bare-hw trustzone on the Freescale i.MX 6 Sabre SD board
Stefan Kalkowski
stefan.kalkowski at ...1...
Thu Jan 8 11:47:46 CET 2015
Hi,
On 01/07/2015 03:54 PM, Mahdi Aichouch wrote:
> Hello,
>
> First, thank you very much Chirag and Stefan for your answers.
>
> I tried to debug my simple kernel on the i.MX6 through the DS5 JTAG
> debugger.
> Prior to running the kernel using the debugger, the imx6 board is
> configured to run u-boot from an SD
> card and after the initialization u-boot holds and waits to execute the
> kernel code.
>
> As we can see in the debug messages below, I was able to do a step by
> step walk through
> the source code from the assembler to the C code.
> It seems that it is working...
>
> Also I tested this kernel on the Qemu Realview Baseboard Platform
> explorer for cortex-a9 and it worked.
>
> I also created a repository in which I added the sources of the simple
> kernel.
> https://github.com/macdi/simple-arm-kernel
>
> />a complete run-script that shows above results./
> /
> /
> In my test case I used the command $>make run/vmm to run the bare-hw and
> vmm.
> I attached the generated file boot_modules.s. Is this the run script you
> request or another one?
> Could you please tell where to look for it?
>
Ok, I see, thanks for providing the source of your simple kernel.
With a complete run-script I meant a script that builds everything
needed to execute your failing scenario. You already used such a script
under the hood when doing "make run/vmm". Whenever you trigger "make
run/XXX" the build system of Genode searches for a XXX.run script in the
"repos/*/run/" directories of the enabled repositories.
A run-script is a small TCL script that is used by Genode's "run" tool.
It defines what needs to be build, it defines the configuration of the
system, and everything else that needs to be done to prepare e.g. a
system image that can be loaded via u-boot. It very much simplifies
communication between us developers, because if I've a problem I want
another developer to look at, I use a run-script that exactly reproduces
the issue and the other developer just needs to execute the script to
look at. For more information about the run tool, please have a look at:
http://genode.org/documentation/developer-resources/build_system#Automated_integration_and_testing
Given your above explanations I assume you are using some vmm.run script
you are not aware of. But the current Genode repository doesn't has a
vmm.run script, only a tz_vmm.run script. So I assume you need some
older Genode sources as base.
The even more interesting part for me is not only the run script, but
all modifications you did to the VMM as well as the base platform to
enable your scenario on i.MX6. Therefore I've asked for the branch you
are using to compile your scenario. As a precaution, I reminded you to
include the run-script you are using into that branch.
> />When looking at your disassemly I'm wondering why your kernel is linked
>>to 0x70000000 whereby it is loaded to 0x20000100?
> /
> /
> /
> Could you please tell me how did you figure out that it is linked to the
> address 0x70000000?
I just looked at the disassembly output you attached to your first mail.
There the addresses are starting at 0x70000000 in contrast to the
sources you provided in your last mail.
> /
> /
> />And is it really loaded to 0x20000100 where the IP points to?//
> /
> /
> /
> Is it possible to tell me how to verify that it is loaded to the
> address 0x20000100?
You have to look and respectively instrument the code of the virtual
machine monitor (VMM), which normally is defined at
"os/src/server/tz_vmm" (probably "os/src/server/vmm" in your older branch).
All parameters like: the position of the normal world's RAM used by the
guest OS is hardcoded within the VMM. So you need to adapt the VMM
according to the needs of your scenario.
I hope that helps a bit.
Regards
Stefan
>
> Thanks very much in advance.
>
> Best regards,
>
> Mahdi
>
> Loaded section .text: S:0x20000100 ~ S:0x2000026F (size 0x170)
> Loaded section .rodata: S:0x20000270 ~ S:0x2000028F (size 0x20)
> Entry point S:0x20000100
> cd "/home/aichouch/DS-5-Workspace-examples"
> Working directory "/home/aichouch/DS-5-Workspace-examples"
> directory "/home/aichouch/dev/bare_metal_arm"
> Source directories searched:
> /home/aichouch/dev/bare_metal_arm:$cdir:$cwd:$idir
> set debug-from main
> start
> Starting target with image
> /home/aichouch/dev/bare_metal/simple-arm-kernel/kernel.elf
> Running from entry point
> WARNING(CMD399-COR168):
> ! Failed to start the target
> ! No function named "main" could be found
> WARNING(CMD407): Trying the entry point instead
> wait
> Execution stopped at: S:0x20000100
> In kernel.elf (no debug info)
> S:0x20000100 LDR sp,[pc,#4] ; [0x2000010C] = 0x20001290
> wait
> next
> Execution stopped at: S:0x20000104
> S:0x20000104 BL _init ; 0x20000258
> wait
> step
> Execution stopped at: S:0x20000258
> In kernel.c
> S:0x20000258 16,0 {
> wait
> next
> Execution stopped at: S:0x20000260
> S:0x20000260 17,0 print_uart0("bare metal: Hello world!\n");
> wait
> next
> Execution stopped at: S:0x2000026C
> S:0x2000026C 19,0 while(1);
> wait
> next
> Execution stopped at: S:0x2000026C
> S:0x2000026C 19,0 while(1);
> wait
> next
> Execution stopped at: S:0x2000026C
> S:0x2000026C 19,0 while(1);
> wait
> continue
> interrupt
> Execution stopped at: S:0x2000026C
> S:0x2000026C 19,0 while(1);
> wait
> continue
> interrupt
> Execution stopped at: S:0x2000026C
> S:0x2000026C 19,0 while(1);
>
>
> On Wed, Jan 7, 2015 at 10:35 AM, Stefan Kalkowski
> <stefan.kalkowski at ...1...
> <mailto:stefan.kalkowski at ...1...>> wrote:
>
> Hi,
>
> On 01/06/2015 02:24 PM, Mahdi Aichouch wrote:
> > Hello,
> >
> > I am trying to port the bare-hw trustzone to the Freescale i.MX 6
> > quad-core Sabre SD board.
> >
> > I started from the source code given in this
> > repository: https://github.com/decaprox/genode
> >
> > I adapted the TSC-380 driver from the versatile express version as a
> > TZASC to the i.MX-6 board.
> >
> > At this moment, I just configure the existing TSC-380 with the right
> > base address, but I did not yet configured it to secure any memory region.
> >
> > Also, I did not yet used the CSU that was implemented for the i.MX53 to
> > secure any device.
> >
> > I partitioned the the memory space into two parts:
> >
> > 0x1000 0000 - 0x2000 0000 : as a secure memory space
> > 0x2000 0000 - 0x4000 0000 : as a non secure memory space
> >
> > I implemented a small kernel in order to test the implementation.
>
> I like your approach to start with a minimal kernel so that you really
> know what shall be going on. However, did you tested your small kernel
> without Genode by directly loading it via u-boot?
>
> >
> > My simple kernel is just an assembly code that call C function, that
> > prints a message on
> > the serial port.
> >
> > I get an error after running the run/vmm test case.
> > Here are the debug messages that I get
> >
> > void Kernel::trustzone_initialization(Kernel::Pic*): --- IMX6
> trustzone
> > INIT ---
> > Core memory allocator
> > ---------------------
> > Allocator 102d46c0 dump:
> > Block: [10000000,1000001c) size=0000001c avail=00000000
> max_avail=00000000
> > Block: [1000001c,10000038) size=0000001c avail=00000000
> max_avail=00000000
> > Block: [10000038,10000054) size=0000001c avail=00000000
> max_avail=1fd28000
> > Block: [10000054,10000070) size=0000001c avail=00000000
> max_avail=00000000
> > Block: [10000070,1000008c) size=0000001c avail=00000000
> max_avail=00000000
> > Block: [1000008c,10001000) size=00000f74 avail=00000f74
> max_avail=1fd28000
> > Block: [102d8000,30000000) size=1fd28000 avail=1fd28000
> max_avail=1fd28000
> > => mem_size=533893120 (509 MB) / mem_avail=533892980 (509 MB)
> >
> > IO memory allocator
> > -------------------
> > Allocator 102d4b1c dump:
> > Block: [00000000,02020000) size=02020000 avail=02020000
> max_avail=02020000
> > Block: [02024000,020d0000) size=000ac000 avail=000ac000
> max_avail=0df2c000
> > Block: [020d4000,10000000) size=0df2c000 avail=0df2c000
> max_avail=0df2c000
> > Block: [100ec000,100f0000) size=00004000 avail=00004000
> max_avail=20000000
> > Block: [20000000,40000000) size=20000000 avail=20000000
> max_avail=20000000
> > => mem_size=805289984 (767 MB) / mem_avail=805289984 (767 MB)
> >
> > IRQ allocator
> > -------------------
> > Allocator 102d53d4 dump:
> > Block: [00000000,0000003a) size=0000003a avail=0000003a
> max_avail=0000003a
> > Block: [0000003b,00000058) size=0000001d avail=0000001d
> max_avail=000003a7
> > Block: [00000059,00000400) size=000003a7 avail=000003a7
> max_avail=000003a7
> > => mem_size=1022 (0 MB) / mem_avail=1022 (0 MB)
> >
> > ROM filesystem
> > --------------
> > Rom_fs 102d5814 dump:
> > Rom: [100a5000,100a5358) linux
> > Rom: [1004f000,1007fedc) init
> > Rom: [100a7000,100a71ef) config
> > Rom: [100a6000,100a601f) initrd.gz
> > Rom: [10080000,100a409c) vmm
> >
> > int main(): --- create local services ---
> > int main(): --- start init ---
> > int main(): transferred 508 MB to init
> > int main(): --- init created, waiting for exit condition ---
> > [init] Could not open file "ld.lib.so <http://ld.lib.so>
> <http://ld.lib.so>"
> > [init] parent provides
> > [init] service "ROM"
> > [init] service "RAM"
> > [init] service "IRQ"
> > [init] service "IO_MEM"
> > [init] service "CAP"
> > [init] service "PD"
> > [init] service "RM"
> > [init] service "CPU"
> > [init] service "LOG"
> > [init] service "SIGNAL"
> > [init] service "VM"
> > [init] child "vmm"
> > [init] RAM quota: 3932160
> > [init] ELF binary: vmm
> > [init] priority: 0
> > [init -> vmm] Start virtual machine
> > [init -> vmm] Curious exception occurred
> > [init -> vmm] Cpu state:
> > [init -> vmm] r0 = 00000000
> > [init -> vmm] r1 = 000008e0
> > [init -> vmm] r2 = 20000100
> > [init -> vmm] r3 = 00000000
> > [init -> vmm] r4 = 00000000
> > [init -> vmm] r5 = 00000000
> > [init -> vmm] r6 = 00000000
> > [init -> vmm] r7 = 00000000
> > [init -> vmm] r8 = 00000000
> > [init -> vmm] r9 = 00000000
> > [init -> vmm] r10 = 00000000
> > [init -> vmm] r11 = 00000000
> > [init -> vmm] r12 = 00000000
> > [init -> vmm] sp = 00000000
> > [init -> vmm] lr = 00000000
> > [init -> vmm] ip = 20000100
> > [init -> vmm] cpsr = 00000093
> > [init -> vmm] sp_und = 00000000
> > [init -> vmm] lr_und = 00000000
> > [init -> vmm] spsr_und = 00000000
> > [init -> vmm] sp_svc = 00000000
> > [init -> vmm] lr_svc = 00000000
> > [init -> vmm] spsr_svc = 00000000
> > [init -> vmm] sp_abt = 00000000
> > [init -> vmm] lr_abt = 00000000
> > [init -> vmm] spsr_abt = 00000000
> > [init -> vmm] sp_irq = 00000000
> > [init -> vmm] lr_irq = 00000000
> > [init -> vmm] spsr_irq = 00000000
> > [init -> vmm] sp_fiq = 00000000
> > [init -> vmm] lr_fiq = 00000000
> > [init -> vmm] spsr_fiq = 00000000
> > [init -> vmm] exception = reset
> > virtual void
> >
> Genode::Signal_session_component::free_context(Genode::Signal_context_capability):
> > Not implemented
> >
> > Note:
> > The file linux and initrd.gz showed here are not real. I named my
> simple
> > kernel as linux, and the initrd.gz file is an empty file.
> >
> > The VMM version I am using loads an elf binary kernel.
> >
> > I attached the assembly file of my simple kernel. From the dump of the
> > CPU state, we can see that the IP register shows the first instruction
> > of the kernel, which apparently generates an exception.
> >
> > Could someone tell me how to track down the source of the error
> and help
> > me to debug it.
>
> When looking at your disassemly I'm wondering why your kernel is linked
> to 0x70000000 whereby it is loaded to 0x20000100? And is it really
> loaded to 0x20000100 where the IP points to? To be able to reproduce
> your results and possibly help you, it would be fine if you provide a
> branch, which contains your simple kernel and a complete run-script that
> shows above results.
>
> BTW. I don't think the CSU is a problem at this stage. It comes into
> play when firstly touching a peripheral (e.g.: the UART). Whereby I
> don't know how it behaves in reset state on i.MX6, whether it grants or
> denies access for the non-secure world by default.
>
> Regards
> Stefan
>
> >
> > Thanks very much in advance.
> >
> > Kind regards,
> > Mahdi
> >
> >
> >
> > ------------------------------------------------------------------------------
> > Dive into the World of Parallel Programming! The Go Parallel Website,
> > sponsored by Intel and developed in partnership with Slashdot Media, is your
> > hub for all things parallel software development, from weekly thought
> > leadership blogs to news, videos, case studies, tutorials and more. Take a
> > look and join the conversation now. http://goparallel.sourceforge.net
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ · http://genode.org/
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming! The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media,
> is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more.
> Take a
> look and join the conversation now. http://goparallel.sourceforge.net
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> <mailto:genode-main at lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
>
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming! The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net
>
>
>
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
More information about the users
mailing list