Genode, TrustZone and Android on i.mx6
stefan.kalkowski at ...1...
Fri Jan 8 10:57:39 CET 2016
On 01/07/2016 05:01 PM, Vincent Raes wrote:
> I am currently working on a TrustZone demo using Genode in the Secure world
> and an Android OS in the Normal world on the SABRElite board.
> I've succesfully got the Genode 15.08 base-hw kernel working on the board
> but I am running in some issues with the Normal world. For this I am using
> an Android distribution customised for the SABRElite, provided by the SoC
> One major problem is that I'm unable to get any output from the Android OS
> when it is booted by Genode. When booting Android using u-boot, there is
> output as expected. This supports the idea that the used Device Tree Blob
> is correct. The command line options for the kernel are provided during its
> compilation. This seems to work since booting with u-boot gets output on
> the specified ports.
> When booting with Genode however, there is no output whatsoever. The
> location of the DTB in the memory is passed to the Normal world using the
> r2 register, which as far as I know is all that needs to be done.
> Any input on this would be much appreciated since you can probably imagine
> that debugging the Normal world kernel without output is a grueling task
Yes, I know what you mean. I'm afraid this is the fortune of a system
developer ;-). You can however check, whether you've enabled "early
printk" in your Linux kernel configuration and add "earlyprintk" to your
kernel command line.
Nevertheless, if your guest kernel stucks before the first outputs
during CPU initialization you might follow the way you already used when
incorporating 'smc' calls into the kernel code. I used the same
mechanism when doing first steps with TrustZone and "guest kernels"
running in the normal world.
> For now there exists a workaround for debugging using kernel output, thanks
> to the Secure world. The current debug procedure consists of entering the *smc
> *command in the code to check whether the Normal world reaches this portion
> of code. This has allowed me to get the kernel itself running but here I
> ran into another issue, being the L2 cache used in the SABRElite board.
> The Linux kernel tries to configure which can't really be done from the
> Normal world. It can however make calls to the Secure world to configure
> the restricted registers. Once the cache is actually enabled, Genode
> immediately stops though. I imagine this is caused by the fact that Genode
> does not expect the L2 cache to actually work.
Yeah, I also realized recently that the i.MX6 specific code, which was
contributed to Genode, does not make use of the L2 cache at all. In
contrast to the Freescale boards, on all other Cortex A9 centered ARM
platforms the external L2 cache was already enabled by firmware or
u-boot, therefore Genode's base-hw kernel did not take care.
When realizing that, I also tried to enable the L2 cache on i.MX6 using
the Wandboard. Unfortunately it is much more complex because they used a
rather old revision of Cortex A9 for their SoC with a complex
initialization routine regarding SMP and cache coherency hardware. I
finished the work yesterday:
Nevertheless, I first have to cleanup the topic branch before it will
hit the staging branch of Genode's mainline repository within the next days.
> Are there any pointers to correctly configure the L2 cache in Genode to
> keep it executing after the cache's activation? Alternatively, is it
> possible to run Android without the L2 cache and how would one best go
> about achieving this?
You can simply deactivate the L2 cache initialization within the Linux
code, and continue your development. Of course, memory access is much
much slower without the L2 cache (~ factor 10 here) and Android won't be
much useable. Nevertheless, as soon as the L2 cache enabling for i.MX6
enters the staging branch you might switch to that state..
> Best regards,
> genode-main mailing list
> genode-main at lists.sourceforge.net
http://www.genode-labs.com/ · http://genode.org/
More information about the users