i.mx53qsb and ARM Trustzone Techology

Joseph Lee leejose911 at ...9...
Thu Dec 3 08:02:54 CET 2015 

Thank you Stefan,

In VMM, the virtual address spaces of VM is starting from the base address
(_ram.base( ) ) to the size of RAM (256MB). Is that correct? my question is
how do we read the contents of physical memory of VM inside VMM/secure
world.

Thanks,

On Friday, December 12, 2014, Stefan Kalkowski <
stefan.kalkowski at ...1...> wrote:

> Hi Joseph,
>
> On 12/11/2014 02:54 AM, Joseph Lee wrote:
> > Thanks Stefan for your detailed explanation.
> >
> > Is there something similar to the |/dev/mem| and system call |mmap()
> technique to |access
> > physical memory region in guest VM RAM from VMM?
>
> In Genode there is no global view regarding physical memory like
> "/dev/mem" in Linux. Corresponding to your system's policy you can gain
> a specific amount of anonymous RAM from the system, or specific I/O
> memory regions (e.g. for device drivers) referenced by their physical
> memory address. For the TrustZone scenario we added a fixed portion of
> RAM to the I/O memory regions administered by the core process. Thereby,
> the VMM is able to request the VM's RAM via an IOMEM session during its
> startup routine. Such memory is mapped as uncached to the VMM's address
> space. The VMM has to copy over at least the kernel to the VM's RAM
> before starting the non-secure guest OS.
>
> To sum it up, you don't need to care about gaining the VM's physical
> memory nor about mapping it, as it is already present in the VMM's
> address space. But if you want to read/write from/to it, you have to
> assure that the guest OS will either not cache the memory region used
> for hypervisor communication, or the guest OS has to flush the related
> cache lines whenever it wrote to it, or invalidates them before reading it.
>
> Regards
> Stefan
>
> >
> > Thanks in advance for answers
> >
> > Kind regards,
> >
> > Joseph
> >
> >
> > On Mon, Nov 17, 2014 at 8:03 AM, Stefan Kalkowski
> > <stefan.kalkowski at ...1... <javascript:;>
> > <mailto:stefan.kalkowski at ...1... <javascript:;>>> wrote:
> >
> >     Hello Joseph,
> >
> >     On 11/17/2014 04:04 AM, Joseph Lee wrote:
> >     > Hi
> >     >
> >     > From the article in this link
> >     > http://genode.org/documentation/articles/trustzone , I understood
> that
> >     > the DDR RAM in i.mx53 QSB is partitioned off between normal world
> and
> >     > secure world. I just want to read a file in the normal world from
> >     > application running in the secure side. Is there any possibility
> >     to get
> >     > access to any file in normal world from the secure world? thanks
> for
> >     > your help in advance.
> >     >
> >
> >     If you want to access files in the "secure world", you first need
> some
> >     interface in between, which is not existent right now, at least not
> for
> >     file access. When designing such an interface, e.g. by adding a
> special
> >     file system driver in Linux that communicates via hypercalls with the
> >     "secure world", you can of course define a dedicated memory area of
> the
> >     "normal world" to be used to transfer payload.
> >
> >     Although the DDR RAM is partitioned between both worlds that doesn't
> >     mean the "secure world" can't access memory of the "normal world". It
> >     only means that the memory assigned to the "secure world" can be
> >     accessed exclusively by it, and not by the "normal world".
> >
> >     Nevertheless, caution is advised when using shared memory in between
> >     both worlds, as long as the memory might land in the cache of either
> of
> >     both worlds. The cache is TrustZone aware, and tags all cache lines
> to
> >     be secure, or non-secure, thereby effectively partitioning the cache.
> >     So if you use shared memory in between "secure" and "normal world" it
> >     needs to be either marked as uncached, or you need to clean the
> >     corresponding cache-lines after writing data to shared memory
> >     respectively invalidate cache-lines before reading data from shared
> >     memory.
> >
> >     I hope this clarifies your question?
> >
> >     Regards
> >     Stefan
> >
> >     > Regards,
> >     > Joseph
> >     >
> >     >
> >     >
> >
>  ------------------------------------------------------------------------------
> >     > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> >     > from Actuate! Instantly Supercharge Your Business Reports and
> >     Dashboards
> >     > with Interactivity, Sharing, Native Excel Exports, App Integration
> >     & more
> >     > Get technology previously reserved for billion-dollar
> >     corporations, FREE
> >     >
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
> >     >
> >     >
> >     >
> >     > _______________________________________________
> >     > genode-main mailing list
> >     > genode-main at lists.sourceforge.net <javascript:;>
> >     <mailto:genode-main at lists.sourceforge.net <javascript:;>>
> >     > https://lists.sourceforge.net/lists/listinfo/genode-main
> >     >
> >
> >     --
> >     Stefan Kalkowski
> >     Genode Labs
> >
> >     http://www.genode-labs.com/ · http://genode.org/
> >
> >
>  ------------------------------------------------------------------------------
> >     Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> >     from Actuate! Instantly Supercharge Your Business Reports and
> Dashboards
> >     with Interactivity, Sharing, Native Excel Exports, App Integration &
> >     more
> >     Get technology previously reserved for billion-dollar corporations,
> FREE
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
> >     _______________________________________________
> >     genode-main mailing list
> >     genode-main at lists.sourceforge.net <javascript:;>
> >     <mailto:genode-main at lists.sourceforge.net <javascript:;>>
> >     https://lists.sourceforge.net/lists/listinfo/genode-main
> >
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> > from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> > with Interactivity, Sharing, Native Excel Exports, App Integration & more
> > Get technology previously reserved for billion-dollar corporations, FREE
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net <javascript:;>
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ · http://genode.org/
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net <javascript:;>
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20151203/c3a9cf4c/attachment.html>

More information about the users mailing list