TZ support without NDA
Sebastian Sumpf
Sebastian.Sumpf at ...1...
Sun Mar 1 10:54:59 CET 2015
On 02/28/2015 02:12 PM, Madhu (Macaque Labs) wrote:
>
>
> On Sat, Feb 28, 2015 at 9:57 AM, Sebastian Sumpf
> <Sebastian.Sumpf at ...1...
> <mailto:Sebastian.Sumpf at ...1...>> wrote:
>
> On 02/28/2015 02:38 AM, Madhu (Macaque Labs) wrote:
> > Who are the ARM cpu vendors who publish their trust zone support ?
>
> > I know Freescale does, know for a fact Qualcomm does not !
> > Mediatek ?
>
> Yes, Freescale does, that is why it is currently our ARM platform of
> choice .-) Also ARM does (Versatile Express), but that is just a proof
> of concept.
>
> We are currently manufacturing an i.MX6 tablet for developers with taper
> enabled.
> We can get the OEM to sell that to other hackers but i.MX6 is not going
> to cut it.
>
> We tried working with Qualcomm but the NDA was too stringent.So we gave
> that up.
> But a local
> tablet vendor may launch a proprietary version based on Qualcomm parts.
> We have an R&D relationship with Samsung, so have asked them, let us see
> how that goes.
>
Sounds good, if you receive one, send it over :-)
>
>
> > Trying to do a virtualized android tablet distribution. Can we have
> > a genode sub project on this. I am sure, others would be interested.
>
> Sure, but that heavily depends on resources available at our side. If
> you can start or even do it, I think most of the eight people here will
> be glad to help you.
>
> I keep getting 100s of internship applications every year, so manpower
> is not the
> problem. Problem is that most interns are simply not cut out for kernel
> hacking.
I know, kernel hacking is really different and requires a lot of experience.
> Hopefully I can get a small team selected soon. But the bigger problem is
> my bandwidth. If we can decide on the approach in this forum and work
> out a concrete roadmap,
> I will try to arrange for the resources. Currently I have 2-3 Master's
> projects on Genode
> every year.
>
Okay, what are your suggestions?
>
>
> > Also attempting a port of bionic on genode. First hack is done,
> > doing so excited testing. If this works, then genode on genode
> > virtualization might suffice.
>
> Ok, if you need help, just ask here.
>
> The question here is that is it worthwhile virtualizing Linux or just
> provide bionic on Genode running on Genode.
>
I would mostly likely follow ARM's hardware virtualization route (see
Genode 15.02). Another possibility is to update L4Linux which now
already includes the Android patches. Is there any specific need for
TrustZone? Or do you require just some form of virtualization?
>
> > Using
> > Freescale currently but it is A9, so has no VT support and
> > power usage is on the higher side.
>
> We have some power management on A15, not for A9 though.
>
> > I see a couple of Samsung exynos boards on the support list,
> > I think both are a15 based cores. So does that mean we can hack
> > a galazy tab or a high end galaxy s phone to run genode ? Has to be the
> > wifi
> > or the Asian version.
>
> Maybe, we do have a pretty good documentation on Exynos 5250, but
> everything above is problematic or ends up in looking at some Linux
> source code.
>
> Maybe then we should standardize on Samsung and focus our efforts on that.
>
What is available is this:
http://www.samsung.com/global/business/semiconductor/file/product/Exynos_5_Dual_User_Manaul_Public_REV100-0.pdf
>
>
>
> > Both run Exynos. US 3g/lte variants typically run snapdragon though
> > I believe that is changing with the new s6.
> > would be nice to have a cortex a 53/57 device though.
>
> Yes, it would be. No hardware at our side.
>
> > I have also asked AMD for details on their new Carrizo processor.
> > this is a multi core x86 with a cortex ax supposedly running trustzone.
> > Wanr to try a virtualize Ubuntu on this with security modules secured
> > through tz.
>
> Let us know how this turns out!
>
>
> Will know by this week, talking to the product manager. Helps that we
> have our students
> in large volumes in every semiconductor company on the planet !
Then you are in a way better position than us, I guess :-)
>
> > Our own open source Shakti processor based on RiscV is getting its TZ
> > support
> > but it will be at least end of the year before we can release it on
> > fpga. Student code
> > takes to ensure to clean up ! Also riscv mmu slecture is not available yet.
> > The UCB rocket processor is ready but some one has to hack TZ into it.
>
> RiscV is since FOSDEM my self-declared hobby project. No progress so far
> though, but if you guys actually build an ASIC that would be awesome.
> Maybe I should start with that soon :-)
>
>
> We will be releasing basic SoCs by June, maybe earlier. I have a TZ
> controller
> getting reading but it is very buggy and I need a couple of months of
> code review
> before I can release it. But I would rather focus on our tagged ISA
> scheme which will
> provide HW level capability.
>
Is this something similar to this:
https://fosdem.org/2015/schedule/event/the_cheri_cpu ? It is based on
MIPS though. Anyway, if something happens I or we can be of any help,
let us now.
Regards,
Sebastian
--
Sebastian Sumpf
Genode Labs
http://www.genode-labs.com · http://genode.org
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
More information about the users
mailing list