use sd_card driver in imx53_qsb_tz platform

Stefan Kalkowski stefan.kalkowski at genode-labs.com
Mon Nov 26 10:28:15 CET 2018


Hi,

On Sun, Nov 25, 2018 at 04:14:22PM +0800, lzSun wrote:
> Hi,Stefan
> >Surely this is the right way to go. All ingredients are already in place. Have a look at the usb_armory platform, which uses exactly the same SoC i.MX53 with a trustzone Linux using the sd-card client-wise from the Genode secure-world.
> >You need to change the sd-card device assignment in: `repos/base-hw/src/bootstrap/spec/imx53_qsb/platform_trustzone.cc`
> >The fourth parameter of the Csu object decides over the sd-card assignment. And of course you need to change the Linux kernel to use the paravirtualized block device of the trustzone VMM. 
> >Please use the Linux kernel version + adaptations from here as inspiration:  https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
> 
> 
> Thank you very much for your help. Now I am trying to modify the linux kernel according to your advice. And I have another question want for your help. Since i.mx53 quick start board have two SD card slot, which are  MicroSD card slot(mmc0) and SD card slot(mmc1) respectively.So, can I configure them to be secure or non-secure seperately?In other words, does the  CSU object in the repos/base-hw/src/bootstrap/spec/imx53_qsb/platform_trustzone.cc configure both mmc0 and mmc1 to be secure or non-secure at the same time? Because, from the system booting message, I can only find the  mmc0 which is also used for booting that is found by the SD card driver, but there's no information about mmc1. I have insert SD card to both mmc0 and mmc1 and part of the booting message are as follows:
> [init -> platform_drv] --- i.MX53 platform driver ---                           
> [init -> sd_card_drv] --- SD card driver ---                                    
> [init] child "platform_drv" announces service "Platform"                        
> [init] child "sd_card_drv" announces service "Block"                                                      
> [init -> sd_card_drv] CID: 0x3534453 0x55303447 0x80b0970d 0x4000e700           
> [init -> sd_card_drv] RCA: 0xe624                                               
> [init -> sd_card_drv] SD card detected                                          
> [init -> sd_card_drv] capacity: 3781 MiB                                        
> [init -> part_blk] Partition 1: LBA 10240 (7733248 blocks) type: 83             
> [init] child "part_blk" announces service "Block"                               
> [init -> part_blk] session opened at partition 1 for 'rump_fs -> '              
> [init -> rump_fs] Using ext2fs as file system                                   
> [init -> rump_fs] asserting rump kernel 14109 KB of RAM                         
> [init -> rump_fs] rump: /genode: file system not clean; please fsck(8)
> 
> 
> 
> I am wondering if I can config mmc0 and mmc1 to be secure and non-secure respectively.In this way, the mmc1 can be used by linux kernel directly. Thank you in advance!

Yes, this is possible. Our CSU class instantiation does not provide
this however. We use the provided boolean to configure all SDHC
controller registers to be secure or not. If you want to distinguish
in between them, please look into the CSU implementation where the
boolean value is used, and inside the Security Reference Manual of the
i.MX53 to target the corresponding registers.

Regards
Stefan

> ------------------
> Best wishes

> _______________________________________________
> Genode users mailing list
> users at lists.genode.org
> https://lists.genode.org/listinfo/users


-- 
Stefan Kalkowski
Genode labs

https://github.com.skalk | https://genode.org



More information about the users mailing list