tz_vmm : VM access a address which isn't allowed
Stefan Kalkowski
stefan.kalkowski at ...1...
Tue Dec 16 11:11:45 CET 2014
On 12/16/2014 10:27 AM, chirag garg wrote:
>
>
> Hi Stefan,
>
> On Tue, Dec 16, 2014 at 2:36 PM, Stefan Kalkowski
> <stefan.kalkowski at ...1...
> <mailto:stefan.kalkowski at ...1...>> wrote:
>
> Hi,
>
> On 12/16/2014 08:39 AM, chirag garg wrote:
> > Hi all,
> >
> > I am trying to run *tz_vmm* script on the *imx6 platform*. In which I
> > have tried to put Genode (without trustzone) OS image instead of linux
> > image as a guest OS which is configured according to normal world. we
> > changed the CSU also according to imx6 security manual. So now we are
> > getting the following error :
> >
> >
> > Starting kernel ...
> >
> > kernel initialized
> > Genode 14.08
> > int main(): --- create local services ---
> > Core virtual memory allocator
> > ---------------------
> > Allocator 101318e4 dump:
> > Block: [00001000,00002000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [00002000,00003000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [00003000,00004000) size=00001000 avail=00000000
> max_avail=ef9c1000
> > Block: [00004000,00005000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [00005000,00006000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [00006000,10001000) size=0fffb000 avail=0fffb000
> max_avail=ef9c1000
> > Block: [1062f000,ffff0000) size=ef9c1000 avail=ef9c1000
> max_avail=ef9c1000
> > => mem_size=4288417792 (4089 MB) / mem_avail=4288397312 (4089 MB)
> >
> > RAM memory allocator
> > ---------------------
> > Allocator 10130888 dump:
> > Block: [10000000,10001000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [1062f000,10630000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [10630000,10631000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [10631000,10632000) size=00001000 avail=00000000
> max_avail=1f9cd000
> > Block: [10632000,10633000) size=00001000 avail=00000000
> max_avail=00000000
> > Block: [10633000,30000000) size=1f9cd000 avail=1f9cd000
> max_avail=1f9cd000
> > => mem_size=530391040 (505 MB) / mem_avail=530370560 (505 MB)
> >
> > IO memory allocator
> > -------------------
> > Allocator 1013294c dump:
> > Block: [00000000,00a00000) size=00a00000 avail=00a00000
> max_avail=00a00000
> > Block: [00a02000,020d0000) size=016ce000 avail=016ce000
> max_avail=016ce000
> > Block: [020d4000,021c0000) size=000ec000 avail=000ec000
> max_avail=20000000
> > Block: [021c1000,021e8000) size=00027000 avail=00027000
> max_avail=00027000
> > Block: [021ec000,10000000) size=0de14000 avail=0de14000
> max_avail=20000000
> > Block: [30000000,50000000) size=20000000 avail=20000000
> max_avail=20000000
> > => mem_size=805261312 (767 MB) / mem_avail=805261312 (767 MB)
> >
> > IRQ allocator
> > -------------------
> > Allocator 101339a8 dump:
> > Block: [00000000,00000400) size=00000400 avail=00000400
> max_avail=00000400
> > => mem_size=1024 (0 MB) / mem_avail=1024 (0 MB)
> >
> > int main(): --- start init ---
> > int main(): transferred 505 MB to init
> > int main(): --- init created, waiting for exit condition ---
> > [init] Could not open file "ld.lib.so <http://ld.lib.so>
> <http://ld.lib.so>"
> > [init] parent provides
> > [init] service "ROM"
> > [init] service "RAM"
> > [init] service "IRQ"
> > [init] service "IO_MEM"
> > [init] service "CAP"
> > [init] service "PD"
> > [init] service "RM"
> > [init] service "CPU"
> > [init] service "LOG"
> > [init] service "SIGNAL"
> > [init] service "VM"
> > [init] child "tz_vmm"
> > [init] RAM quota: 3932160
> > [init] ELF binary: tz_vmm
> > [init] priority: 0
> > [init -> tz_vmm] Start virtual machine
> > [init -> tz_vmm] *Vm tried to access 30008040 which isn't allowed*
> > [init -> tz_vmm] Cpu state:
> > [init -> tz_vmm] Register Virt Phys
> > [init -> tz_vmm] ---------------------------------
> > [init -> tz_vmm] r0 = 00000000 [00000000]
> > [init -> tz_vmm] r1 = 00000eb9 [00000000]
> > [init -> tz_vmm] r2 = 30000100 [00000000]
> > [init -> tz_vmm] r3 = 00000000 [00000000]
> > [init -> tz_vmm] r4 = 00000000 [00000000]
> > [init -> tz_vmm] r5 = 00000000 [00000000]
> > [init -> tz_vmm] r6 = 00000000 [00000000]
> > [init -> tz_vmm] r7 = 00000000 [00000000]
> > [init -> tz_vmm] r8 = 00000000 [00000000]
> > [init -> tz_vmm] r9 = 00000000 [00000000]
> > [init -> tz_vmm] r10 = 00000000 [00000000]
> > [init -> tz_vmm] r11 = 00000000 [00000000]
> > [init -> tz_vmm] r12 = 00000000 [00000000]
> > [init -> tz_vmm] sp = 00000000 [00000000]
> > [init -> tz_vmm] lr = 00000000 [00000000]
> > [init -> tz_vmm] ip = 30008000 [00000000]
> > [init -> tz_vmm] cpsr = 00000093
> > [init -> tz_vmm] sp_und = 00000000 [00000000]
> > [init -> tz_vmm] lr_und = 00000000 [00000000]
> > [init -> tz_vmm] spsr_und = 00000000 [00000000]
> > [init -> tz_vmm] sp_svc = 00000000 [00000000]
> > [init -> tz_vmm] lr_svc = 00000000 [00000000]
> > [init -> tz_vmm] spsr_svc = 00000000 [00000000]
> > [init -> tz_vmm] sp_abt = 00000000 [00000000]
> > [init -> tz_vmm] lr_abt = 00000000 [00000000]
> > [init -> tz_vmm] spsr_abt = 00000000 [00000000]
> > [init -> tz_vmm] sp_irq = 00000000 [00000000]
> > [init -> tz_vmm] lr_irq = 00000000 [00000000]
> > [init -> tz_vmm] spsr_irq = 00000000 [00000000]
> > [init -> tz_vmm] sp_fiq = 00000000 [00000000]
> > [init -> tz_vmm] lr_fiq = 00000000 [00000000]
> > [init -> tz_vmm] spsr_fiq = 00000000 [00000000]
> > [init -> tz_vmm] ttbr0 = 112a1041
> > [init -> tz_vmm] ttbr1 = 93a2c043
> > [init -> tz_vmm] ttbrc = 00000000
> > [init -> tz_vmm] dfar = 00000000 [00000000]
> > [init -> tz_vmm] *exception = data_abort*
> > [init -> tz_vmm] *Could not handle data-abort will exit!*
> > [init -> tz_vmm] *Destructing undissolved signal context*
> >
> > I divided the RAM into two portions: 0x10000000-0x30000000 for secure
> > world and 0x30000000-0x50000000 for Normal world.
> >
> > After VM start, we are getting "*VM tried to access 30008040 which
> isn't
> > allowed" *error. Also, tried to compile the image by changing this
> > address to 0x10001000 in the file spec_hw_imx6.mk
> <http://spec_hw_imx6.mk>
> > <http://spec_hw_imx6.mk> file (for the normal world OS image). We get
> > the same error as above but only with the memory address changed
> in the
> > error message.
> > Kindly let us know the possible reasons behind getting this error.
>
> If you want to run Genode's hw kernel as normal world OS beside the
> secure world version, you have to link it to the right address. For
> doing so, use the LD_TEXT_ADDR variable in the spec file you already
> mentioned. Nevertheless, of course you have to set the instruction
> pointer according to the binary's entrypoint which is probably not
> 0x30008000 as long as you didn't linked the kernel to that address.
>
> Can we choose any random address in the Non-secure RAM region to link
> the Normal OS image ?
In principle yes, as long as there is enough space in between the link
address and the end of the normal world's RAM to hold the binary. I
think 0x30001000 will be fine, but ensure that the VMM then sets te
instruction pointer to 0x30001000 too.
>
>
> The next question would be: how do you load the Genode normal world
> guest? Do you use an ELF image, a raw binary, or an u-boot image? The
> original VMM implementation only handles a raw Linux kernel binary, no
> ELF nor u-boot image.
>
> I used a raw binary to load the Genode normal world guest instead of
> Linux raw binary file. Is this will work fine or we have to change other
> things to load the image ?
That's fine. When using a raw binary image the VMM just needs to copy
the binary to the right offset in memory, which should be done by the
current implementation.
>
> I wonder what code base do you used for implementing the VMM for your
> example? In the mainline Genode repository there is one for i.MX53 and
> one for Versatile Express. Although both are looking quite similar they
> are using completely different TrustZone-aware devices of the related
> SoCs to provide protection. When looking at your print messages it seems
> you are using the Versatile Express code, do you?
>
> Yes, I used Versetile Express VMM, but I modified it according imx6
> TrustZone aware devices.
Ok, I was wondering because the fault address shown in the message: "Vm
tried to access XXX which isn't allowed" originally was gained by using
the TrustZone Address Space Controller of the Versatile Express. A look
into the i.MX6 reference manual showed me that they now use that device
too. So I assume you programmed it accordingly.
Regards
Stefan
>
>
> Regards
> Stefan
>
> >
> > Thanks in advance.
> >
> > Regards
> >
> > Chirag Garg
> > IIT Madras , Rise Lab
> >
> >
> >
> ------------------------------------------------------------------------------
> > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> > from Actuate! Instantly Supercharge Your Business Reports and
> Dashboards
> > with Interactivity, Sharing, Native Excel Exports, App Integration
> & more
> > Get technology previously reserved for billion-dollar
> corporations, FREE
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ · http://genode.org/
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration &
> more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>
>
>
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
More information about the users
mailing list