[TZ_VMM] - i.MX53 QSB

Tiago Brito tiago.de.oliveira.brito at ...368...
Tue May 31 12:52:50 CEST 2016

2016-05-31 10:35 GMT+01:00 Stefan Kalkowski <
stefan.kalkowski at ...1...>:

> Hello Tiago,

Hi Stefan, thanks for your response. It really helps!

> On 05/25/2016 04:56 PM, Tiago Brito wrote:
> > Hi, I have an i.MX53 QSB development board and I want to experiment with
> > ARM TrustZone.
> >
> > I'm a beginner with regards to genode and kernel development in general.
> >
> > I was able to run tz_vmm on the QSB and interact with the linux which
> runs
> > in normal world. What I want to do next is a fairly simple system where
> > inside linux I can call an SMC and switch to the secure world, then
> whilst
> > in secure world print something (like "Hello From Secure World" and also
> > print some argument from the normal world) and then go back to linux.
> >
> > I have read some of the messages in the mailing list and I noticed some
> of
> > you (other mailing list subscribers) already achieved similar
> communication
> > protocols but because I'm new to genode I don't know where to start.
> Well, the very first pointer to gain more understanding of this concrete
> scenario ist to read the detailed documentation of it:
>   http://genode.org/documentation/articles/trustzone
> Most of your questions, e.g., how to build the Linux kernel?, or is it a
> modified Linux kernel? are already answered there.

I read this and I now understand the flow which makes tz_vmm work.

> >
> > I know I probably have to create a kernel module for the linux running in
> > normal world so I can call SMC from a userspace application, but I don't
> > know how to do that since I don't see where the linux is being compiled
> for
> > genode [1]. Do I have to compile another linux? How do I incorporate this
> > new linux version to work with genode?
> Actually the Linux kernel version you are using when executing the
> tz_vmm run-script already issues SMC calls that switch to the secure
> world, where the VMM handles those calls and afterwards returns to the
> normal world.

I understand this, but is there a way to make a user-level application to
trigger an SMC (with an identifier) so that the secure world, after
trapping the SMC, can do something accordingly?

What I read from other posts is that I have to change tz_vmm's Linux in
order to support this.
I think other people from this mailing list already did so by adding system
calls or kernel modules which trigger the SMC.
This way my user-level application can use this system call/kernel module
in order to manually switch to the secure world.

> >
> > Besides this I also don't know where to start modifying tz_vmm in order
> to
> > achieve my goals. I know where tz_vmm's code is but I don't know where to
> > start changing it. I have also seen some mailing list questions regarding
> > the world switch from secure world to normal world. It seems that from
> > normal to secure you should call an SMC, but from secure to normal the
> > monitor mode implementation cannot handle entries from the secure world
> and
> > thus no SMC can be called directly [2].
> The typical activity flow is:
>  * Linux kernel issues an SMC call, e.g., to tell the VMM where its
>    framebuffer is located in physical memory [1]
>  * the HW kernel of Genode receives an exception, pauses the Linux VM,
>    and delivers a signal to the related VMM [2]
>  * the VMM receives the signal that the VM got paused due to an SMC
>    call [3]
>  * the VMM informs the HW kernel that the VM should be executed again
>    after handling the call [4]
>  * next time the scheduler of the HW kernel chooses the VM, it issues a
>    world-switch to it [5]

>From tz_vmm's code I understand that both r0 and r1 registers can be used
as arguments for the SMC, which solves the identifier problem I mentioned.
This way I can change tz_vmm so that when the SMC triggered by the
user-level app is caught I can print something to the serial console.

> Regards
> Stefan

Thanks again!

Best Regards, Tiago

> [1]
> https://github.com/skalk/linux/blob/bc1707a23a9770cf080a1b87b4f553a2a39ac636/drivers/video/mxc/mxc_ipuv3_fb.c#L339
> [2]
> https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc#L52
> [3]
> https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/spec/imx53/main.cc#L95
> [4]
> https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/spec/imx53/main.cc#L119
> [5]
> https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc#L72
> >
> > Can you give my some feedback on how to achieve these things on the
> i.MX53
> > QSB?
> >
> > Thanks in advance, Tiago
> >
> > [1] - https://sourceforge.net/p/genode/mailman/message/33244107/
> > [2] - https://sourceforge.net/p/genode/mailman/message/34244066/
> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20160531/4f994ca2/attachment.html>

More information about the users mailing list