[TZ_VMM] - i.MX53 QSB
stefan.kalkowski at ...1...
Tue May 31 14:18:42 CEST 2016
On 05/31/2016 12:52 PM, Tiago Brito wrote:
> 2016-05-31 10:35 GMT+01:00 Stefan Kalkowski <
> stefan.kalkowski at ...1...>:
>> Hello Tiago,
> Hi Stefan, thanks for your response. It really helps!
>> On 05/25/2016 04:56 PM, Tiago Brito wrote:
>>> Hi, I have an i.MX53 QSB development board and I want to experiment with
>>> ARM TrustZone.
>>> I'm a beginner with regards to genode and kernel development in general.
>>> I was able to run tz_vmm on the QSB and interact with the linux which
>>> in normal world. What I want to do next is a fairly simple system where
>>> inside linux I can call an SMC and switch to the secure world, then
>>> in secure world print something (like "Hello From Secure World" and also
>>> print some argument from the normal world) and then go back to linux.
>>> I have read some of the messages in the mailing list and I noticed some
>>> you (other mailing list subscribers) already achieved similar
>>> protocols but because I'm new to genode I don't know where to start.
>> Well, the very first pointer to gain more understanding of this concrete
>> scenario ist to read the detailed documentation of it:
>> Most of your questions, e.g., how to build the Linux kernel?, or is it a
>> modified Linux kernel? are already answered there.
> I read this and I now understand the flow which makes tz_vmm work.
>>> I know I probably have to create a kernel module for the linux running in
>>> normal world so I can call SMC from a userspace application, but I don't
>>> know how to do that since I don't see where the linux is being compiled
>>> genode . Do I have to compile another linux? How do I incorporate this
>>> new linux version to work with genode?
>> Actually the Linux kernel version you are using when executing the
>> tz_vmm run-script already issues SMC calls that switch to the secure
>> world, where the VMM handles those calls and afterwards returns to the
>> normal world.
> I understand this, but is there a way to make a user-level application to
> trigger an SMC (with an identifier) so that the secure world, after
> trapping the SMC, can do something accordingly?
> What I read from other posts is that I have to change tz_vmm's Linux in
> order to support this.
> I think other people from this mailing list already did so by adding system
> calls or kernel modules which trigger the SMC.
> This way my user-level application can use this system call/kernel module
> in order to manually switch to the secure world.
Incorporating an interface into the Linux kernel so that a user-land
program can communicate with a kernel subsystem is really beyond the
scope of this mailing-list. Moreover, there are plenty of resources
about such topics that can be found in the web.
Anyway, I think there are probably different approaches for this. I
would build a Linux kernel module that provides a file with a
corresponding ioctl interface. Maybe there is a more convenient way to
do so, but this is the path I would follow being in your position.
In all scenarios we built, communication to the secure world was
initiated within Linux kernel subsystems only.
>>> Besides this I also don't know where to start modifying tz_vmm in order
>>> achieve my goals. I know where tz_vmm's code is but I don't know where to
>>> start changing it. I have also seen some mailing list questions regarding
>>> the world switch from secure world to normal world. It seems that from
>>> normal to secure you should call an SMC, but from secure to normal the
>>> monitor mode implementation cannot handle entries from the secure world
>>> thus no SMC can be called directly .
>> The typical activity flow is:
>> * Linux kernel issues an SMC call, e.g., to tell the VMM where its
>> framebuffer is located in physical memory 
>> * the HW kernel of Genode receives an exception, pauses the Linux VM,
>> and delivers a signal to the related VMM 
>> * the VMM receives the signal that the VM got paused due to an SMC
>> call 
>> * the VMM informs the HW kernel that the VM should be executed again
>> after handling the call 
>> * next time the scheduler of the HW kernel chooses the VM, it issues a
>> world-switch to it 
>>From tz_vmm's code I understand that both r0 and r1 registers can be used
> as arguments for the SMC, which solves the identifier problem I mentioned.
> This way I can change tz_vmm so that when the SMC triggered by the
> user-level app is caught I can print something to the serial console.
In general you can use all general-purpose registers, as long as you
preserve them, to communicate between both worlds. What kind of protocol
you use, and how the VMM reacts to SMC is up to you.
> Thanks again!
> Best Regards, Tiago
>>> Can you give my some feedback on how to achieve these things on the
>>> Thanks in advance, Tiago
>>>  - https://sourceforge.net/p/genode/mailman/message/33244107/
>>>  - https://sourceforge.net/p/genode/mailman/message/34244066/
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
> genode-main mailing list
> genode-main at lists.sourceforge.net
http://www.genode-labs.com/ · http://genode.org/
More information about the users