Adding a Kernel Module in base-hw

Franc sylvester sylvaster.franc at ...9...
Tue Jan 20 09:00:20 CET 2015 

Hello Stefan,

yes, you are correct the ultimate Goal is to run linux and Anroid on the
top of Genode. The purpose of running Genode beside Genode is just learning
and having a good understanding in Genode with the a TrustZone ready
prototype.

Regards,
Franc

On Tue, Jan 20, 2015 at 12:58 PM, Stefan Kalkowski <
stefan.kalkowski at ...1...> wrote:

> Hello Franc
>
> On 01/19/2015 08:21 PM, Franc sylvester wrote:
> > Hello Christian,
> >
> > Thanks a lot for your reply. Essentially I want to demonstrate following
> > TrustZone scenario over the imx53 QSB board.
> >
> >>> Now, I want to switch the control from Normal world OS (Genode) back to
> >>> the Secure world OS (Genode) by triggering(running a particular script
> >>> in Normal world). So what could be the right approach to achieve this
> >>> objective ?
> >
> >>To switch to the secure world you can trigger a 'smc' assembler
> >>instruction, which will end up as a hypercall in the VMM. The 'smc'
> >>instruction needs to be executed in privileged mode (pl1 or higher).
> >>Therefore, if you want to trigger it via a script from userland, you
> >>need to create some kernel module first that executes the 'smc'
> instruction.
> >
> >>Regards
> >>Stefan
> >
> > From the above discussion as much i understood, It requires to add a
> > kernel module which will execute smc instruction and next it should
> > be triggered via a script from userland.
>
> Originally when giving above explanation, I implicitly assumed you want
> to run a Linux guest in the normal world. That's why I've talked about a
> "kernel module". If you really want to run Genode in the normal world as
> well as within the secure world, although I can't see a good reason for
> this, it is best to offer a new service for doing hypercalls within the
> core process. The core process itself can use a core-privileged syscall
> to the kernel, which triggers the actual world switch via a 'smc'
> instruction. The advantage of offering an explicit service for doing
> hypercalls is that you can use the normal policy mechanisms of Genode to
> restrict hypercall usage by userland components.
>
> Just out of curiosity, can you explain why you want to run Genode beside
> Genode in both TrustZone worlds?
>
> Best Regards
> Stefan
>
> >
> > Regards,
> > Franc
> >
> > On Mon, Jan 19, 2015 at 4:18 PM, Christian Helmuth
> > <christian.helmuth at ...1...
> > <mailto:christian.helmuth at ...1...>> wrote:
> >
> >     Hello Franc,
> >
> >     On Mon, Jan 19, 2015 at 03:34:06PM +0530, Franc sylvester wrote:
> >     > I am stuck at one point because of lack of understanding in Genode,
> >     > Actually I want to execute some assembly instruction in privileged
> >     mode in
> >     > base-hw kernel from a user script.
> >     >
> >     > So I need to know, How will I add a kernel module which will
> execute
> >     > assembly instruction and how can I call this module from the user
> >     space.
> >     >
> >     > And if there is already any such modules exist in Genode that will
> >     really
> >     > help me to understand the flow mechanism, Let me know.
> >
> >     The answer to your question heavily depends on the task you address.
> >     >From my point of view, it's better to stay away from any "general"
> >     solution to load code into the kernel resp. execute arbitrary
> >     instructions in kernel mode. At last, base-hw is a microkernel and
> >     should stay that way.
> >
> >     To give an example, we extended base-hw for USB SOF interrupt
> >     filtering for the Raspberry Pi last autumn to highly reduce the
> impact
> >     on the system load. Therefore, we implemented a special case in the
> >     interrupt handling code
> >
> >
> >
> https://github.com/genodelabs/genode/commit/58a1e42201d2ad26eb1eee398fbf792683925bd8
> >
> >     The feature does not affect the kernel integrity as it just moves one
> >     single aspect of the driver into the kernel: Filter high-frequency
> >     interrupts that do not have to be handled in user mode. The kernel
> >     interrupt handler drops all incoming interrupts of the DWC device
> >     while the incoming frame number is smaller than the frame number
> >     scheduled by the user-level device driver.
> >
> >     Could you provide us with more information about what you like to
> >     achieve? Is it really necessary to add a new system call? Would it be
> >     feasible to introduce an abstraction that solves the issue?
> >
> >     Regards
> >     --
> >     Christian Helmuth
> >     Genode Labs
> >
> >     http://www.genode-labs.com/ · http://genode.org/
> >     https://twitter.com/GenodeLabs · /ˈdʒiː.nəʊd/
> >
> >     Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
> >     Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
> >
> >
>  ------------------------------------------------------------------------------
> >     New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> >     GigeNET is offering a free month of service with a new server in
> >     Ashburn.
> >     Choose from 2 high performing configs, both with 100TB of bandwidth.
> >     Higher redundancy.Lower latency.Increased capacity.Completely
> compliant.
> >     http://p.sf.net/sfu/gigenet
> >     _______________________________________________
> >     genode-main mailing list
> >     genode-main at lists.sourceforge.net
> >     <mailto:genode-main at lists.sourceforge.net>
> >     https://lists.sourceforge.net/lists/listinfo/genode-main
> >
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> > GigeNET is offering a free month of service with a new server in Ashburn.
> > Choose from 2 high performing configs, both with 100TB of bandwidth.
> > Higher redundancy.Lower latency.Increased capacity.Completely compliant.
> > http://p.sf.net/sfu/gigenet
> >
> >
> >
> > _______________________________________________
> > genode-main mailing list
> > genode-main at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/genode-main
> >
>
> --
> Stefan Kalkowski
> Genode Labs
>
> http://www.genode-labs.com/ · http://genode.org/
>
>
> ------------------------------------------------------------------------------
> New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> GigeNET is offering a free month of service with a new server in Ashburn.
> Choose from 2 high performing configs, both with 100TB of bandwidth.
> Higher redundancy.Lower latency.Increased capacity.Completely compliant.
> http://p.sf.net/sfu/gigenet
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20150120/dcaf4580/attachment.html>

More information about the users mailing list