On 12/16/2014 10:27 AM, chirag garg wrote: > > > Hi Stefan, > > On Tue, Dec 16, 2014 at 2:36 PM, Stefan Kalkowski > <[email protected] > <mailto:[email protected]>> wrote: > > Hi, > > On 12/16/2014 08:39 AM, chirag garg wrote: > > Hi all, > > > > I am trying to run *tz_vmm* script on the *imx6 platform*. In which I > > have tried to put Genode (without trustzone) OS image instead of linux > > image as a guest OS which is configured according to normal world. we > > changed the CSU also according to imx6 security manual. So now we are > > getting the following error : > > > > > > Starting kernel ... > > > > kernel initialized > > Genode 14.08 > > int main(): --- create local services --- > > Core virtual memory allocator > > --------------------- > > Allocator 101318e4 dump: > > Block: [00001000,00002000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [00002000,00003000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [00003000,00004000) size=00001000 avail=00000000 > max_avail=ef9c1000 > > Block: [00004000,00005000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [00005000,00006000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [00006000,10001000) size=0fffb000 avail=0fffb000 > max_avail=ef9c1000 > > Block: [1062f000,ffff0000) size=ef9c1000 avail=ef9c1000 > max_avail=ef9c1000 > > => mem_size=4288417792 (4089 MB) / mem_avail=4288397312 (4089 MB) > > > > RAM memory allocator > > --------------------- > > Allocator 10130888 dump: > > Block: [10000000,10001000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [1062f000,10630000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [10630000,10631000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [10631000,10632000) size=00001000 avail=00000000 > max_avail=1f9cd000 > > Block: [10632000,10633000) size=00001000 avail=00000000 > max_avail=00000000 > > Block: [10633000,30000000) size=1f9cd000 avail=1f9cd000 > max_avail=1f9cd000 > > => mem_size=530391040 (505 MB) / mem_avail=530370560 (505 MB) > > > > IO memory allocator > > ------------------- > > Allocator 1013294c dump: > > Block: [00000000,00a00000) size=00a00000 avail=00a00000 > max_avail=00a00000 > > Block: [00a02000,020d0000) size=016ce000 avail=016ce000 > max_avail=016ce000 > > Block: [020d4000,021c0000) size=000ec000 avail=000ec000 > max_avail=20000000 > > Block: [021c1000,021e8000) size=00027000 avail=00027000 > max_avail=00027000 > > Block: [021ec000,10000000) size=0de14000 avail=0de14000 > max_avail=20000000 > > Block: [30000000,50000000) size=20000000 avail=20000000 > max_avail=20000000 > > => mem_size=805261312 (767 MB) / mem_avail=805261312 (767 MB) > > > > IRQ allocator > > ------------------- > > Allocator 101339a8 dump: > > Block: [00000000,00000400) size=00000400 avail=00000400 > max_avail=00000400 > > => mem_size=1024 (0 MB) / mem_avail=1024 (0 MB) > > > > int main(): --- start init --- > > int main(): transferred 505 MB to init > > int main(): --- init created, waiting for exit condition --- > > [init] Could not open file "ld.lib.so <http://ld.lib.so> > <http://ld.lib.so>" > > [init] parent provides > > [init] service "ROM" > > [init] service "RAM" > > [init] service "IRQ" > > [init] service "IO_MEM" > > [init] service "CAP" > > [init] service "PD" > > [init] service "RM" > > [init] service "CPU" > > [init] service "LOG" > > [init] service "SIGNAL" > > [init] service "VM" > > [init] child "tz_vmm" > > [init] RAM quota: 3932160 > > [init] ELF binary: tz_vmm > > [init] priority: 0 > > [init -> tz_vmm] Start virtual machine > > [init -> tz_vmm] *Vm tried to access 30008040 which isn't allowed* > > [init -> tz_vmm] Cpu state: > > [init -> tz_vmm] Register Virt Phys > > [init -> tz_vmm] --------------------------------- > > [init -> tz_vmm] r0 = 00000000 [00000000] > > [init -> tz_vmm] r1 = 00000eb9 [00000000] > > [init -> tz_vmm] r2 = 30000100 [00000000] > > [init -> tz_vmm] r3 = 00000000 [00000000] > > [init -> tz_vmm] r4 = 00000000 [00000000] > > [init -> tz_vmm] r5 = 00000000 [00000000] > > [init -> tz_vmm] r6 = 00000000 [00000000] > > [init -> tz_vmm] r7 = 00000000 [00000000] > > [init -> tz_vmm] r8 = 00000000 [00000000] > > [init -> tz_vmm] r9 = 00000000 [00000000] > > [init -> tz_vmm] r10 = 00000000 [00000000] > > [init -> tz_vmm] r11 = 00000000 [00000000] > > [init -> tz_vmm] r12 = 00000000 [00000000] > > [init -> tz_vmm] sp = 00000000 [00000000] > > [init -> tz_vmm] lr = 00000000 [00000000] > > [init -> tz_vmm] ip = 30008000 [00000000] > > [init -> tz_vmm] cpsr = 00000093 > > [init -> tz_vmm] sp_und = 00000000 [00000000] > > [init -> tz_vmm] lr_und = 00000000 [00000000] > > [init -> tz_vmm] spsr_und = 00000000 [00000000] > > [init -> tz_vmm] sp_svc = 00000000 [00000000] > > [init -> tz_vmm] lr_svc = 00000000 [00000000] > > [init -> tz_vmm] spsr_svc = 00000000 [00000000] > > [init -> tz_vmm] sp_abt = 00000000 [00000000] > > [init -> tz_vmm] lr_abt = 00000000 [00000000] > > [init -> tz_vmm] spsr_abt = 00000000 [00000000] > > [init -> tz_vmm] sp_irq = 00000000 [00000000] > > [init -> tz_vmm] lr_irq = 00000000 [00000000] > > [init -> tz_vmm] spsr_irq = 00000000 [00000000] > > [init -> tz_vmm] sp_fiq = 00000000 [00000000] > > [init -> tz_vmm] lr_fiq = 00000000 [00000000] > > [init -> tz_vmm] spsr_fiq = 00000000 [00000000] > > [init -> tz_vmm] ttbr0 = 112a1041 > > [init -> tz_vmm] ttbr1 = 93a2c043 > > [init -> tz_vmm] ttbrc = 00000000 > > [init -> tz_vmm] dfar = 00000000 [00000000] > > [init -> tz_vmm] *exception = data_abort* > > [init -> tz_vmm] *Could not handle data-abort will exit!* > > [init -> tz_vmm] *Destructing undissolved signal context* > > > > I divided the RAM into two portions: 0x10000000-0x30000000 for secure > > world and 0x30000000-0x50000000 for Normal world. > > > > After VM start, we are getting "*VM tried to access 30008040 which > isn't > > allowed" *error. Also, tried to compile the image by changing this > > address to 0x10001000 in the file spec_hw_imx6.mk > <http://spec_hw_imx6.mk> > > <http://spec_hw_imx6.mk> file (for the normal world OS image). We get > > the same error as above but only with the memory address changed > in the > > error message. > > Kindly let us know the possible reasons behind getting this error. > > If you want to run Genode's hw kernel as normal world OS beside the > secure world version, you have to link it to the right address. For > doing so, use the LD_TEXT_ADDR variable in the spec file you already > mentioned. Nevertheless, of course you have to set the instruction > pointer according to the binary's entrypoint which is probably not > 0x30008000 as long as you didn't linked the kernel to that address. > > Can we choose any random address in the Non-secure RAM region to link > the Normal OS image ?
In principle yes, as long as there is enough space in between the link address and the end of the normal world's RAM to hold the binary. I think 0x30001000 will be fine, but ensure that the VMM then sets te instruction pointer to 0x30001000 too. > > > The next question would be: how do you load the Genode normal world > guest? Do you use an ELF image, a raw binary, or an u-boot image? The > original VMM implementation only handles a raw Linux kernel binary, no > ELF nor u-boot image. > > I used a raw binary to load the Genode normal world guest instead of > Linux raw binary file. Is this will work fine or we have to change other > things to load the image ? That's fine. When using a raw binary image the VMM just needs to copy the binary to the right offset in memory, which should be done by the current implementation. > > I wonder what code base do you used for implementing the VMM for your > example? In the mainline Genode repository there is one for i.MX53 and > one for Versatile Express. Although both are looking quite similar they > are using completely different TrustZone-aware devices of the related > SoCs to provide protection. When looking at your print messages it seems > you are using the Versatile Express code, do you? > > Yes, I used Versetile Express VMM, but I modified it according imx6 > TrustZone aware devices. Ok, I was wondering because the fault address shown in the message: "Vm tried to access XXX which isn't allowed" originally was gained by using the TrustZone Address Space Controller of the Versatile Express. A look into the i.MX6 reference manual showed me that they now use that device too. So I assume you programmed it accordingly. Regards Stefan > > > Regards > Stefan > > > > > Thanks in advance. > > > > Regards > > > > Chirag Garg > > IIT Madras , Rise Lab > > > > > > > > ------------------------------------------------------------------------------ > > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > > from Actuate! Instantly Supercharge Your Business Reports and > Dashboards > > with Interactivity, Sharing, Native Excel Exports, App Integration > & more > > Get technology previously reserved for billion-dollar > corporations, FREE > > > > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > > > > > > > > _______________________________________________ > > genode-main mailing list > > [email protected] > <mailto:[email protected]> > > https://lists.sourceforge.net/lists/listinfo/genode-main > > > > -- > Stefan Kalkowski > Genode Labs > > http://www.genode-labs.com/ · http://genode.org/ > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & > more > Get technology previously reserved for billion-dollar corporations, FREE > > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > _______________________________________________ > genode-main mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/genode-main > > > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > > > > _______________________________________________ > genode-main mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/genode-main > -- Stefan Kalkowski Genode Labs http://www.genode-labs.com/ · http://genode.org/ ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ genode-main mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/genode-main
