tz_vmm demo on imx53qsb

Fri Jan 8 08:53:40 CET 2016

Hi,

On 01/05/2016 11:34 PM, Joseph Lee wrote:
> Hi Stefan,
> 
> Thanks a lot for your explanation.
> 
> when i reset the GPU to be unsecure in csu.h file, it displays the attached
> output and gets stuck again. I assume a user prompt will appear in the end
> to execute Linux commands. is that right? what does  "sh: can't access tty;
> job control turned off" error mean?

whether you will see a shell prompt on the serial line fully depends on
the initramfs and the android services that are under your control. As I
already said the original example you have adapted depends on the
display driver etc. which doesn't seem to be incorporated into your run
script.

The message "sh: can't access tty; job control turned off" point to the
fact that your initramfs starts a shell in the end (with other words the
linux boot process finished) but it isn't writing to a proper tty,
thereby it does not support e.g.: background processes or in general
"job control". Probably it does not use the right serial tty in your
initramfs. Does the /dev/ttymxc0 file exists within your initramfs, or
is it created via udev or android configuration?
What I can see from your output is, that you are still using the same
kernel command line parameters like in the automated tz_vmm run-script
version. In the old android demonstration scenario we used the following
additional parameters: "androidboot.console=ttymxc0
video=mxcdi1fb:RGB666,XGA gpu_memory=64M lpj=4997120". Although the
video and lpj parameter probably must be different when using the
Quickstart board instead of the tablet, the console parameter should be
important for android.

To be honest, I'm no expert for bootstrapping an Android system.
Although, I brought that Android example on top of Genode/TrustZone to
life, I'm not so much familiar with the internals of the Android
configuration system. So if you are dealing with problems here, it might
be valueable to look into Android porting howtos and Android system
developer forums.

Best regards
Stefan

> 
> Thanks,
> 
> On Tue, Jan 5, 2016 at 8:47 AM, Stefan Kalkowski <
> stefan.kalkowski at ...1...> wrote:
> 
>> Hi Joseph,
>>
>> On 01/05/2016 01:49 AM, Joseph Lee wrote:
>>> Hello everyone,
>>>
>>> I have built and run the current Genode version(15.11) with trustzone for
>>> hw_imx53_qsb_tz platform but i used the initramfs (initrd.gz) for Android
>>> image that are used in the demo for Sabre tablet (
>>>
>> https://github.com/skalk/genode/blob/i.MX53_tablet_demo/os/src/server/vmm/imx53/README
>> ).
>>
>> That is right, one has to distinguish between Sabre Tablet and
>> Quickstart Board on different levels including the Android images. There
>> might be more surprises when porting the existent demo to the Quickstart
>> board.
>>
>>> After some trials and errors, I have managed to get the following outputs
>>> (see attached) on the serial console and it got stuck. is this the right
>>> approach to run Android in the normal world of i.mx53 QSB?  What is
>> missing
>>> ? lvds display is connected to the board but nothing is displayed.
>>
>> When looking at the attached output I cannot see any initialization of
>> drivers (e.g.: the framebuffer driver). It looks to me as if you are
>> using the current 'tz_vmm' run-script that is used for automated testing
>> only without any graphical setup. Is that right?
>> As an alternative, you might use the run script from the tablet demo as
>> a starting point:
>>
>>
>>
>> https://raw.githubusercontent.com/skalk/genode/i.MX53_tablet_demo/os/run/vmm.run
>>
>> But again, you must brace yourself for surprises, because the run-script
>> is pretty much outdated and was created for a very specific setup on top
>> of the SABRE tablet.
>>
>> Apart from that, the output really looks good, but in the end your
>> Android VM faults when trying to access the GPU (data-abort at physical
>> address 0x30001740). That is because the GPU is set as secure within the
>> kernel device initialization (more precisely the Central Security Unit
>> initialization) in file:
>> repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
>>
>> The GPU is set as secure like the "Image Processing Unit" (framebuffer
>> device), because we enabled the DMA channel of the framebuffer driver to
>> access secure memory, as it is driven by Genode's framebuffer driver
>> that runs within the secure world. Sadly the GPU device uses the same
>> DMA channel ID, and thereby the GPU is allowed to access secure memory
>> via DMA too. Therefore, we set the GPU to be used by the secure world only.
>>
>> If you want to use the GPU within the normal world (Android) for
>> demonstration purposes only, and do not matter about DMA device attacks,
>> you can also re-set the GPU to be unsecure (search for GPU 2D and 3D in
>> the csu.h file).
>>
>> Regards
>> Stefan
>>
>>>
>>> Thanks,
>>>
>>> On Mon, Dec 28, 2015 at 4:48 AM, Joseph Lee <leejose911 at ...9...>
>> wrote:
>>>
>>>> Hi everyone,
>>>>
>>>> i am currently trying to run trustzone demo on imx53 Quick Start Board
>>>> (qsb). In which i want to run Android OS in the normal world. i followed
>>>> the instruction in this link (
>>>>
>> https://github.com/skalk/genode/blob/i.MX53_tablet_demo/os/src/server/vmm/imx53/README
>> )
>>>> and built the uImage successfully. I put the uImage on the SD card
>>>> partition (/dev/mmcblk0p1). However, when try to boot the uImage, it
>> gets
>>>> stuck after displaying the following outputs. I have attached the whole
>> log
>>>> messages. FYI, the SD card has two partitions(/dev/mmcblk0p1 and
>>>> /dev/mmcblk0p2) with ext4 format.
>>>>
>>>> mmc0: new high speed SDHC card at address 0007
>>>> mmcblk0: mmc0:0007 SD32G 28.9 GiB
>>>>  mmcblk0: p1 p2
>>>> init: cannot open '/initlogo.rle'
>>>> EXT4-fs (mmcblk0p2): mounted filesystem with ordered data mode. Opts:
>>>> (null)
>>>> EXT4-fs (mmcblk0p2): re-mounted. Opts: (null)
>>>> init: Unable to open persistent property directory /data/property
>> errno: 2
>>>> init: cannot find '/system/bin/sh', disabling 'console'
>>>> init: cannot find '/system/bin/servicemanager', disabling
>> 'servicemanager'
>>>> init: cannot find '/system/bin/vold', disabling 'vold'
>>>> init: cannot find '/system/bin/netd', disabling 'netd'
>>>> init: cannot find '/system/bin/dispd', disabling 'dispd'
>>>> init: cannot find '/system/bin/debuggerd', disabling 'debuggerd'
>>>> init: cannot find '/system/bin/app_process', disabling 'zygote'
>>>> init: cannot find '/system/bin/mediaserver', disabling 'media'
>>>> init: cannot find '/system/bin/dbus-daemon', disabling 'dbus'
>>>> init: cannot find '/system/bin/installd', disabling 'installd'
>>>> init: cannot find '/system/etc/install-recovery.sh', disabling
>>>> 'flash_recovery'
>>>> init: cannot find '/system/bin/keystore', disabling 'keystore'
>>>> init: cannot find '/system/bin/rild', disabling 'ril-daemon'
>>>> init: cannot find '/system/bin/magd', disabling 'magd'
>>>> init: cannot find '/system/bin/wlan_tool', disabling 'wlan_tool'
>>>>
>>>> could you please let me know what is missing?
>>>>
>>>> thank you!
>>>>
>>>
>>>
>>>
>>>
>> ------------------------------------------------------------------------------
>>>
>>>
>>>
>>> _______________________________________________
>>> genode-main mailing list
>>> genode-main at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>>
>>
>> --
>> Stefan Kalkowski
>> Genode Labs
>>
>> http://www.genode-labs.com/ · http://genode.org/
>>
>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> genode-main mailing list
>> genode-main at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>
> 
> 
> 
> ------------------------------------------------------------------------------
> 
> 
> 
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

-- 
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/