trustzone and application

Stefan Kalkowski stefan.kalkowski at ...1...
Fri Sep 26 09:31:15 CEST 2014

Hi Abhay,

On 09/26/2014 04:12 AM, Abhay Amala wrote:
> Hi
> I use the tz_vmm  example and can run Genode in the secure world and Linux
> in the normal world on i.mx53 qsb in parallel. And i can also run an
> application in the secure side (on top of Genode) using the tz_vmm
> script.
> I want to run a program in the normal world(Linux) and the program should
> get access to a service or data from an application running in secure world
> (Genode).
> How can applications in different worlds interact among themselves? thank
> you in advance

You can use the 'smc' instruction to exit the "normal" world, and trap
to the secure world. This is a privileged instruction, and cannot be
used in user mode. So you need to place some helper code in the Linux
The base-hw kernel in Genode will forward the trap to the VMM
application. You can use all general purpose registers to transfer
arguments, or if this isn't enough, place it in a portion of _uncached_
memory. The cache lines are tagged as non-secure or secure, so when
using cached memory o either side you won't feel happy. In general, it
is possible to translate from virtual memory on the secure side to
physical memory on the non-secure one. However, Genode doesn't provide
that feature currently.
To answer the hypercall, the VMM places the answer within the registers,
or memory, and resumes its execution.

When you want to signal something the other way asound, from the
"secure" world to the guest VM, you can emulate an interrupt by
modifying the register set of the VM within the VMM accordingly.
For doing so, please consult the ARM v7A reference manual B1.8 about the
exception handling.

Best Regards

> regards,
> Abhay
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> _______________________________________________
> genode-main mailing list
> genode-main at

Stefan Kalkowski
Genode Labs ยท

More information about the users mailing list