail=00000000
>     max_avail=ef9c1000
>     >  Block: [00004000,00005000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [00005000,00006000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [00006000,10001000) size=0fffb000 avail=0fffb000
>     max_avail=ef9c1000
>     >  Block: [1062f000,ffff0000) size=ef9c1000 avail=ef9c1000
>     max_avail=ef9c1000
>     >  => mem_size=4288417792 (4089 MB) / mem_avail=4288397312 (4089 MB)
>     >
>     > RAM memory allocator
>     > ---------------------
>     > Allocator 10130888 dump:
>     >  Block: [10000000,10001000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [1062f000,10630000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [10630000,10631000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [10631000,10632000) size=00001000 avail=00000000
>     max_avail=1f9cd000
>     >  Block: [10632000,10633000) size=00001000 avail=00000000
>     max_avail=00000000
>     >  Block: [10633000,30000000) size=1f9cd000 avail=1f9cd000
>     max_avail=1f9cd000
>     >  => mem_size=530391040 (505 MB) / mem_avail=530370560 (505 MB)
>     >
>     > IO memory allocator
>     > -------------------
>     > Allocator 1013294c dump:
>     >  Block: [00000000,00a00000) size=00a00000 avail=00a00000
>     max_avail=00a00000
>     >  Block: [00a02000,020d0000) size=016ce000 avail=016ce000
>     max_avail=016ce000
>     >  Block: [020d4000,021c0000) size=000ec000 avail=000ec000
>     max_avail=20000000
>     >  Block: [021c1000,021e8000) size=00027000 avail=00027000
>     max_avail=00027000
>     >  Block: [021ec000,10000000) size=0de14000 avail=0de14000
>     max_avail=20000000
>     >  Block: [30000000,50000000) size=20000000 avail=20000000
>     max_avail=20000000
>     >  => mem_size=805261312 (767 MB) / mem_avail=805261312 (767 MB)
>     >
>     > IRQ allocator
>     > -------------------
>     > Allocator 101339a8 dump:
>     >  Block: [00000000,00000400) size=00000400 avail=00000400
>     max_avail=00000400
>     >  => mem_size=1024 (0 MB) / mem_avail=1024 (0 MB)
>     >
>     > int main(): --- start init ---
>     > int main(): transferred 505 MB to init
>     > int main(): --- init created, waiting for exit condition ---
>     > [init] Could not open file "ld.lib.so <http://ld.lib.so>
>     <http://ld.lib.so>"
>     > [init] parent provides
>     > [init]   service "ROM"
>     > [init]   service "RAM"
>     > [init]   service "IRQ"
>     > [init]   service "IO_MEM"
>     > [init]   service "CAP"
>     > [init]   service "PD"
>     > [init]   service "RM"
>     > [init]   service "CPU"
>     > [init]   service "LOG"
>     > [init]   service "SIGNAL"
>     > [init]   service "VM"
>     > [init] child "tz_vmm"
>     > [init]   RAM quota:  3932160
>     > [init]   ELF binary: tz_vmm
>     > [init]   priority:   0
>     > [init -> tz_vmm] Start virtual machine
>     > [init -> tz_vmm] *Vm tried to access 30008040 which isn't allowed*
>     > [init -> tz_vmm] Cpu state:
>     > [init -> tz_vmm]   Register     Virt     Phys
>     > [init -> tz_vmm] ---------------------------------
>     > [init -> tz_vmm]   r0         = 00000000 [00000000]
>     > [init -> tz_vmm]   r1         = 00000eb9 [00000000]
>     > [init -> tz_vmm]   r2         = 30000100 [00000000]
>     > [init -> tz_vmm]   r3         = 00000000 [00000000]
>     > [init -> tz_vmm]   r4         = 00000000 [00000000]
>     > [init -> tz_vmm]   r5         = 00000000 [00000000]
>     > [init -> tz_vmm]   r6         = 00000000 [00000000]
>     > [init -> tz_vmm]   r7         = 00000000 [00000000]
>     > [init -> tz_vmm]   r8         = 00000000 [00000000]
>     > [init -> tz_vmm]   r9         = 00000000 [00000000]
>     > [init -> tz_vmm]   r10        = 00000000 [00000000]
>     > [init -> tz_vmm]   r11        = 00000000 [00000000]
>     > [init -> tz_vmm]   r12        = 00000000 [00000000]
>     > [init -> tz_vmm]   sp         = 00000000 [00000000]
>     > [init -> tz_vmm]   lr         = 00000000 [00000000]
>     > [init -> tz_vmm]   ip         = 30008000 [00000000]
>     > [init -> tz_vmm]   cpsr       = 00000093
>     > [init -> tz_vmm]   sp_und     = 00000000 [00000000]
>     > [init -> tz_vmm]   lr_und     = 00000000 [00000000]
>     > [init -> tz_vmm]   spsr_und   = 00000000 [00000000]
>     > [init -> tz_vmm]   sp_svc     = 00000000 [00000000]
>     > [init -> tz_vmm]   lr_svc     = 00000000 [00000000]
>     > [init -> tz_vmm]   spsr_svc   = 00000000 [00000000]
>     > [init -> tz_vmm]   sp_abt     = 00000000 [00000000]
>     > [init -> tz_vmm]   lr_abt     = 00000000 [00000000]
>     > [init -> tz_vmm]   spsr_abt   = 00000000 [00000000]
>     > [init -> tz_vmm]   sp_irq     = 00000000 [00000000]
>     > [init -> tz_vmm]   lr_irq     = 00000000 [00000000]
>     > [init -> tz_vmm]   spsr_irq   = 00000000 [00000000]
>     > [init -> tz_vmm]   sp_fiq     = 00000000 [00000000]
>     > [init -> tz_vmm]   lr_fiq     = 00000000 [00000000]
>     > [init -> tz_vmm]   spsr_fiq   = 00000000 [00000000]
>     > [init -> tz_vmm]   ttbr0      = 112a1041
>     > [init -> tz_vmm]   ttbr1      = 93a2c043
>     > [init -> tz_vmm]   ttbrc      = 00000000
>     > [init -> tz_vmm]   dfar       = 00000000 [00000000]
>     > [init -> tz_vmm]   *exception  = data_abort*
>     > [init -> tz_vmm] *Could not handle data-abort will exit!*
>     > [init -> tz_vmm] *Destructing undissolved signal context*
>     >
>     > I divided the RAM into two portions: 0x10000000-0x30000000 for secure
>     > world and 0x30000000-0x50000000 for Normal world.
>     >
>     > After VM start, we are getting "*VM tried to access 30008040 which
>     isn't
>     > allowed"  *error. Also, tried to compile the image by changing this
>     > address to 0x10001000 in the file spec_hw_imx6.mk
>     <http://spec_hw_imx6.mk>
>     > <http://spec_hw_imx6.mk> file (for the normal world OS image). We get
>     > the same error as above but only with the memory address changed
>     in the
>     > error message.
>     > Kindly let us know the possible reasons behind getting this error.
> 
>     If you want to run Genode's hw kernel as normal world OS beside the
>     secure world version, you have to link it to the right address. For
>     doing so, use the LD_TEXT_ADDR variable in the spec file you already
>     mentioned. Nevertheless, of course you have to set the instruction
>     pointer according to the binary's entrypoint which is probably not
>     0x30008000 as long as you didn't linked the kernel to that address.
> 
> Can we choose any random address in the Non-secure RAM region to link
> the Normal OS image ?

In principle yes, as long as there is enough space in between the link
address and the end of the normal world's RAM to hold the binary. I
think 0x30001000 will be fine, but ensure that the VMM then sets te
instruction pointer to 0x30001000 too.

>  
> 
>     The next question would be: how do you load the Genode normal world
>     guest? Do you use an ELF image, a raw binary, or an u-boot image? The
>     original VMM implementation only handles a raw Linux kernel binary, no
>     ELF nor u-boot image.
> 
> I used a raw binary to load the Genode normal world guest instead of
> Linux raw binary file. Is this will work fine or we have to change other
> things to load the image ?

That's fine. When using a raw binary image the VMM just needs to copy
the binary to the right offset in memory, which should be done by the
current implementation.

> 
>     I wonder what code base do you used for implementing the VMM for your
>     example? In the mainline Genode repository there is one for i.MX53 and
>     one for Versatile Express. Although both are looking quite similar they
>     are using completely different TrustZone-aware devices of the related
>     SoCs to provide protection. When looking at your print messages it seems
>     you are using the Versatile Express code, do you?
> 
> Yes, I used Versetile Express VMM, but I modified it according imx6
> TrustZone aware devices.

Ok, I was wondering because the fault address shown in the message: "Vm
tried to access XXX which isn't allowed" originally was gained by using
the TrustZone Address Space Controller of the Versatile Express. A look
into the i.MX6 reference manual showed me that they now use that device
too. So I assume you programmed it accordingly.

Regards
Stefan

>  
> 
>     Regards
>     Stefan
> 
>     >
>     > Thanks in advance.
>     >
>     > Regards
>     >
>     > Chirag Garg
>     > IIT Madras , Rise Lab
>     >
>     >
>     >
>     ------------------------------------------------------------------------------
>     > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>     > from Actuate! Instantly Supercharge Your Business Reports and
>     Dashboards
>     > with Interactivity, Sharing, Native Excel Exports, App Integration
>     & more
>     > Get technology previously reserved for billion-dollar
>     corporations, FREE
>     >
>     http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>     >
>     >
>     >
>     > _______________________________________________
>     > genode-main mailing list
>     > genode-main at lists.sourceforge.net
>     <mailto:genode-main at lists.sourceforge.net>
>     > https://lists.sourceforge.net/lists/listinfo/genode-main
>     >
> 
>     --
>     Stefan Kalkowski
>     Genode Labs
> 
>     http://www.genode-labs.com/ · http://genode.org/
> 
>     ------------------------------------------------------------------------------
>     Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>     from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>     with Interactivity, Sharing, Native Excel Exports, App Integration &
>     more
>     Get technology previously reserved for billion-dollar corporations, FREE
>     http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>     _______________________________________________
>     genode-main mailing list
>     genode-main at lists.sourceforge.net
>     <mailto:genode-main at lists.sourceforge.net>
>     https://lists.sourceforge.net/lists/listinfo/genode-main
> 
> 
> 
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> 
> 
> 
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

-- 
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/




More information about the users mailing list