Re: base-hw kernel binaries

[Martin Stein]

A little addition on that:

In base-hw, in contrast to other base repositories, the kernel and Core
work together and trust each other - they even share the same virtual
address space. There's also not a clear distinction between C++ sources
of the kernel and those of the rest of Core. However, the kernel
sub-directories should contain all code that represents only kernel interna.

El 11/04/18 a las 14:17, Johannes Kliemann escribió:
> Hi all,
> 
> I'm currently measuring the code base sizes of Genode with different
> kernels. I have split this into the kernel itself and kernel-dependent
> code of Genode (core and ld.lib.so).
> This worked well for all kernels except hw where I couldn't really make
> a distinction between the kernel and core. The only additional binary is
> is called *.bootstrap and resides inside var/. Unfortunately it doesn't
> contain any references to its source code and I couldn't find any debug
> binary that does so (I need this since I measure the code size by source
> references in elf binaries via objdump).
> 
> Is there a way to build this binary with more debug information. And
> more generally how are the kernel part and core separated in hw (which
> isn't as easy as with other kernels that use a port)?

Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-hw kernel binaries

[Martin Stein]

Hi Johannes,

El 11/04/18 a las 14:17, Johannes Kliemann escribió:
> Is there a way to build this binary with more debug information. And
> more generally how are the kernel part and core separated in hw (which
> isn't as easy as with other kernels that use a port)?

In base-hw, the kernel is incorporated into Core. There is no dedicated
binary or lib. The output of

! grep "kernel/" base-hw/lib/mk

shows that the kernel code is used only by Core (the Syscall and
Bootstrap lib that also show up use only the syscall bindings). AFAIK,
the purpose of the Bootstrap binary is merely to bring up the MMU and
set everything in place to let the real kernel start. Afterwards it is
abandoned. That said, I don't think that it fits well into your
considerations.

If you still want an unstripped Bootstrap binary you may replace in file
base-hw/src/bootstrap/hw/target.mk:

! $(BOOTSTRAP_OBJ).stripped: $(BOOTSTRAP_OBJ)
!$(VERBOSE)$(STRIP) --strip-debug -o $@ $<

with:

! $(BOOTSTRAP_OBJ).stripped: $(BOOTSTRAP_OBJ)
!$(VERBOSE)cp $< $@

Do make clean and then make run/. Finally, these are the
Core and Bootstrap binaries with debug symbols:

./var/run/.core
./var/run/.bootstrap

Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-linux IRQ session

[Martin Stein]

Hi Johannes,

El 13/03/18 a las 13:36, Johannes Kliemann escribió:
> Hi all,
> 
> I'm currently implementing the IRQ session on base-linux.
> If I understood the Foundations book correctly interrupts are waiting in
> a separate thread that locks when it is waiting and continues (and calls
> the handler) once an interrupt is triggered.
> 
> According to this I have implemented a kernel module [1] that triggers
> interrupts via reads on a device file. The interrupt can be registered
> via ioctl on the file descriptor and the a blocking read is called that
> returns once the registered interrupts has been triggered.
> 
> I have looked into the implementations of base-nova and base-hw but
> didn't completely understand it. As far as I understood the session
> component implements the session and only requires the interrupt number
> and a signal handler.
> The Irq_object implements the waiting thread but I didn't see where it
> is waiting for the interrupt.
> Also as far as I could see it the actual interrupt capability stays
> inside the session in core and only the signal handler capability is
> passed to the component.
> 
> Is my understanding of this correct? And is there any further
> documentation on this?

On base-hw, the IRQ session component of Core merely assigns the IRQ to
the client and forwards the clients signal capability and ack calls to
the kernel (allow the IRQ to trigger again). The Kernel IRQ-object is
created and bound to the clients signal context as soon as the client
calls Irq_session::sigh. From this moment on, the kernel directly
communicates the IRQ to the client through the signal context without
going over Core. So to the user, the IRQ session only comes into play
when requesting/releasing the interrupt and when acknowledging it. The
handling is achieved through the Signal_handler implementation. To be
more precise, the waiting is done by the component-local signal-handler
thread which dispatches the signals to RPCs on the your entrypoint
thread. All this happens behind the interface of the Genode Component
environment and shows up to you only as calls to the handler.

This simple IRQ-session-component implementation is based on the fact
that base-hw was explicitely designed to work together with the Genode
Core/Userland. Thus, I don't know how far you can get with it on a
third-party kernel.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: 32 bit overflow in timer

[Martin Stein]

El 05/03/18 a las 15:29, Christian Helmuth escribió:
> A small remark...
> 
> On Mon, Mar 05, 2018 at 02:49:18PM +0100, Martin Stein wrote:
>> For greater timeouts you could use msleep(unsigned) (up to 49
>> days and 17 hours).
> 
> This will not work as msleep(ms) just calls usleep(1000*ms).

Oh, sorry, I wasn't aware of that.
Thanks for the clarification!

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: 32 bit overflow in timer

[Martin Stein]

An addition...

El 05/03/18 a las 14:49, Martin Stein escribió:
> I printed sizeof(unsigned) (Timer::Connection::usleep takes unsigned),
> and it says 4.

... on x86 64 ;)

Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: 32 bit overflow in timer

[Martin Stein]

Hi Johannes,

El 18/02/18 a las 12:01, Johannes Kliemann escribió:
> Hi all,
> 
> I noticed a 32 bit overflow in the Timer::Connection sleep functions and
> triggers.
> Calling usleep or trigger_once with an hour (3 600 000 000 us) works but
> calling it with two hours (7 200 000 000 us) causes something to
> overflow and stop the timer after 2 905 032 704 us which equals 7 200
> 000 000 & (2^32 - 1).
> 
> As far as I have checked this these functions use the unsigned long
> which is indeed 64 bit but I think at some point only 32 bit are used.
> 
> Is this intended behaviour?
> If so I think it would make sense to give out a warning at least.

I printed sizeof(unsigned) (Timer::Connection::usleep takes unsigned),
and it says 4. Therefore, it seems natural to me that you can't input
numbers greater than 71 minutes and 34 seconds which are approximately
2^32 us. For greater timeouts you could use msleep(unsigned) (up to 49
days and 17 hours). The best way, however, would be to use the
higher-level Timeout framework (see Timer::Periodic_timeout and
Timer::One_shot_timeout). Admittedly, we try to get rid of directly
using the Timer::Connection entirely. The new framework is safer and
adds features like scheduling one timer session among multiple timeouts.
By now, it doesn't support timeouts greater than 71 minutes and 34
seconds but it is on my TODO list to fix this soon.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory write tracing/logging of an application / Watchpoints in Genode/Fiasco.OC

[Martin Stein]

Hi Josef,

During the last weeks I was out of office which is why this answer is a
bit delayed.

El 26/02/18 a las 21:26, Josef Stark escribió:
> Hello,
> 
> I circumvented the problem of finding the correct dataspace by letting
> the pagefault handler open another ROM connection to the binary at its
> instantiation. The ELF file contains the VM address of the code section,
> which allows me to fetch the correct instruction when a pagefault
> happens.

As far as I can see a good idea for static clients. At least this spares
you the duplicated book keeping of guest attachments in your observer
component. However, with dynamic linking or JIT compilation, the
RM-inception approach might be the better choice.

> Then, I can use the instruction decoder (see Vinit @ [1]):
>> bool ldst = Instruction::load_store(instr, writes, state.format,
>>    state.reg);
>> size_t access_size = state.format == Region_map::LSB8 ? 1 :
>>    (state.format == Region_map::LSB16 ? 2 : 4);
> 
> With this information I should be able to emulate the instruction:
>> if(!writes) {
>> state.value = 0;
>> memcpy(,addr + state.addr,access_size);
>> thread_state.set_gpr(state.reg,state.value);
>> }
>> else {
>> thread_state.get_gpr(state.reg, state.value);
>> memcpy(addr + state.addr,,access_size);
>> }
> (For set_gpr() and get_gpr() see Vinit @ [2])
> 
> I have a simple sample application that for now only reads repeatedly a
> memory value and prints it:
>> unsigned n = 0x12abcdefafter LDR between 
>> while(1) {
>> log(n, " sheep");
>> timer.msleep(1000);
>> }
> 
> I let this app run normally for a few seconds and then detach the
> dataspace to see if emulation is working... it isn't.
> 
> The register write - i.e. the simulated load (memory read) instruction -
> results in weird app behavior: The app outputs "0 sheep" - wrong number
> - without pausing 1 second. If I comment out the register write, it
> outputs the same but pauses 1 second like it should.
> The instruction decoder gives the following info (pf IP is 0x1001bb0):
>> instruction: e599116c, load, LSB32, reg: 1
> Which conforms with what objdump tells me:
>> 1001bb0:   e599116c    ldr r1, [r9, #364]  ; 0x16c
> 
> Still, it doesn't work. By trial and error (going through all regs) I
> found out that writing to r9 instead of r1 (in the pf handler) gives me
> the desired behaviour: Printing the correct number and waiting 1 second.
> 
> But I have no idea why my code above doesn't work (and why r9 does). I
> know the target register number and write the value into it. Vinit also
> seems to do it like this: [3]
> Isn't this exactly what the processor would do?
> What could I be missing?

First, I would look at the assembly context at 0x1001bb0 especially what
is done with R1/R9 in the subsequent instructions. You might also play
around with explicit register assignment:

register unsigned my_var asm("r1") = n;

or inline assembler to get a better understanding what you're actually
doing wrong in the perspective of the client.

Maybe the client returns from emulation with a bad IP which you could
check by adding an assembler instruction with an observable side effect
directly behind the LDR (or using a debugger).

You could even write an inline assembler snippet that writes the whole
GPR state after the LDR to RAM when running without emulation. This way,
you can compare the GPR states of the emulation case (inside observer)
and the non-emulation case.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory write tracing/logging of an application / Watchpoints in Genode/Fiasco.OC

[Martin Stein]

Hi Josef,

El 29/01/18 a las 15:22, Stark, Josef escribió:
>> At least in the current Genode release, the 'unresolved_page_fault' flag
>> is set in [1] hence in [2] when giving up resolving the fault in core
>> and consigning to the userland handler. I assume you're using a patched
>> fork of an older Genode version so maybe things are different in your
>> case. However, have you had a look ad the GDB monitor?
> Yes, I've seen in your referenced code how GDB monitor uses this flag.
> We're using Genode 16.08, but I can't build the gdb_monitor.run sample,
> neither in the vanilla 16.08 nor in our patched version:
> "cp: cannot stat 'bin/ld.lib.so': No such file or directory".
> So next I'll look into how it's handled on newer versions.

Please consider that the GDB monitor test is supported only on Nova and
real hardware (no Qemu) as the run script should tell you. You should
also definitely create a fresh build dir when switching versions because
the build system might have changed in the meanwhile which can lead to
unpleasant errors.

> Anyway, I tried to read the DFAR register as you recommended, but it
> seems I didn't quite understand what you meant, as an L4 hacker
> responded to me in [3] that DFAR/DFSR registers are non-thread-specific
> CPU registers, and thus cannot be used to differentiate between the
> threads like I tried.

The DFAR/DFSR are registers of the CPU that might or might not be saved
per thread by a kernel. As far as I understand the mail from the L4
guys, Fiasco.OC doesn't save DFAR/DFSR to the thread state. However, the
DFAR/DFSR are thread specific as their state corresponds to a specific
fault that is caused by a specific thread. So, I assume you would have
to modify fault-handling code (where DFAR/DFSR are inspected) or even
exception-entry code (where general purpose registers are saved) in
Fiasco.OC to gain access to DFAR/DFSR in userland.

> For now, however, I managed to pass the IP via the pagefault report
> to the fault handler and can identify the corresponding thread with
> it. But I guess that there could be some corner case where two
> threads try to access different addresses from the same instruction,
> so I might still look into how to do this using DFAR.

This corner case is pretty common. Imagine a loop that writes a large
contiguous RAM region. In this case you would have only one write
instruction that reads the RAM address from a GPR which content gets
de/increased with each iteration.

>> How do you get the faulter to continue execution without 
>> attaching a dataspace?
> By calling faulter->continue_after_resolved_fault().
> You're completely right, it doesn't really continue execution
> as I haven't increased the instruction pointer yet, nor did
> I attach the dataspace. But it faults again at the same spot, which
> shows me that it *would* work if I had emulated the 
> instruction and increased the IP.

No, continue_after_resolved_fault DOES continue execution (although the
IP isn't yet the one you need), what I meant is that you can't do this
in vanilla Genode from userland (not core) without attaching an
appropriate dataspace. So, you have already extended the RM session by
an RPC that triggers the core-internal 'continue_after_resolved_fault' ?
I think this is the best way to do it in your situation.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory write tracing/logging of an application / Watchpoints in Genode/Fiasco.OC

[Martin Stein]

Hi Josef,

El 25/01/18 a las 18:28, Stark, Josef escribió:
>> As you should be the parent of the traced component, you can intercept
>> the CPU session and remember all thread capabilities created by the
>> component. On a fault you iterate through all threads to select those
>> that are currently in a page fault. A good example for this is the GDB
>> monitor [1]. 
> Ok, so far, so good, I could successfully get the threads within my
> target process and indeed access the correct instruction pointer.
> But the next problem is that Thread_state::unresolved_page_fault
> for me always 0 is, for all threads (I provoked a pagefault by detaching
> the dataspace), so I can't filter out the faulter(s). Do you have a clue?
> As long as I don't attach a dataspace at the corresponding address,
> it should indeed be an unresolved page fault, or am I wrong here?

At least in the current Genode release, the 'unresolved_page_fault' flag
is set in [1] hence in [2] when giving up resolving the fault in core
and consigning to the userland handler. I assume you're using a patched
fork of an older Genode version so maybe things are different in your
case. However, have you had a look ad the GDB monitor?

>> Now you want to select from the remaining threads those
>> that are in a fault on your specific address. This can't be done with
>> the current Genode API, but an easy way to achieve it would be to expand
>> the Cpu_state [2] to deliver also the value of the ARM Data Fault
>> Address Register or DFAR when calling Cpu_thread_client::state (make
>> sure to update the dfar member in [4] as is done in [3]).
> Good. I'm using Fiasco.OC though, so I'll have to figure out how to
> do this there. Writing a custom kernel function making the assembler call
> copied from Genode just froze the VM, but I already asked the Fiasco.OC
> people for help.
>> Then, you would have to continue execution of
>> the thread. Unfortunately, this is normally done automatically by
>> Genodes Core when it sees a new mapping that matches the fault address.
>> You don't want to do such a mapping, but there is no explicit "resume
>> this faulter". So, you have might add such an RPC call [5] and its back
>> end [6] to the RM interface. This shouldn't be much invasive.
> At least this seems to work.
Could you please explain in more detail what you mean with that? How do
you get the faulter to continue execution without attaching a dataspace?

Cheers,
Martin

[1]
base-foc/src/core/pager_object.cc

[2]
base/src/core/region_map_component.cc:207

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory write tracing/logging of an application / Watchpoints in Genode/Fiasco.OC

[Martin Stein]

Hi Josef,

El 12/01/18 a las 16:51, Stark, Josef escribió:
> Step 4 is relatively easy and already working, so I now have an app that 
> pagefaults 
> and gets resumed repeatedly at the same address and ip since I couldn't 
> implement 
> the rest of the steps so far. The reason is that I can't figure out how to 
> access the 
> Thread_state of the thread causing the pagefault. The Vinit uses an imprint 
> written 
> into the State that can be used to correlate an RM client to the pagefault 
> State. I'm 
> trying to integrate this imprint as well, but I'm struggling because 
> obviously since 
> the creation of Vinit the genode architecture has changed quite a bit (at 
> least for a 
> newcomer like me). E.g. I'm having trouble corresponding the required changes 
> from [3] to add_client() to the 16.08 version (it exists in a different place 
> with a 
> different signature and a much smaller body).
> 
> So I'm wondering if maybe in the meantime there exists an easier way to 
> access 
> the IP (and other registers) of a pagefaulting thread from within the 
> fault-handler 
> (in my example _handle_fault in [4])? Especially considering that my parent 
> task 
> has only this one child (with currently only 1 thread), if that makes it 
> easier.

As you should be the parent of the traced component, you can intercept
the CPU session and remember all thread capabilities created by the
component. On a fault you iterate through all threads to select those
that are currently in a page fault. A good example for this is the GDB
monitor [1]. Now you want to select from the remaining threads those
that are in a fault on your specific address. This can't be done with
the current Genode API, but an easy way to achieve it would be to expand
the Cpu_state [2] to deliver also the value of the ARM Data Fault
Address Register or DFAR when calling Cpu_thread_client::state (make
sure to update the dfar member in [4] as is done in [3]).

Now you can arbitrarily choose one of the remaining threads, read its IP
from the Cpu_state, emulate its instruction, and write back results via
Cpu_thread_client::state. Then, you would have to continue execution of
the thread. Unfortunately, this is normally done automatically by
Genodes Core when it sees a new mapping that matches the fault address.
You don't want to do such a mapping, but there is no explicit "resume
this faulter". So, you have might add such an RPC call [5] and its back
end [6] to the RM interface. This shouldn't be much invasive.

If there are further questions please do not hesitate to ask ;)

Cheers,
Martin

[1]
ports/src/app/gdb_monitor/cpu_session_component.cc:
Cpu_session_component::handle_unresolved_page_fault

[2]
base/include/spec/arm/cpu/cpu_state.h

[3]
base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc: Vm::exception

[4]
base-hw/src/core/spec/arm/kernel/thread.cc: Thread::exception

[5]
base/include/region_map/region_map.h

[6]
base/src/core/region_map_component.cc

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Disk images for ARM based Genode Scenarios

[Martin Stein]

Hi,

On 04.01.2018 16:51, Alexander Boettcher wrote:
> Hello,
> 
> On 02.01.2018 19:42, Baconicsynergy via genode-main wrote:
>> I built a simple log Genode scenario for wand_quad for testing purposes, and 
>> I am previously used to receiving iso images for x86_32/x86_64.
>>
>> However, there is no iso image! I am left with a log.core file in the 
>> var/run directory and I don't know how to construct a bootable microSD card 
>> image from these files.
> 
> by default you will find a file
> build/wand_quad/var/run//image.elf, which could be used by
> your u-boot with the 'bootelf' command (if supported by the bootloader
> on your sd-card).
> 
> You may also build an Genode image to be used with 'bootm' command of
> your u-boot. Add to the RUN_OPT in your build/wand_quad/etc/build.conf
> 
> RUN_OPT += --include image/uboot
> 
> After you invoked the re-run the run script you will find the image
> under build/wand_quad/var/run//uImage
> 
> The u-boot (and SD-card) you have to setup yourself. Either you have one
> already shipped with your board or you may try to create a u-boot using
> our tool in "tool/create_uboot".

When using the create_uboot tool, an image file for your MMC is created
containing a freshly built u-boot and all what u-boot needs to run on WandBoard.
The image has a size of 8 Mb and, at the end, the tool tells you the command
line to copy the image to your MMC with a seek of 1 byte. So you can create a
filesystem afterwards that starts, lets say, at 10 Mb offset for your Genode
images.

Unfortunately, the create_uboot tool doesn't work with the newest Genode
toolchain. But there's an easy way to circumvent this problem:

! # download older toolchain (change x86_64 to x86_32 in the URL if needed)
! wget 
https://sourceforge.net/projects/genode/files/genode-toolchain/16.05/genode-toolchain-16.05-x86_64.tar.bz2
!
! # rename your current toolchain so we're not going to overwrite it
! mv /usr/local/genode-gcc /usr/local/genode-gcc-latest
!
! # extract older toolchain (again you might adapt x86_64)
! sudo tar xPf genode-toolchain-16.05-x86_64.tar.bz2
!
! # rename older toolchain
! mv /usr/local/genode-gcc /usr/local/genode-gcc-16.05
!
! # make sure Genode uses the older toolchain
! ln -sf -T /usr/local/genode-gcc-16.05 /usr/local/genode-gcc
!
! # create MMC image
! tool/create_uboot wand_board
!
! # switch back to your current toolchain
! ln -sf -T /usr/local/genode-gcc-latest /usr/local/genode-gcc

I hope this helped?

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Sabre Lite imx6

[Martin Stein]

Hi Joel,

Am 28.12.2017 um 23:39 schrieb Baconicsynergy via genode-main:
> Hello friends :) I am now the proud owner of the sabre lite imx6 SoC for
> the purpose of experimenting and running seL4, and am really eager to
> start building Genode scenarios. Unfortunately, the create_builddir tool
> only specifies imx53. What can i do to start working with genode on the
> sabre lite?

Doing 'grep -r "imx6" base', you can see that Genode actually supports
an i.MX6 board, namely the WandBoard Quad which is abbreviated to
"wand_quad" in the sources. A 'find . -wholename *imx6*' gives all
i.MX6-specific implementations. The WandBoard is supported on SeL4 and
on the custom Genode kernel (base-hw). A 'find base-sel4 -wholename
*wand_quad*' gives you a good summary of what to implement for your
platform. AFAIK, the SeL4 version that is used should be fine with the
board.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory write tracing/logging of an application / Watchpoints in Genode/Fiasco.OC

[Martin Stein]

Hi Josef,

Am 07.12.2017 um 21:57 schrieb Stark, Josef:
> ...
> Program core/pbxa9/core
> COMPILE  environ.o
> COMPILE  err.o
> COMPILE  file.o
> In file included from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:21:0,
>  from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../nova/timer_session_component.h:23,
>  from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../nova/timer_root.h:24,
>  from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../main.cc:19:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:27:28:
>  error: ‘SP804_CLOCK’ is not a member of ‘Genode::Board_base’
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:27:28:
>  error: ‘SP804_CLOCK’ is not a member of ‘Genode::Board_base’
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:27:59:
>  error: template argument 1 is invalid
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:
>  In constructor ‘Platform_timer_base::Platform_timer_base()’:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:38:22:
>  error: ‘SP804_MMIO_SIZE’ is not a member of ‘Genode::Board_base’
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/platform_timer_base.h:40:4:
>  error: class ‘Platform_timer_base’ does not have any field named ‘Sp804_base’
> In file included from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../nova/timer_session_component.h:23:0,
>  from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../nova/timer_root.h:24,
>  from 
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../../main.cc:19:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:
>  In constructor ‘Platform_timer::Platform_timer()’:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:44:59:
>  error: ‘max_value’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:44:60:
>  error: ‘tics_to_us’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:
>  In member function ‘long unsigned int Platform_timer::curr_time()’:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:61:41:
>  error: ‘value’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:63:55:
>  error: ‘max_value’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:70:43:
>  error: ‘tics_to_us’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:
>  In member function ‘void Platform_timer::schedule_timeout(long unsigned 
> int)’:
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:99:39:
>  error: ‘us_to_tics’ was not declared in this scope
> /home/josef/git/ptc_hdl_env/os/src/drivers/timer/hw/pbxa9/../platform_timer.h:100:28:
>  error: ‘run_and_wrap’ was not declared in this scope
> COMPILE  ldso_types.o
> COMPILE  lock.o
> /home/josef/git/ptc_hdl_env/base/mk/generic.mk:46: recipe for target 'main.o' 
> failed
> make[3]: *** [main.o] Error 1
> var/libdeps:261: recipe for target 'timer.prg' failed
> make[2]: *** [timer.prg] Error 2
> make[2]: *** Waiting for unfinished jobs
> COMPILE  main.o
> ...
> MERGEld.lib.so
> LINK init
> Makefile:206: recipe for target 'gen_deps_and_build_targets' failed
> make[1]: *** [gen_deps_and_build_targets] Error 2
> make[1]: Leaving directory '/home/josef/git/ptc_hdl_env/build'
> Error: Genode build failed
> Makefile:237: recipe for target 'run/ptc_hdl_env' failed
> make: *** [run/ptc_hdl_env] Error 252
> ===
> 
> It seems that base-hw is borrowing a few header-files from nova, 
> and grep showed that SP804_CLOCK is declared inside
> base/include/platform/vea9x4/drivers/board_base.h
> (which looks like another board), so maybe that's
> about where things go wrong.
> Can someone help me out?

I just pushed a fix [1] that solves the problem.
I also had a compile error like:

  Program test/ptc_hdl_env/ptc/test-ptc_hdl_env-ptc
COMPILE  integration.o
genode-arm-g++: error: integration.cc: No such file or directory
genode-arm-g++: fatal error: no input files

But it disappeated when I ran "make run/ptc_hdl_env" a second time so it
seems to be a sporadic problem with the build system. Apart from that,
the PTC worked fine for me.

Martin

[1]
https://github.com/m-stein/genode_hdl_env/commit/b3714bfb81e9e9c37cc068e640fe2091fbf67867

--
Check out the vibrant tech community 

Re: Genode on i.MX6Q Sabre Lite

[Martin Stein]

Hi Yevgeny, Stefan,

Am 08.11.2017 um 11:29 schrieb Stefan Kalkowski:
> Actually, I have no idea why the HW kernel should not work for you. We
> test it all night, and currently _all_ tests for HW on Wandboard are
> green. I can confirm the trouble you experience with init.run and
> bomb.run on top of sel4. I think there exist resource limitations
> regarding Genode/Sel4 that lead to those problems.
> 
> The only difference in between your setup, and our nightly test scenario
> is that we use u-boot's "uImage" format and the "bootm" command instead
> of the "bootelf" command, because the latter is not enabled in most
> pre-installed u-boot variants. You can produce a ready to use uImage
> when adding the following run-tool option to your "etc/build.conf":
> 
>   RUN_OPT += --include image/uboot
> 
> I should wonder if it makes any difference to boot the uImage instead of
> the ELF image, but maybe you can give it a try.

Might it be that the u-boot versions differ and therefore the
pre-Genode hardware/uart initialization causes troubles with HW?

Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Base-hw kernel GIC issue with a Cortex--A7 processor.

[Martin Stein]

Hi Bob,

Am 12.10.2017 um 01:33 schrieb Bob Stewart:
> A big oops by me Martin on the register declarations. I had forgotten the 
> bitfield format was a position a followed by length type as opposed to start 
> and end bit positions.

This is why I wrote you an explanation of the Bitfield interface two emails ago 
:-)

> Thanks for defining the steps in start up which I was a bit familiar with 
> through reading code. I only had time today to debug the core_mmio 
> translation table which had the expected physical addresses based on the 
> initialization list for the platform board object. The virtual addresses 
> started at 0xxF000.

> I'll next figure out why a Pic object can be successfully constructed during 
> the bootstrap where the physical addresses for the distributor and the cpu 
> interface are used in the initialization list but the construction appears to 
> fail in kernel init when a singleton version of it is created using virtual 
> addresses in the initialization list.

You said that you do not even enter the constructor but are you sure you don't
enter the first initializer in the initializer list or have you only checked
whether you enter the constructor body?

I assume that there are several initializers like the distributer and CPU 
interface
MMIO like in our ARM-GIC implementation:

Hw::Pic::Pic()
:
   _distr(Platform::mmio_to_virt(Board::Cpu_mmio::IRQ_CONTROLLER_DISTR_BASE)),
   _cpui (Platform::mmio_to_virt(Board::Cpu_mmio::IRQ_CONTROLLER_CPU_BASE)),
   _last_iar(Cpu_interface::Iar::Irq_id::bits(spurious_id)),
   _max_irq(_distr.max_irq())
{ }

Then, you could print '_base' in the 'Mmio_plain_access' constructor [1] for
debugging. If you truely do not enter the first initializer your problem is most
likely not related to any PIC IO mappings. I would suggest you to aim for the
exact point where your system gets stuck.

Cheers,
Martin

[1] base/include/util/mmio.h

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Base-hw kernel GIC issue with a Cortex--A7 processor.

[Martin Stein]

Hi Bob,

Am 09.10.2017 um 23:44 schrieb Bob Stewart:
>Regarding IAR/EOIR register definitions, I too was using version 2.0 of 
> the Architecture document, document number ARM IHI 0048B.b  ID072613.
> What I see on pages 4-135 and 4-138 are tables defining the bit fields as:
> 
> [12:10] CPUID On a multiprocessor implementation, if the write refers to an 
> SGI, this field contai> [9:0] EOIINTID The Interrupt ID value from the 
> corresponding GICC_IAR access.

That's right, as I already said: [9:0] EUOINTID is 10 bits in width - thus 
Bitfield<0,10>
and [12:10] CPUID is 3 bits in width - thus Bitfield<10, 3>.

> In bootstrap, a board object is created whose initializers declare ram and 
> mmio regions. The constructor is:
> 
> Bootstrap::Platform::Board::Board()
> : early_ram_regions(Memory_region { RAM_0_BASE,
> RAM_0_SIZE}), 
>   core_mmio(Memory_region { CORTEX_A7_PRIVATE_MEM_BASE,
>   CORTEX_A7_PRIVATE_MEM_SIZE },
>   Memory_region { UART_1_MMIO_BASE, UART_1_MMIO_SIZE },
>   Memory_region { GPT1_BASE, GPT1_SIZE }
>) {}
> 
> CORTEX_A7_PRIVATE_MEM_BASE is set at 0x00A0, three pages in size and in 
> that region the GIC-400 registers start on the, second page; 0x00A01000 for 
> the distributor and 0x00A02000 for the cpu interface
> 
> As a first step in diagnosing the problem I looked in the Allocator outputs 
> from the run script. I expected to see entries in the io_mmio_alloc dump 
> related to the three regions in the above initializer list and none were 
> there. So my question was/is what am I missing in my understanding?

Regarding the allocators Output:

:io_mem_alloc: Allocator 0x910cd334 dump:
Block: [,80106000) size=2098200K avail=2098200K max_avail=2098200K
Block: [8011,8025b000) size=1324K avail=1324K max_avail=2098200K
Block: [8100,811a) size=1664K avail=1664K max_avail=1610612735
Block: [a000,) size=1610612735 avail=1610612735 max_avail=161061273

Block [,80106000) contains Block [0x00A0, 0x00A02fff), doesn't it?
So the GIC-400 is in the io_mem_alloc. However, this has nothing to do with
the core translation table. These allocators are initialized long after the 
kernel
initialization where your troubles with the PIC occur.

Here is a short illustration of how Genode starts up:

1. [bootstrap] _start in bootstrap/spec//crt0.s
   - init bss and kernel stack

2. [bootstrap] init bootstrap/init.cc
   - init core regions (e.g. core_mmio and core elf)
   - fill core translation table (e.g. with core_mmio and core elf)
   - enable mmu with core translation table
   - jump to entry of core elf (kernel)

3. [core (kernel)] _start in core/kernel/init.cc
   - init kernel objects of the cpus
   - init kernel object of the first userland thread of core

4. [core (kernel)] kernel in core/kernel/kernel.cc
   - update kernel state
   - schedule userland thread (only first core thread available)

5. [core (userland)] _core_start in core/spec//crt0.s
   - init core object of the first userland thread of core
   - init stack pointer

6. [core (userland)] _main in startup/_main.cc
   - init C++ runtime and other stuff

7. [core (userland)] main in core/main.cc
   - init core resources (e.g. Platform which creates the
 allocators like _io_mem_alloc and dumps them)
   - init core services
   - start init

The point where the core page table is filled with the core_mmio is in
step 2 (see base-hw/src/bootstrap/platform.cc:172 for debugging) whereas
the allocator dump is in step 7.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Base-hw kernel GIC issue with a Cortex--A7 processor.

[Martin Stein]

Hi Bob,

Am 08.10.2017 um 22:06 schrieb Bob Stewart:
> Hi,
> I'm bringing up the 17.08 base-hw kernel/core on an NXP IMX6ULL SoC, which 
> uses a Cortex A7 single core processor, and am having issues creating the 
> singleton instance of the GIC after kernel initialization. In short the 
> attempt to create the singleton causing the processor to die!
> 
> The PIC code is all existing ARM code, I supply the addresses of the GIC-400 
> interrupt distributor and its cpu interface from the NXP documentation. Using 
> the u-boot command line I see that the GIC register addresses in memory agree 
> with the documentation. The physical addresses are 0x00A01000 and 0x00A02000 
> which are translated to virtual addresses 0xF0001000 and 0xF002000.
> 
> The core initialization code in ../base-hw/src/core/kernel/init.cc first 
> creates a cpu pool object then creates a cpu object in the pool passing to it 
> the address of the unmanaged singleton object for the PIC.The cpu 
> initialization code would use this object to unmask an interrupt for a timer, 
> if it ever got that far! It appears to die in the execution of the placement 
> new operator in ../base/src/include/base/internal/unmanaged_singleton.h:
>
> template 
> static void call(char * const dst, ARGS &&... args) { new (dst) T(args...); }
> 
> (Where T would be Kernel::Pic)
> 
> The Pic constructor is never called when the new executes.
> 
> I was testing using the log run script which does not need a timer to execute 
> the test, so I removed the creation of the Pic object and its use in the cpu 
> object initialization. The test ran successfully to completion and provided 
> the memory allocator outputs and the print test output:
> 
> I guess I don't understand the allocator outputs as I would have expected the 
> two pages at address 0xA01000 for the GIC-400 to show up in the io_mem_alloc 
> allocator output with zero availability. I hope that has something to do with 
> this problem as don't see a good way of debugging the placement new operation>
> As an aside, I noticed a lurking bug in the Pic cpu interface register 
> definitions in ...base-hw/src/lib/hw/arm/pic.h:
> The struct Irq_id inside both struct Iar and struct Eoir are sized as struct 
> Irq_id : Bitfield<0:10> { }; . They both should be
> {
>struct Irq_id : Bitfield<0:9> { };
>struct Cpu_id : Bitfield<10:12> { };
> };

I cannot confirm this. I think you misunderstood the parameters of Bitfield.
It's Bitfield and _not_ Bitfield.
The document "ARM Generic Interrupt Controller Architecture version 2.0"
states that IRQ_ID reaches from bit 0 and is 10 bits wide while CPU_ID
starts with bit 10 and is 3 bits wide.

By the way, if you're reusing our imx6 code, please be aware that it is
currently used only with the USB Armory and the Wandboard Quad. Both have
i.MX 6Dual/6Quad SOCs that are Cortex-A9 based and _not_ Cortex A7.
I cannot say how much, for instance, the GIC-400 of your platform differs
from the PL390 GIC our driver is made for.

To see how the GIC memory region is initialized on the currently supported
imx6 platforms you can do:

grep -r "CORTEX_A9_PRIVATE_MEM_BASE" base-hw | grep wand_quad

The Cortex A9 private memory region contains the GIC on Cortex-A9 platforms.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: VirtualBox with Networking

[Martin Stein]

Hi Chris,

I would stay debugging the DHCP problem instead of switching
to static IPs. I assume that there is no problem with the bridge or
the VMs. Maybe you can send the NIC dump output so we can see
more clearly what is going on. If you use my branch merge_to_staging [1],
you can also configure the output by adding something like:

log_cfg.dhcp = Packet_log_config::COMPREHENSIVE; /* print all header 
information */
log_cfg.udp  = Packet_log_config::COMPACT;   /* print most important 
information only */
log_cfg.ipv4 = Packet_log_config::SHORT; /* print protocol name only */
log_cfg.eth  = Packet_log_config::NONE;  /* print nothing for this 
protocol */

after this line in Interface::_handle_eth [2]:

Packet_log_config log_cfg;

Cheers,
Martin

[1] https://github.com/m-stein/genode/tree/merge_to_staging
[2] 
https://github.com/m-stein/genode/blob/merge_to_staging/repos/os/src/server/nic_dump/interface.cc#L31

Am 24.09.2017 um 19:16 schrieb Chris Rothrock:
> I have been able to make a working environment with Genode/NOVA/VirtualBox a 
> single VM running TinyCore with networking enabled and can communicate across 
> the network.  So far, only on VirtualBox 4, 5 still has issues that I am 
> still trying to work out that I will get into at a later time but my goal is 
> multiple VMs with networking.  
> 
> With VirtualBox 4, I have successfully made two VM environments and both VMs 
> see eth0, I can assign an IP address to each but neither VM can communicate 
> outside their own VM.  Unlike with the single VM, I was unsuccessful to get 
> an IP via DHCP (hence why I used a static IP), they could not ping the other 
> VM, they could not ping anything on the network to which they were attached.  
> Is there a setting in the test.vbox file different than for a single VM mode 
> that I need to make to make the bridge work for this?
> 
> -- 
> 
> 
> Thank You,
> 
> Chris Rothrock
> Senior System Administrator
> (315) 308-1637
> 
> 
> 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> 
> 
> 
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: VirtualBox with Networking

[Martin Stein]

Hi Chris,

If you intercept the NIC connections between your bridge and the vbox's with 
the NIC dump
component, you can compare the packets for your two usecases.
A good example of how to use the nic_dump can be found in 
libports/run/nic_dump.run.
There it intercepts the NIC connection between the bridge (server/uplink) and 
the router
(client/downlink). Of cause you can put also only one nic_dump between nic_drv 
and
nic_bridge.

I hope this helped?
Martin

Am 24.09.2017 um 19:16 schrieb Chris Rothrock:
> I have been able to make a working environment with Genode/NOVA/VirtualBox a 
> single VM running TinyCore with networking enabled and can communicate across 
> the network.  So far, only on VirtualBox 4, 5 still has issues that I am 
> still trying to work out that I will get into at a later time but my goal is 
> multiple VMs with networking.  
> 
> With VirtualBox 4, I have successfully made two VM environments and both VMs 
> see eth0, I can assign an IP address to each but neither VM can communicate 
> outside their own VM.  Unlike with the single VM, I was unsuccessful to get 
> an IP via DHCP (hence why I used a static IP), they could not ping the other 
> VM, they could not ping anything on the network to which they were attached.  
> Is there a setting in the test.vbox file different than for a single VM mode 
> that I need to make to make the bridge work for this?
> 
> -- 
> 
> 
> Thank You,
> 
> Chris Rothrock
> Senior System Administrator
> (315) 308-1637
> 
> 
> 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> 
> 
> 
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: create_uboot dependencies?

[Martin Stein]

We have a Serial-to-USB cable connected to the Serial interface of the
board and a USB port of the testing machine. Then you can catch the
output via 'picocom' for instance. The implementation of the UART driver
is [1]. It uses 1 stop bit, a baudrate of 115200, and no parity. So, the
following works for me:

sudo picocom -p n -b 115200 /dev/ttyUSB0

Even if your Genode doesn't come up you should at least see some output
from the Uboot like this:

U-Boot 2015.10-00237-g92e40f5-dirty (Dec 04 2015 - 15:37:04 +0100)
CPU:   Freescale i.MX6Q rev1.2 at 792 MHz
Reset cause: POR
Board: Wandboard rev B1
I2C:   ready
DRAM:  2 GiB
MMC:   FSL_SDHC: 0, FSL_SDHC: 1
No panel detected: default to HDMI
Display: HDMI (1024x768)
In:serial
Out:   serial
Err:   serial
Net:   FEC [PRIME]
Hit any key to stop autoboot:  1
U-Boot SPL 2015.10-00237-g92e40f5-dirty (Dec 04 2015 - 15:37:04)


Did this help?

[1] base/include/drivers/uart/imx.h

Am 18.08.2017 um 18:03 schrieb Steven Harp:
> Martin:
> 
> Yes, that worked well. Happily I had the older toolchain handy,
> and it compiles uboot without error.
> 
> Unfortunately, the output is not yet working for me (no serial out).
> I'm still trying to puzzle out the recipe to get Genode images running
> on the Wand Quad.   Genode Labs perhaps has a preferred solution for 
> testing on this platform--is there a web page or README that discusses?
> Maybe tftpboot from one of the Wand linux/uboot images could work?
> 
> Any advice or examples would be much appreciated. 
> 
> Thanks,
>   Steve
> 
> 
> On 08/18/2017 07:10 AM, Martin Stein wrote:
>> Hi Steven Harp,
>>
>> Thank you for this hint!
>> It's obviously a bug in the 'create_uboot' tool. The tool uses the Genode 
>> tool
>> chain and since the last update of this tool cain I didn't test whether 
>> they're
>> still fine with each other.
>>
>> One quick work-around for you would be to download the 16.05 toolchain [1],
>> unpack it to an individual directory (no 'P' flag) [2], and adapt your
>> create_uboot to use the other tool chain [3].
>>
>> I will have a more detailed look at the problem these days and provide a
>> long-term fix as soon as possible.
>>
>> I hope this helped?
>>
>> Cheers,
>> Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Fwd: Re: create_uboot dependencies?

[Martin Stein]

Hi Steven,

Thank you for this hint!
It's obviously a bug in the 'create_uboot' tool. The tool uses the Genode tool
chain and since the last update of this tool cain I didn't test whether they're
still fine with each other.

One quick work-around for you would be to download the 16.05 toolchain [1],
unpack it to an individual directory (no 'P' flag) [2], and adapt your
create_uboot to use the other tool chain [3].

I will have a more detailed look at the problem these days and provide a
long-term fix as soon as possible.

I hope this helped?

Cheers,
Martin

[1] https://sourceforge.net/projects/genode/files/genode-toolchain/16.05/
[2] tar xfj genode-toolchain--.tar.bz2
[3]
diff --git a/tool/create_uboot b/tool/create_uboot
index f52d8e0..0e6490c 100755
--- a/tool/create_uboot
+++ b/tool/create_uboot
@@ -59,7 +59,7 @@ endif

 UBOOT_MAKE := \
$(VERBOSE)make ARCH=$(ARCH) \
-  CROSS_COMPILE=/usr/local/genode-gcc/bin/genode-$(ARCH)- \
+  
CROSS_COMPILE=/bin/genode-$(ARCH)- \
   O=$(UBOOT_BUILD_DIR) \
   -j4

Am 16.08.2017 um 19:53 schrieb Steven Harp:
> 
> In genode 17.05, I'm having difficulties with tool "create_uboot".
> Perhaps there are some preparatory steps or usage guidelines
> that I am missing  The error manifests as (below).
> Any suggestions about what might be amiss?  (Goal is preparing an
> image for wand quad.)
> 
> 
> $ ~/genode/tool/create_uboot wand_quad
> Already on 'genode_wand_quad'
> Your branch is up-to-date with 'origin/genode_wand_quad'.
> Building U-Boot config...
> make[1]: Entering directory '/home/user/genode/contrib/uboot'
> make[2]: Entering directory '/home/user/genode/contrib/uboot/build/wand_quad'
>   GEN ./Makefile
> #
> # configuration written to .config
> #
> make[2]: Leaving directory '/home/user/genode/contrib/uboot/build/wand_quad'
> make[1]: Leaving directory '/home/user/genode/contrib/uboot'
> Building U-Boot images...
> make[1]: Entering directory '/home/user/genode/contrib/uboot/build/wand_quad'
>   GEN ./Makefile
> scripts/kconfig/conf  --silentoldconfig Kconfig
>   CHK include/config.h
>   GEN include/autoconf.mk
>   GEN include/autoconf.mk.dep
>   GEN spl/include/autoconf.mk
> In file included from 
> /home/user/genode/contrib/uboot/include/linux/compiler.h:54:0,
>  from 
> /home/user/genode/contrib/uboot/include/linux/byteorder/little_endian.h:12,
>  from 
> /home/user/genode/contrib/uboot/arch/arm/include/asm/byteorder.h:29,
>  from /home/user/genode/contrib/uboot/include/compiler.h:125,
>  from /home/user/genode/contrib/uboot/include/image.h:19,
>  from /home/user/genode/contrib/uboot/include/common.h:82:
> /home/user/genode/contrib/uboot/include/linux/compiler-gcc.h:114:30: fatal 
> error: linux/compiler-gcc6.h: No such file or directory
>  #include gcc_header(__GNUC__)
>   ^
> compilation terminated.
> 
> ... Repeats ...


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: execution time on RPI.

[Martin Stein]

Hi Mohammad,

Am 02.08.2017 um 16:36 schrieb Mohammad Hamad:
> I am trying to measure the execution time of a function on RPI model B. 
> 
> I used the "Trace::timestamp" function to calculate it. In the same
> time, I used the elapsed_ms() function to compare with it.
> 
> as I understood, the "Trace::timestamp" function gives the performance
> counter.  Dose the elapsed_ms function provide the execution time of the
> method in milliseconds? 

Yes, 'Trace::timestamp' returns the ARM performance-counter value on
RPI. You can find the implementation details in [1]. And no,
'elapsed_ms()' does not return the execution time of any function but
the time elapsed since the creation of the Timer::Connection on which
you call it. More precisely the point in time when the Timer server
initializes the 'elapsed_ms' counting for the Connection. So, the best
way to use it would be by creating the delta of two subsequent calls.

> During the measurements, I got some related numbers in somehow. For an
> example, the average of  elapsed_ms() was 2,18 and the  average of
> performance counter is 24825,02
>
> How could I convert the delta of the performance counter to
> milliseconds? I guess I need to divide by the CPU_cycle.

The performance counter on ARMv6 platforms like RPI is configured to
count every 64th CPU cycle. So, the formula for the performance counter is:

PERF_COUNTER = MS * 1000 * CPU_FREQ / 64

And thus, the translation to milliseconds would look like this:

MS = PERF_COUNTER * 64 / ( CPU_FREQ * 1000 )

>  If yes, does the cpu_cycle specified or modified by the Genode? How can
>  I get this value?

AFAIK, the RPI model B has a CPU frequency of 700 Mhz and Genode does
not adapt this. Only one sidenote at this point: Be aware that the ARM
performance counter does not necesarily increase constantly over time.
AFAIK, it does for the RPI, but there are counter examples. For
instance, on all ARMv7 platforms, we use the WFI (wait for interrupt)
instruction on idle [2] to save energy and thereby pause the counter for
an unforeseeable amount of time. But, as I said, for RPI, I do not know
any reason why the counter shouldn't be constant over time.

I hope this helps you...

Cheers,
Martin

[1] base-hw/src/core/spec/arm_v6/perf_counter.cc
[2] base-hw/src/core/spec/arm_v7/cpu_support.h

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: execution time on RPI.

[Martin Stein]

Hi Mohammad,

Am 02.08.2017 um 16:36 schrieb Mohammad Hamad:
> I am trying to measure the execution time of a function on RPI model B. 
> 
> I used the "Trace::timestamp" function to calculate it. In the same
> time, I used the elapsed_ms() function to compare with it.
> 
> as I understood, the "Trace::timestamp" function gives the performance
> counter.  Dose the elapsed_ms function provide the execution time of the
> method in milliseconds? 

Yes, 'Trace::timestamp' returns the ARM performance-counter value on
RPI. You can find the implementation details in [1]. And no,
'elapsed_ms()' does not return the execution time of any function but
the time elapsed since the creation of the Timer::Connection on which
you call it. More precisely the point in time when the Timer server
initializes the 'elapsed_ms' counting for the Connection. So, the best
way to use it would be by creating the delta of two subsequent calls.

> During the measurements, I got some related numbers in somehow. For an
> example, the average of  elapsed_ms() was 2,18 and the  average of
> performance counter is 24825,02
>
> How could I convert the delta of the performance counter to
> milliseconds? I guess I need to divide by the CPU_cycle.

The performance counter on ARMv6 platforms like RPI is configured to
count every 64th CPU cycle. So, the formula for the performance counter is:

PERF_COUNTER = MS * 1000 * CPU_FREQ / 64

And thus, the translation to milliseconds would look like this:

MS = PERF_COUNTER * 64 / ( CPU_FREQ * 1000 )

>  If yes, does the cpu_cycle specified or modified by the Genode? How can
>  I get this value?

AFAIK, the RPI model B has a CPU frequency of 700 Mhz and Genode does
not adapt this. Only one sidenote at this point: Be aware that the ARM
performance counter does not necesarily increase constantly over time.
AFAIK, it does for the RPI, but there are counter examples. For
instance, on all ARMv7 platforms, we use the WFI (wait for interrupt)
instruction on idle [2] to save energy and thereby pause the counter for
an unforeseeable amount of time. But, as I said, for RPI, I do not know
any reason why the counter shouldn't be constant over time.

I hope this helps you...

Cheers,
Martin

[1] base-hw/src/core/spec/arm_v6/perf_counter.cc
[2] base-hw/src/core/spec/arm_v7/cpu_support.h

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: execution time on RPI.

[Martin Stein]

Hi Mohammad,

Am 02.08.2017 um 16:36 schrieb Mohammad Hamad:
> I am trying to measure the execution time of a function on RPI model B. 
> 
> I used the "Trace::timestamp" function to calculate it. In the same
> time, I used the elapsed_ms() function to compare with it.
> 
> as I understood, the "Trace::timestamp" function gives the performance
> counter.  Dose the elapsed_ms function provide the execution time of the
> method in milliseconds? 

Yes, 'Trace::timestamp' returns the ARM performance-counter value on
RPI. You can find the implementation details in [1]. And no,
'elapsed_ms()' does not return the execution time of any function but
the time elapsed since the creation of the Timer::Connection on which
you call it. More precisely the point in time when the Timer server
initializes the 'elapsed_ms' counting for the Connection. So, the best
way to use it would be by creating the delta of two subsequent calls.

> During the measurements, I got some related numbers in somehow. For an
> example, the average of  elapsed_ms() was 2,18 and the  average of
> performance counter is 24825,02
>
> How could I convert the delta of the performance counter to
> milliseconds? I guess I need to divide by the CPU_cycle.

The performance counter on ARMv6 platforms like RPI is configured to
count every 64th CPU cycle. So, the formula for the performance counter is:

PERF_COUNTER = MS * 1000 * CPU_FREQ / 64

And thus, the translation to milliseconds would look like this:

MS = PERF_COUNTER * 64 / ( CPU_FREQ * 1000 )

>  If yes, does the cpu_cycle specified or modified by the Genode? How can
>  I get this value?

AFAIK, the RPI model B has a CPU frequency of 700 Mhz and Genode does
not adapt this. Only one sidenote at this point: Be aware that the ARM
performance counter does not necesarily increase constantly over time.
AFAIK, it does for the RPI, but there are counter examples. For
instance, on all ARMv7 platforms, we use the WFI (wait for interrupt)
instruction on idle [2] to save energy and thereby pause the counter for
an unforeseeable amount of time. But, as I said, for RPI, I do not know
any reason why the counter shouldn't be constant over time.

I hope this helps you...

Cheers,
Martin

[1] base-hw/src/core/spec/arm_v6/perf_counter.cc
[2] base-hw/src/core/spec/arm_v7/cpu_support.h

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Porting LibVMI

[Martin Stein]

Hi Miguel,

For the basics of porting to Genode there's a porting guide [1]. Then,
have a look what LibVMI needs as backend functionality and try to match
it to the Trustzone VMM implementation respectively the VM session
interface.

I hope that helps.

Cheers,
Martin

[1] https://genode.org/documentation/developer-resources/porting

Am 15.05.2017 um 15:33 schrieb Miguel Correia Guerra:
> I'm currently working with the TrustZone VMM example from Genode based
> on Genode 16.08 on i.MX53 QSB.
> 
> So far I've been able to create a shared buffer which can be used for
> cross-world communication.
> 
> My next step would be to try and port LibVMI[1] and attempt to run it in 
> the Trustzone.
> Since I'm pretty new to this I would like to know which would be the 
> best approach to start
> tackling this issue.

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Planning of Hack'n'Hike 2018 gathering

[Martin Stein]

Hey guys,

Like in the past years, the Hack'n'Hike 2017 was a big success to us. We
had a great hike through the Zittauer mountain landscape, enjoyed the
view from atop of several extraordinary rock formations, and visited the
beautiful monastery ruin in Oybin.

>From the hacking perspective, probably the most significant project was
the Quake 3 scenario of @cnuke and @ssumpf. They achieved to let us play
Quake 3 on Genode in LAN multiplayer in the end. With fluent 70-120 FPS
using the Intel GPU driver and low-latency sound. That was a great
experience and a lot of fun. Furthermore, there were projects working on
a Freeciv port, Raspberry Pi 3 support, native i.MX USB support, tooling
for the new depot/package system, Virtualbox 5 support in Muen, and more
... .

That said, we'd like to invite you to continue hacking and hiking with
us in 2018 ;-) This github issue [1] is meant as base for organizing,
joining in, and getting informed. So, please feel free to post there if
you have questions or suggestions regarding the Hack'n'Hike and, if
you're interested, keep an eye on the issue as we will post all news in
there.

Cheers,
Martin

[1] https://github.com/genodelabs/genode/issues/2412

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode on i.MX6 (eMMC Flash)

[Martin Stein]

Hi Kranthi Tej,

Am 16.04.2017 um 16:15 schrieb Kranthi Tej:
> Following up on the previous email, I've stumbled upon something while
> debugging. I've debugged the enable_mmu_and_caches function line by
> line. I've discovered that the lines which involved the address worked
> fine. It stops at:
> 
> Sctlr::enable_mmu_and_caches();
> 
> (repos/base-hw/src/core/include/spec/arm/cpu_support.h:509)
> 
> I've debugged (placed log messages after every line) the function
> further and observed that the problem is with
> 
> Sctlr::write(v) function
> 
> (repos/base-hw/src/core/include/spec/arm/cpu_support.h:111)
> 
> I've looked into the write function. But, I haven't been able to
> pinpoint what was going wrong. Could it be a problem with the function?
> Or, could it be a problem with the value being passed to it? (I haven't
> been completely able to tell that the problem isn't with the address. It
> could still be a problem.)
> I've also tried using the images built by Genode - 15.02 and 16.05. It
> stops with a "Pagefault in core thread" message after "kernel initialized".

Most likely it's not a problem with the write function but with the
hardware implications of this specific write. This is the point where
memory-management unit and caches are switched on for the first time
implicitely moving execution from the physical to a virtual address
space. As the Kernel has no pager, this means that the page table behind
the virtual address space must already contain all stuff that is
essential to the Kernel (and the Core main/pager functionality).

> Could you please give me any pointers to go forward? I'm stuck here.
> Your help will be greatly appreciated.

I would lookup the pagefault IP denoted in the pagefault message first
using 'genode-arm-objdump -DCl /var/run/.core'.
This should give you a hint what is missing in your page table. The MMIO
regions to be included in the early page table are defined in [1].

It might help if you post the whole serial output of your test.

Cheers,
Martin

[1] base-hw/src/bootstrap/spec/imx6/platform.cc

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode on i.MX6Q Sabre Lite

[Martin Stein]

Hey Yevgeny.

Am 03.04.2017 um 04:49 schrieb Yevgeny Lavrov:
> Hi,
> 
> Thanks for the hints. I managed to solve the sd_card_bench issue.
> I've tried to print out completion state as Martin suggested by making
> the following changes to:
> /repos/os/src/drivers/sd_card/spec/imx/driver.cc
> 
> driver.cc : line 131: error("command timed out irqstat: ",
> Mmio::read());
> 
> And got the following output during run: “[init -> sd_card_bench] Error:
> command timed out irqstat: 0”
> I assumed that Genode is unable to locate the device for some reason,
> and decided to see if the same approach that worked for the UART would
> work here as well.
> Went back to /repos/base/include/spec/imx6/drivers/board_base.h and
> adjusted the SDHC variables to these values:
> 
> /* SD host controller */
> SDHC_IRQ = 56,
> SDHC_MMIO_BASE = 0x02198000,
> 
> This did the trick and sd_card_bench successfully executed :)

Cool :)

Eventhough, I wonder that you were able to successfully do a reset with
the other parameters. But maybe there is a second controller at
0x0219 without a card inserted.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode on i.MX6Q Sabre Lite

[Martin Stein]

Hi Yevgeny,

Am 29.03.2017 um 10:53 schrieb Yevgeny Lavrov:
> Thank you for providing me this list, Stefan. I ran every single script
> from this list on my Sabre Lite, and the majority of them succeeded,
> except the following three: bomb, part_blk, and sd_card_bench.
> The sd_card_bench gave me the following msg:
> 
> [init] child "timer" announces service "Timer"
> [init -> sd_card_bench] Error: command timed out
> [init -> sd_card_bench] Error: Send_if_cond command failed
> [init -> sd_card_bench] Error: Uncaught exception of type
> 'Sd_card::Host_controller::Detection_failed'
> [init -> sd_card_bench] Warning: abort called - thread: ep
> [init] child "sd_card_bench" exited with exit value 1
> 
> Can it be caused by the wrong values of SDHC_IRQ and SDHC_MMIO_BASE in
> imx6/drivers/board_base.h?

I don't think that this is the problem. At this point, you have already
reset the component (excludes wrong MMIO base) and IRQs are not needed
for Send_if_cond (we poll for completion). It's more likely that there's
a problem with card initialization. Could you please print out
completion state in [1] like...

error("command timed out irqstat: ", read());

... and send the result? This might give a glue about whats happened.

> Just to make sure. When a test module exits with "exit value 0", does it
> mean that the test module succeeded, or something else?

This depends on the surrounding test environment (eg. the parent
component of the test component or the run script that runs the scenario
with the test component). If "Init" is the parent, it simply prints out
"child X exited with value Y". We sometimes use this in run scripts to
determine if a test succeeded, but there's no general heuristic about that.

> And if it is possible, can you please suggest me a starting point for
> Genode/seL4 on i.MX6? I'm currently going through files in
> repos/base-sel4 directory and trying to make sense out of it. I'm still
> quite new to ARM platforms, as well as Genode and seL4 kernel, so I
> would greatly appreciate any thoughts or ideas of where to begin.

Unfortunately, I'm not that familiar with base-sel4. Maybe someone else
can answer this?

Cheers,
Martin

[1] os/src/drivers/sd_card/spec/imx/driver.cc:132

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Fwd: Re: [Genode] Suggestion about mailing list subject

[Martin Stein]

 Weitergeleitete Nachricht 
Betreff:Re: [Genode] Suggestion about mailing list subject
Datum:  Tue, 7 Feb 2017 09:48:44 -0500
Von:Jeroen "Slim" van Gelderen <asks...@gmail.com>
An: martin.st...@genode-labs.com



The redundant information clutters up small screens and makes subject
lines difficult to read on mobile. I'm not sure what the problem is with
filtering messages for these folks.

On 7 Feb 2017 07:52, "Martin Stein" <martin.st...@genode-labs.com
<mailto:martin.st...@genode-labs.com>> wrote:

I personally let my mail client filter my mails by the destination
address into separate folders. This works fine for me. But if an
additional prefix is desired, why not.

Cheers,
Martin

Am 07.02.2017 um 12:20 schrieb Parfait Tokponnon:
> Hello,
> Personally, I think this is very useful,
> I receive mails from various mailing lists and this is the best way I
> can distinguish at a glance the origin of the mail.
> cheers
>
> 2017-02-07 11:08 GMT+01:00 Christian Helmuth
> <christian.helm...@genode-labs.com
<mailto:christian.helm...@genode-labs.com>
> <mailto:christian.helm...@genode-labs.com
<mailto:christian.helm...@genode-labs.com>>>:
>
> Hello Martín,
>
> On Mon, Jan 30, 2017 at 07:57:33AM -0500, Martin Iturbide wrote:
> > I was wondering if it can be useful to configure the mailing
list to
> > include on the subject (before the text) something like
[Genode] or
> > [Genode-Main] . I know that it is easy to set a rule and
folder for the
> > mailing list messages on the mail client, but in some other
cases I like to
> > identify visually and fast the messages that are from this
mailing list in
> > a group of mails.
> >
> > This is just a thought, I don't know how hard or easy will
be to configure
> > this on the sourceforge mailing lists.
>
> Technically this is pretty simple by means of the Mailman
> subject_prefix feature. I personally do not like all subject lines
> written by users of the list cluttered with some prefix text.
But, if
> other members of the list also express their demand for this
feature
> and there's no overly resistance voiced I would enable it
> nevertheless.
>
> Greets
> --
> Christian Helmuth
> Genode Labs
>
> https://www.genode-labs.com/ · https://genode.org/
> https://twitter.com/GenodeLabs · /ˈdʒiː.nəʊd/
>
> Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
> Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
>
>
--
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
<mailto:genode-main@lists.sourceforge.net>
> <mailto:genode-main@lists.sourceforge.net
<mailto:genode-main@lists.sourceforge.net>>
> https://lists.sourceforge.net/lists/listinfo/genode-main
<https://lists.sourceforge.net/lists/listinfo/genode-main>
> <https://lists.sourceforge.net/lists/listinfo/genode-main
<https://lists.sourceforge.net/lists/listinfo/genode-main>>
>
>
>
>
> --
> Parfait T.
>
>
>

--
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>
>
>
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
<mailto:genode-main@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/genode-main
<https://lists.sourceforge.net/lists/listinfo/genode-main>
>


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
<mailto:genode-main@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/genode-main
<https://lists.sourceforge.net/lists/listinfo/genode-

Re: [Genode] Suggestion about mailing list subject

[Martin Stein]

I personally let my mail client filter my mails by the destination
address into separate folders. This works fine for me. But if an
additional prefix is desired, why not.

Cheers,
Martin

Am 07.02.2017 um 12:20 schrieb Parfait Tokponnon:
> Hello,
> Personally, I think this is very useful,
> I receive mails from various mailing lists and this is the best way I
> can distinguish at a glance the origin of the mail.
> cheers
> 
> 2017-02-07 11:08 GMT+01:00 Christian Helmuth
>  >:
> 
> Hello Martín,
> 
> On Mon, Jan 30, 2017 at 07:57:33AM -0500, Martin Iturbide wrote:
> > I was wondering if it can be useful to configure the mailing list to
> > include on the subject (before the text) something like [Genode] or
> > [Genode-Main] . I know that it is easy to set a rule and folder for the
> > mailing list messages on the mail client, but in some other cases I 
> like to
> > identify visually and fast the messages that are from this mailing list 
> in
> > a group of mails.
> >
> > This is just a thought, I don't know how hard or easy will be to 
> configure
> > this on the sourceforge mailing lists.
> 
> Technically this is pretty simple by means of the Mailman
> subject_prefix feature. I personally do not like all subject lines
> written by users of the list cluttered with some prefix text. But, if
> other members of the list also express their demand for this feature
> and there's no overly resistance voiced I would enable it
> nevertheless.
> 
> Greets
> --
> Christian Helmuth
> Genode Labs
> 
> https://www.genode-labs.com/ · https://genode.org/
> https://twitter.com/GenodeLabs · /ˈdʒiː.nəʊd/
> 
> Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
> Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
> 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> 
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 
> 
> 
> 
> 
> -- 
> Parfait T.
> 
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> 
> 
> 
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Deprecated warnings

[Martin Stein]

Hi Boris,

Am 07.02.2017 um 09:15 schrieb Boris Mulder:
> This fixes most of the warnings, but some still persist (from -Wcpp).
> 
> On 06-02-17 18:49, Martin Stein wrote:
>>
>> You have to add the line 'CC_OPT += -Wno-deprecated-declarations' to
>> your '/etc/tools.conf'. You probably have to create this file
>> first.

Of course you can add further 'c++' options like '-Wno-cpp' to the
'CC_OPT' variable your 'tools.conf' file ;)

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Deprecated warnings

[Martin Stein]

Hi Boris,

You have to add the line 'CC_OPT += -Wno-deprecated-declarations' to
your '/etc/tools.conf'. You probably have to create this file
first.

Did that help you?

Cheers,
Martin

Am 06.02.2017 um 16:58 schrieb Boris Mulder:
> Hi all,
> 
> Whenever I compile my source with the latest version of Genode, I am
> getting hundreds and hundreds of deprecated warnings. I understand you
> might fix them in the future, but they clog my compiler output and make
> reading other compiler errors a pain. Is there some easy point in the
> makefiles where I can change it so that I can disable all of them
> temporarily? I tried appending it to global.mk:
> 
> CC_WARN   ?= -Wall -Wno-deprecated
> 
> but this still gave me the warnings. Where can I disable it?
> 
> Regards,
> 
> Boris
> 

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Roadmap 2017

[Martin Stein]

... I forgot:

* Bring the Trustzone VMM demo with a Linux guest to i.MX6

Martin

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Roadmap 2017

[Martin Stein]

Hello,

My plans for this year:

* Enhance the Timeout framework to use the performance counters for time
interpolation and RTCs for timestamps

* A server for DHCP and dynamic NIC router configurations to enable
dynamic network configuration

* More automated testing of block drivers and graphical applications
(screenshots, screencasts, pixel hashsums, scripted input)

* Continue my work on remote input and framebuffer

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Inheriting from Mmio class

[Martin Stein]

Hey Johannes,

I could not get it out of my mind. What do you think of the following
solution scheme:

~~~util/io_space.h~~~

template 
class Io_space
{
..
public:

Io_space(IO ) ..

template .. struct Register ..;
template .. struct Register_array ..;

template .. read(..)  { .. _io._read(..); .. }
template .. write(..) { .. _io._write(..); .. }
..
};

~~~util/mmio.h~~~

class Mmio : public Io_space
{
friend class Io_space;

private:

template .. _read(..)  { .. }
template .. _write(..) { .. }

public:

Mmio_b(addr_t base) : Io_space(*this) ..
};

~~~i2c_io.h~~~

class I2c_io : public Io_space { .. };

~~

This would keep the back-end hidden and enable diversification.

Cheers,
Martin

Am 08.12.2016 um 15:37 schrieb Martin Stein:
> Hi Johannes,
> 
> We actually had an internal discussion about such an approach. As far as
> I remember, it was in the context of the Zynq drivers. I absolutely like
> the idea of using the Mmio framework with different back-ends. I think
> you would have to exchange merely the two raw-access methods of the
> framework:
> 
> ! template 
> ! void Mmio::_write(off_t const, _ACCESS_T const)'
> !
> ! template 
> ! _ACCESS_T Mmio::_read(off_t const) const
> 
> The read<>() and write<>() methods you mention should not contain any
> code that depends on the way of accessing registers but only the bit and
> offset logic that could be reused.
> 
> I'm curious about the outcome of your idea and help willingly if you
> have further questions.
> 
> Cheers,
> Martin
> 
> Am 07.12.2016 um 18:26 schrieb Johannes Schlatow:
>> Hi,
>>
>> I really like Genode's Register API as it makes accessing memory mapped 
>> hardware registers quite clean and simple.
>>
>> However, I recently encountered the need to access a rather complex I2C 
>> slave device. The I2C controller itself is accessible via MMIO. Yet, the 
>> slave device itself has a notion of registers. Basically, you first send the 
>> register address to the I2C slave and, in a second transaction, you can 
>> read/write the register's value.
>>
>> Being used to the clean appearance of MMIO in Genode, I was wondering 
>> whether the access to I2C slave registers could be wrapped in a similar way. 
>> My intuition is that it might simply suffice to inherit from the Mmio class 
>> and modify the write<>() and read<>() functions but haven't checked the code 
>> in detail. Any suggestions/ideas?
>>
>> Cheers
>>  Johannes
>>
>> --
>> Developer Access Program for Intel Xeon Phi Processors
>> Access to Intel Xeon Phi processor-based developer platforms.
>> With one year of Intel Parallel Studio XE.
>> Training and support from Colfax.
>> Order your platform today.http://sdm.link/xeonphi
>> ___
>> genode-main mailing list
>> genode-main@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/genode-main
>>
> 
> --
> Developer Access Program for Intel Xeon Phi Processors
> Access to Intel Xeon Phi processor-based developer platforms.
> With one year of Intel Parallel Studio XE.
> Training and support from Colfax.
> Order your platform today.http://sdm.link/xeonphi
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 


--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/xeonphi
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Inheriting from Mmio class

[Martin Stein]

Hi Johannes,

We actually had an internal discussion about such an approach. As far as
I remember, it was in the context of the Zynq drivers. I absolutely like
the idea of using the Mmio framework with different back-ends. I think
you would have to exchange merely the two raw-access methods of the
framework:

! template 
! void Mmio::_write(off_t const, _ACCESS_T const)'
!
! template 
! _ACCESS_T Mmio::_read(off_t const) const

The read<>() and write<>() methods you mention should not contain any
code that depends on the way of accessing registers but only the bit and
offset logic that could be reused.

I'm curious about the outcome of your idea and help willingly if you
have further questions.

Cheers,
Martin

Am 07.12.2016 um 18:26 schrieb Johannes Schlatow:
> Hi,
> 
> I really like Genode's Register API as it makes accessing memory mapped 
> hardware registers quite clean and simple.
> 
> However, I recently encountered the need to access a rather complex I2C slave 
> device. The I2C controller itself is accessible via MMIO. Yet, the slave 
> device itself has a notion of registers. Basically, you first send the 
> register address to the I2C slave and, in a second transaction, you can 
> read/write the register's value.
> 
> Being used to the clean appearance of MMIO in Genode, I was wondering whether 
> the access to I2C slave registers could be wrapped in a similar way. My 
> intuition is that it might simply suffice to inherit from the Mmio class and 
> modify the write<>() and read<>() functions but haven't checked the code in 
> detail. Any suggestions/ideas?
> 
> Cheers
>  Johannes
> 
> --
> Developer Access Program for Intel Xeon Phi Processors
> Access to Intel Xeon Phi processor-based developer platforms.
> With one year of Intel Parallel Studio XE.
> Training and support from Colfax.
> Order your platform today.http://sdm.link/xeonphi
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/xeonphi
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: [tz_vmm demo]- execution time

[Martin Stein]

Hi John,

Am 25.10.2016 um 03:53 schrieb John David:
> Hi Martin,
> 
> Thanks a lot.
> I have tried to measure and print the performance counter value on as
> follows ( i.MX53QSB)
> 
> /Trace::Timestamp start = Trace::timestamp();
> /
> / my_funciton();
> /
> /Trace::Timestamp end = Trace::timestamp();
> 
> printf("CPU_cyces= %lu\n",(end-start));/
> 
> I have tried with /printf(%zu),/ /printf(%llu)/ and /printf("%"PRIu32)
> /format but the maximum number of digits what I can get is 10. I wonder
> what format can be used if the performance counter value is larger than
> 10 digits.
> To calculate the elapsed time, I multiply the /CPU_cycles  by 1
> nanosecod (ns)  / cycle.  /Is that right?
> 
> Thanks,

As you are on an ARMv7, Timestamp is a uint32_t. So, %u is sufficient
but the value never exceeds ten digits as the maximum uint32_t
(0x) is 4294967295 decimal. So it seems that your performance
counter is to fast. You can, however, slow it down by counting only
every 64th CPU cycle. This is the kernel patch for that:

--- a/repos/base-hw/src/core/spec/arm_v7/perf_counter.cc
+++ b/repos/base-hw/src/core/spec/arm_v7/perf_counter.cc
@@ -37,6 +37,7 @@ struct Pmcr : Register<32>
E::set(v, 1);
P::set(v, 1);
C::set(v, 1);
+   D::set(v, 1);
return v;
}

Your CPU should work with 1GHz so one cycle should be one nanosecond,
right. But consider that with the above patch, one counter step extends
to 64 nanoseconds.

Cheers,
Martin

--
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Linking genode processes at different address space

[Martin Stein]

Hello Parfait,

Am 15.10.2016 um 14:34 schrieb Parfait Tokponnon:
> Dear Genode community,
> I would like to know if there is a way to link Genode process (or
> components) at different address spaces especially when building
> Heeselicht scenario.
> When playing with the kernel (Nova), I encounter some weird values from
> a userland process, but which component exactly it is, i don't really
> know since almost all of them are linked to the same virtual adress.
> According to me, one way to deal with it would be to name each PD
> (protection domain) in the kernel according to the Genode component they
> belong to, but I think this would be a bit tedious.
> So what I am projecting to do is to guess the component name from the
> adress space they are executing in  (if they have different address
> space, right?).
> Any other idea is welcome.

Yes, the components are all in different virtual address spaces.
Anyway, I assume that changing the linking in such a way to get a
components name would be like taking a sledgehammer to crack a nut. I
wonder what exactly you mean with weird values (IP, stack pointer,
pagefaults, ...?) and at where you are when observing them (Core,
Kernel, debugger, ...?). I ask because, for example, the
Region-Management code in Core actually knows which Address Space is
used by which component. If your component causes a pagefault, Core not
only prints the name of the component but also name and IP of the thread
that caused it.

Cheers,
Martin

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Enabling secure boot on the USB armory

[Martin Stein]

Hi 오지수,

Am 28.09.2016 um 07:10 schrieb 오지수:
> Hello
> 
> I'm currently trying to boot Genode 15.02 on the USB Armory.

If just want to boot Genode without the need for secure booting, have
you tried article [1]?

> [1] provides tutorial of secure boot on USB Armory.
> But, [1] only handle linux zImage.
> Is this possible to generate signed U-boot for Genode image?

The current mainline Genode toolchain doesn't support creation of
verified uBoot images. As far as I know, nobody tried to secure-boot
Genode on the USB Armory yet. Thus, I can't give you any approved
information on how to add support. I had a quick look at the tutorial:

"... The U-Boot compilation (with Verified Boot and HAB support)
requires a precompiled zImage Linux kernel image source tree path ..."

This makes me wonder whether the Verified Boot/HAB tools support kernels
other then Linux at all. For this question it might be better to ask the
imx53 community [2] / manuals [3] or at the USB Armory forum [4].

[1] https://github.com/inversepath/usbarmory/wiki/Genode-OS
[2] https://community.nxp.com/
[3] http://cache.nxp.com/files/32bit/doc/app_note/AN4581.pdf
[4] https://groups.google.com/forum/#!forum/usbarmory

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: [tz_vmm demo]- execution time

[Martin Stein]

Hi John,

Am 20.09.2016 um 01:46 schrieb John David:
> Dear Martin,
> 
> Thanks a lot for your answers.
> 
> I wanted to use the performance counter for more performance
> measurements such as cache-misses, but I don't know how to access and

I forgot to mention that you could also transform the performance
counter values into time values. On ARMv7 the counter counts every
single CPU cycle. Thus, you can use SECONDS = PERF_COUNTER / CPU_FREQUENCY.

> use it in the secure world userland. Could you please give me some

If you have the performance counter enabled in the SPECS, you can
include 'trace/timestamp.h' and read a timestamp via
'Genode::Trace::Timestamp Genode::Trace::timestamp();'.

> hints? is there any reading material on this?

I think [1] illustrates the use of the timestamp/performance counter
pretty good. The only document I could find to read about perfomance
counter access in general is the ARMv7 Manual [2] paragraph "C12.7
Counter access". If you have further questions, don't hesitate to ask.

Cheers,
Martin

[1] base-nova/src/test/platform/main.cc
[2]
http://liris.cnrs.fr/~mmrissa/lib/exe/fetch.php?media=armv7-a-r-manual.pdf

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: [tz_vmm demo]- execution time

[Martin Stein]

The function elapsed_ms gives you the time that has passed since the
creation of the corresponding timer session. So, yes, you can measure
time intervals with this if you use the same session for t1 and t2.

If you merely aim for performance comparison and are not interested in
concrete time values, you could also use the performance counter. The
performance counter is enabled by adding the specifier 'perf_counter' to
your /etc/specs.conf file. Once enabled, the performance
counter is fully accessible by the (secure world) userland.

Cheers,
Martin

Am 16.08.2016 um 00:25 schrieb John David:
> Hello,  
> 
> I want to measure execution time of a function in the secure world of
> tz_vmm demo. I was wondering if I could use elapsed_ms( ) method in
> timer_session to measure t1 and t2 so that I can take the difference (t2
> -t1). Is there any other way?
> 
> 
> Best regards,
> John
> 
> 
> 
> --
> 
> 
> 
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode Scheduling TrustZone Demo

[Martin Stein]

As an addition to Stefans answer:

Be aware that calling vm->inject_irq(X) does not explicitely request the
kernel to do an injection but merely marks the VM context as "Injection
of interrupt X requested". The caller of vm->inject_irq(X) must not
enter the kernel for that and so, the operation does not necessarily
trigger any scheduling. The injection is not executed before you enter
the kernel again and the VM is the next job in your schedule. Both
depends on your individual Genode setup.

Cheers,
Martin

Am 25.07.2016 um 16:13 schrieb Stefan Kalkowski:
> Hi Stefan,
> 
> On 07/15/2016 04:43 PM, Stefan Brenner wrote:
>> Hi,
>>
>> we are using inject_irq() from Martin Stein to inject interrupts into
>> the normal world VM running Linux.
>>
>> When measuring the time between issuing inject_irq() and actually
>> arriving at the ISR in normal world (using CPU performance counters in
>> CPU cycles granularity) we can see that this always requires at least 10
>> million cycles, which is 10ms at 1Ghz and exactly what is defined as
>> cpu_fill_ms in base-hw/src/core/include/kernel/configuration.h.
>>
>> If we set cpu_fill_ms to 1, we can measure that it only requires 1
>> million cycles. Apparently it is not possible to set values below 1
>> (some assertion fails on compile).
>>
>> Is there another option, probably a more elegant one, that allows the
>> acceleration of interrupt injection?
>>
> 
> Normally, as long as no other component is runable and scheduled, you
> should immediately receive the interrupt after calling inject_irq(...).
> Are you sure that no other component is actively polling or otherwise
> consuming a lot of cpu time?
> 
> Regards
> Stefan
> 
>> Best, Stefan.
>>
> 

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Child component creation

[Martin Stein]

Hi Denis,

You might have a look at the init component [1]. It creates children
according to a given configuration. An example configuration can be
found in (almost) all run scripts as init is the only child of Genodes
core component and in this role responsible for starting all other
components. Just look out for the call to 'install_config' in a run
script (a good example is the timer test [2]).

Cheers,
Martin

[1]
os/src/init
os/include/init

[2] os/run/timer.run

Am 06.07.2016 um 14:17 schrieb Denis Huber:
> Hello,
> 
> I am looking for information on how to develop a parent component which 
> creates new children (just the basics).
> 
> I read the first 3 chapters of the Genode book which gave me the 
> theoretical information, but I could not find the practical 
> information/tutorials on how to create a child component. Is there a 
> good example in the source code of genode?
> 
> 
> Best regards
> Denis
> 
> --
> Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode Compilation Flags - Optimization

[Martin Stein]

You can try compiling it by modifying CC_OLEVEL in your
/etc/tools.conf (by the default, this file doesn't exist, so
you would have to create it):

CC_OLEVEL = -O3

You can verify if it is applied by adding VERBOSE= to your make call:

VERBOSE= make 

Cheers,
Martin

Am 23.06.2016 um 10:32 schrieb Tiago Brito:
> Hi, I've been trying to benchmark two similar programs, one running in
> the NW and another running in the SW of a i.MX53 QSB. I've adapted the
> tz_vmm example to run the SW program and the NW program is running on
> top of Linux.
> 
> I compiled my NW program with the -O3 optimization flag and I'm
> wondering if the code in tz_vmm can also be compiled with this flag in
> order to have the same optimization flag in both scenarios.
> 
> If it's possible, what do I have to change in order to achieve this?
> 
> Thanks in advance! Tiago
> 
> 
> --
> Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
> Francisco, CA to explore cutting-edge tech and listen to tech luminaries
> present their vision of the future. This family event has something for
> everyone, including kids. Get more information and register today.
> http://sdm.link/attshape
> 
> 
> 
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Attend Shape: An AT Tech Expo July 15-16. Meet us at AT Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode freezes on USB Armory

[Martin Stein]

Am 17.05.2016 um 13:09 schrieb Martin Stein:
> Just to be really clear, do you mean the initial Kernel that boots the
> Genode hypervisor or the Kernel that is started by Genode in the Normal
> World ([init -> tz_vmm] [vm] ...) ?

Sorry, I messed up terms: The "initial Kernel that boots the Genode
hypervisor" *is* the hypervisor and it does not "boot" Genode but
*drive* it. Simplified, my question is whether you're talking about the
kernel started in the Secure World or the kernel started in the Normal
World.

Cheers,
Martin

--
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode freezes on USB Armory

[Martin Stein]

Hi Yevgeny,

In general, I can recommend you to have a look at the article [3]. It
gives information regarding nearly all the topics that you address.

Am 16.05.2016 um 11:27 schrieb Yevgeny Lavrov:
> So I was able to run Genode on USB Armory, and ssh into it,
> and it appears to me that I’m interacting with Linux Virtual Machine. If
> it is a Virtual Machine, 

No, it is the Normal World of ARM Trustzone. It might be misleading that
we use the Genode VM-Session interface to control the Normal World but
the underlying Trustzone technology is still no Virtualization but
merely a hardware separation.

> then are there any tools available within that
> VM that I can use to talk to the outside of the Linux VM, or at least
> somehow prove/demonstrate that the Linux VM I’m currently in is running
> atop of Genode? 

Yes, there are. You can use the Secure Monitor Call or SMC instruction
of ARM for that. Actually, it is already used by your Linux for the
para-virtualized SD-card [1] and UART [2]. Using SMCs, you can also
install shared buffers as done in [1].

> The other question is about the Kernel. It appears as ARM Linux Kernel
> during boot. Is it a standard Linux Kernel or especially customized one
> to support Genode? I just need to verify this.  

Just to be really clear, do you mean the initial Kernel that boots the
Genode hypervisor or the Kernel that is started by Genode in the Normal
World ([init -> tz_vmm] [vm] ...) ?

Assuming you mean the one in the Normal World, it is a patched Linux
4.2.3. You can see my two Armory patches here [4].

> Can you provide any tips on how to bring up any other microkernels fully
> supported by Genode that I can run on USB Armory?

There are generally three main building sites when porting another
kernel to the Normal World of tz_vmm. First, the monitor component [5]
acts as bootloader for the Normal World OS. This bootloader behavior
would have to be adapted to the new OS's expectations.

Second, the Normal World OS currently has to cooperate in some ways with
the Secure World. Mainly, it must not modify clock or power controls in
a way that affects the Genode hypervisor because these controls are not
protected yet.

Third, you have to check whether your OS attempts to use devices that
are protected. If they are mandatory, i.e. you can't skip them, you can
para-virtualize them. As mentioned above, for SDHC and UART, Genode
already provides a para-virtualized interface.

> If there are no other
> options available besides using the default Linux kernel that comes with
> the tz_vmm, then is there any other board that you can recommend me to
> use to run Genode with fully supported microkernels, as preparation for
> seL4?

Could you please explain this a bit further? I don't know what seL4 has
to do with a Trustzone scenario. What is your final goal?

Cheers,
Martin

[1]
https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/block/genode.c

[2]
https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/tty/serial/genode.c
https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/arch/arm/include/debug/imx.S

[3] https://genode.org/documentation/articles/usb_armory

[4] https://github.com/m-stein/linux/commits/genode_hw_usb_armory_tz_vmm

[5]
https://github.com/genodelabs/genode/tree/master/repos/os/src/server/tz_vmm

--
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Genode freezes on USB Armory

[Martin Stein]

Hi Yevgeny,

What do you mean when you say it freezes?

If it doesn't react to keyboard input via your COM interface (minicom,
picocom, ...) that doesn't necessarily mean that it is frozen. UART
input isn't forwarded to the "Secure" world userland or the "Normal"
world guest OS in this scenario.

You can, however, communicate with the guest OS via TCP/IP (for example
by using ssh). For the details see [1]

Cheers,
Martin

[1] https://github.com/inversepath/usbarmory/wiki/Host-communication

Am 12.05.2016 um 13:00 schrieb Yevgeny Lavrov:
> Hi, after going through tz_vmm tutorial I was able to create uImage and
> put it on MicroSD card. However, when I try to boot it on Armory, Genode
> freezes all the way at the end.
> 
> Below is what appears on the console after executing
> 
> => ext2load mmc 0:1 0x7400 /uImage
> 
> => bootm 0x7400
> 
> 
> it freezes after "Debian GNU/Linux 7 usbarmory console"
> 
> Am I missing something?
> 
> Starting kernel ...
> 
> kernel initialized
> Genode 16.02
> int main(): --- create local services ---
> int main(): --- start init ---
> int main(): transferred 246 MB to init
> int main(): --- init created, waiting for exit condition ---
> [init] Could not open ROM session for module "ld.lib.so "
> [init] parent provides
> [init]   service "ROM"
> [init]   service "RAM"
> [init]   service "IRQ"
> [init]   service "IO_MEM"
> [init]   service "IO_PORT"
> [init]   service "CAP"
> [init]   service "PD"
> [init]   service "RM"
> [init]   service "CPU"
> [init]   service "LOG"
> [init]   service "SIGNAL"
> [init]   service "VM"
> [init] child "gpio_drv"
> [init]   RAM quota:  2863104
> [init]   ELF binary: gpio_drv
> [init]   priority:   0
> [init]   provides service Gpio
> [init] child "timer"
> [init]   RAM quota:  2863104
> [init]   ELF binary: timer
> [init]   priority:   0
> [init]   provides service Timer
> [init] child "platform_drv"
> [init]   RAM quota:  2863104
> [init]   ELF binary: platform_drv
> [init]   priority:   0
> [init]   provides service Regulator
> [init]   provides service Platform
> [init] child "sd_card_drv"
> [init]   RAM quota:  2863104
> [init]   ELF binary: sd_card_drv
> [init]   priority:   0
> [init]   provides service Block
> [init] child "part_blk"
> [init]   RAM quota:  10203136
> [init]   ELF binary: part_blk
> [init]   priority:   0
> [init]   provides service Block
> [init] child "tz_vmm"
> [init]   RAM quota:  10203136
> [init]   ELF binary: tz_vmm
> [init]   priority:   0
> [init -> platform_drv] --- i.MX53 platform driver ---
> [init] child "platform_drv" announces service "Platform"
> [init -> sd_card_drv] --- Imx53 SD card driver ---
> [init] child "sd_card_drv" announces service "Block"
> [init] child "timer" announces service "Timer"
> [init -> tz_vmm] Start virtual machine ...
> [init -> gpio_drv] --- i.MX53 gpio driver ---
> [init -> gpio_drv] No GPIO config
> [init] child "gpio_drv" announces service "Gpio"
> [init -> sd_card_drv] CID: 0x28424548 0x32353738 0x0006 0x8a00b600
> [init -> sd_card_drv] RCA: 0xb368
> [init -> sd_card_drv] SD card detected
> [init -> sd_card_drv] capacity: 3823 MiB
> Quota exceeded! amount=12288, size=12288, consumed=12288
> [init -> part_blk] Partition 1: LBA 20480 (194560 blocks) type: 83
> [init -> part_blk] Partition 2: LBA 215040 (3896289 blocks) type: 83
> [init] child "part_blk" announces service "Block"
> [init -> tz_vmm] [vm] Booting Linux on physical CPU 0x0
> [init -> tz_vmm] [vm] Linux version 4.2.3-2-gfd57dbf-dirty
> (lypo@bird) (gcc version 4.9.3 20150113 (prerelease) (Linaro GCC
> 4.9-2015.01-3) ) #4 PREEMPT Thu Nov 12 15:18:30 CET 2015
> [init -> tz_vmm] [vm] CPU: ARMv7 Processor [412fc085] revision 5
> (ARMv7), cr=10c5387d
> [init -> tz_vmm] [vm] CPU: PIPT / VIPT nonaliasing data cache, VIPT
> aliasing instruction cache
> [init -> tz_vmm] [vm] Machine model: Inverse Path USB armory
> [init -> tz_vmm] [vm] Memory policy: Data cache writeback
> [init -> tz_vmm] [vm] CPU: All CPU(s) started in SVC mode.
> [init -> tz_vmm] [vm] Built 1 zonelists in Zone order, mobility grouping
> on.  Total pages: 65024
> [init -> tz_vmm] [vm] Kernel command line: console=ttyS0 root=/dev/sda1
> rootwait rw init=/sbin/init clk_ignore_unused
> [init -> tz_vmm] [vm] PID hash table entries: 1024 (order: 0, 4096 bytes)
> [init -> tz_vmm] [vm] Dentry cache hash table entries: 32768 (order: 5,
> 131072 bytes)
> [init -> tz_vmm] [vm] Inode-cache hash table entries: 16384 (order: 4,
> 65536 bytes)
> [init -> tz_vmm] [vm] Memory: 255160K/262144K available (3174K kernel
> code, 119K rwdata, 1060K rodata, 140K init, 93K bss, 6984K reserved, 0K
> cma-reserved)
> [init -> tz_vmm] [vm] Virtual kernel memory layout:
> [init -> tz_vmm] [vm] vector  : 0x - 0x1000   (   4 kB)
> [init -> tz_vmm] [vm] fixmap  : 0xffc0 - 0xfff0   (3072 kB)
> [init -> tz_vmm] [vm] vmalloc : 0x9080 - 0xff00   (1768 MB)
> [init -> tz_vmm] [vm] lowmem  : 0x8000 - 0x9000   

Re: Reagaring Genode and USB Armory

[Martin Stein]

Hey Utkarsh,

Am 28.04.2016 um 21:10 schrieb Agrawal, Utkarsh:
> I think you missed to attach the log. :)

I checked it. No, the attachment is there. Its no footnote like [x] but
a file attached to the mail.

> * I have been using the prebuilt Linux. I again built everything by following 
> the instructions you mentioned. The UART is still exactly the same.
> 
> * I used the Uboot as mentioned at [1].

Hm, its strange that it gives another output than mine.
Could you pleas do the following and send me the corresponding output:

rm -rf /contrib/uboot/
VERBOSE= /tool/create_uboot hw_usb_armory
md5sum /contrib/uboot/build/hw_usb_armory/u-boot.imx

> * I am building Genode on Ubuntu. I tried to connect to the device on Ubuntu 
> and Mac OS X. No luck.
> 
> * Those lines are still missing in the log.
> 
> After I am done with building genode, and the sd-card is prepared, I followed 
> the instructions at [2], and [3].
> 
> I am not sure if I am supposed to add an entry to /etc/network/interfaces in 
> genode, as there are no usb0 entry there.

I don't think so. The usb link bring-up failed already on the guest side
as the log suggests so the host isn't the problem.

> Also, I have attached the script at [4] which I am using to create the image. 
> Save it as ".sh", and run with "sudo". I hope "sudo" is not 
> screwing up something.

First, your script installs the Genode sources and some tools. We have
not added this to the tutorial as most of this is a prerequisit to
Genode development in general. Regarding partclone, however, I agree
with you. I'll add a hint in the tutorial. The rest of your script seems
to be the same as the tutorial.
What is the 'umount "$TARGET_DEV"?' for?
Why have you changed the order of some instructions like 'make run/tz_vmm'?

Btw., it seems that [4] isn't available anymore.

Cheers,
Martin

> Latest log is at [5].
> 
> [1] 
> https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run#L30
> [2] 
> https://github.com/inversepath/usbarmory/wiki/Host-communication#cdc-ethernet
> [3] 
> https://github.com/inversepath/usbarmory/wiki/Host-communication#setup--connection-sharing-linux
> [4] https://codeshare.io/aGBbi
> [5] https://codeshare.io/BDPxf


--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Reagaring Genode and USB Armory

[Martin Stein]

Hi Utkarsh,

I unsuccessfully tried to reproduce your problem with a fresh build. I
created a working SD card from the scratch with Genode version 16.02 by
just copying the commands from the tutorial in [1] to my bash and
filling in my parameters in the first section. I've attached the my UART
log to the mail.

The differences I see between your setup and mine:

* I've used the prebuilt Linux images for now. Is your setup working if
you're using prebuilt images? (You can do this by removing
/bin/linux*, /bin/rootfs* and /bin/dtb*
and restart from 'make run/tz_vmm')

* It seems that you're using another Uboot than me. Have you used the
boot loader that is created and installed by the tutorial or your own?

* The tutorials were tested only on Linux hosts. If you're using another
OS, you have to be aware of subtile differences. Also, there are
dedicated sections for other OS's in [2].

* It seems that your ether_gadget is missing something. In my setup it
says "g_ether gadget: high-speed config #1: CDC Ethernet (ECM)" which is
missing in your case. Consequently you're also missing "ifup: interface
usb0 already configured" when the VM configures its network interfaces.
And finally, your log says "IPv6: ADDRCONF(NETDEV_UP): usb0: link is not
ready".

Cheers,
Martin

[1]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run#L9

[2]
https://github.com/inversepath/usbarmory/wiki/Host-communication#cdc-ethernet

Am 26.04.2016 um 21:45 schrieb Agrawal, Utkarsh:
> Hello,
> 
> The initial steps of compilation and building the SD card were not clear. It 
> took me few days to understand whats going on with the building procedure. I 
> will share the script file soon. There are some changes I am making to it. 
> Then maybe you can incorporate it into the repository.
> 
> I see that the wiki got updated. Thanks for that.
> 
> Here is the link to the output: http://pasted.co/7ff78388
> 
> Thank You
> Utkarsh
> 
> 
> 
> From: Martin Stein <martin.st...@genode-labs.com>
> Sent: Tuesday, April 26, 2016 2:19 PM
> To: Agrawal, Utkarsh
> Subject: Re: Reagaring Genode and USB Armory
> 
> I have answered your last mail on the mailing list [1].
> It has the same subject line as this mail.
> 
> Cheers,
> Martin
> 
> [1] genode-main@lists.sourceforge.net
> 
> Am 22.04.2016 um 11:17 schrieb Agrawal, Utkarsh:
>> Hello,
>>
>> Yes, I think it is a good time that we move it to the mailing list. How 
>> shall we do it?
>>
>> Thank You
>> Utkarsh
>>
>> 
>> From: Martin Stein <martin.st...@genode-labs.com>
>> Sent: Wednesday, April 20, 2016 5:07 PM
>> To: Agrawal, Utkarsh
>> Subject: Re: Reagaring Genode and USB Armory
>>
>> Hey Utkarsh,
>>
>> I would like to move this discussion to the mailing list at this point.
>>
>> Do you agree with that?
>>
>> Cheers,
>> Martin
>>
>> Am 20.04.2016 um 08:01 schrieb Agrawal, Utkarsh:
>>> Hello,
>>>
>>> I was able to Install ootloader, Genode, and the Linux rootfs. Thanks a lot 
>>> for your guidance. I have compiled a script which does all this task 
>>> easily. I would love to contribute this to the community, and would like to 
>>> know how can I do it.
>>>
>>> Next steps as I see are:
>>> 1. Connect USB Armory to host machine via USB-to-TTL serial cable.
>>> 2. Connect to USB Armory COM port.
>>> 3. Insert USB Armory into host USB slot and interrupt auto boot on COM port.
>>> 4. Send bootloader commands on COM port:
>>> 5. Linux login: The login and password of the Linux guest are both 
>>> "usbarmory"
>>>
>>> I hope the above steps are pretty straight forward, and there should be no 
>>> issues there.
>>>
>>> Also, at [1], they mention about this "make ARCH=arm zImage 
>>> LOADADDR=0x80008000 modules". I am not sure what image they are talking 
>>> about, when am I supposed to do this step.
>>>
>>> Next I would like to know how do I start working on TrustZone with Genode. 
>>> Can you guide me on how to start with a sample application which switches 
>>> between Normal and Secure World?
>>>
>>> Thank You
>>> Utkarsh Agrawal
>>>
>>> [1] 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_inversepath_usbarmory_wiki_Genode-2DOS=CwIC-g=C3yme8gMkxg_ihJNXS06ZyWk4EJm8LdrrvxQb-Je7sw=hnUL4kgB9cStyuGpvYu3L9_MVOWR5t87hYpTv2FwCGo=NwzIeuHqYnvROYKinKAlZVd5PiAYFi9QCtcc7dRP5gs=xm51_erngIaEOyEFFbZcXPF_0997eNeTOB2sbteiTQU=
>&g

Re: Reagaring Genode and USB Armory

[Martin Stein]

Hi Utkarsh,

Regarding your installation script: I think, it is a good idea to share
your experience with the community. However, I don't see which steps of
this process are not covered yet by [1] and [2]. If there are such
pitfalls, please let me know. If you agree, I would directly add them to
[1] resp. [2].

Regarding the Wiki [3]: It was updated and, as I think, now gives a
clearer view of the way towards a Genode hypervisor on the USB Armory.

Regarding your USB-connection issue: IMO, the USB events that your dmesg
shows are not from the integrated USB of the USB Armory but the
UART-to-USB converter you've attached to the device. So, apparently
you're missing feedback from the host controller at all. Could you
please send the UART output of your USB Armory for further analysis?

Cheers,
Martin

[1]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run#L9

[2]
https://github.com/m-stein/genode_binaries/blob/master/tz_vmm/usb_armory/README#L15

[3] https://github.com/inversepath/usbarmory/wiki/Genode-OS

Am 26.04.2016 um 06:57 schrieb Agrawal, Utkarsh:
> I have been able to send bootloader commands on COM port. But I am not able 
> to ssh in to the machine. I do not see any usb0 interface. I followed the 
> "CDC Ethernet" section of [1].
> When I move on to "Setup & Connection Sharing: Linux" section, and when I 
> execute "/sbin/ip link set usb0 up", it says that the interface is not found.
> 
> I have tried disabling the nework manager(sudo service network-manager stop), 
> and then executing the steps. But still usb0 is not identified.
> 
> Any advice on how to proceed with this?
> 
> Below is the dmesg:
> [ 7325.602965] usb 1-1: new full-speed USB device number 11 using xhci_hcd
> [ 7325.736411] usb 1-1: New USB device found, idVendor=0403, idProduct=6001
> [ 7325.736413] usb 1-1: New USB device strings: Mfr=1, Product=2, 
> SerialNumber=3
> [ 7325.736415] usb 1-1: Product: FT232R USB UART
> [ 7325.736415] usb 1-1: Manufacturer: FTDI
> [ 7325.736416] usb 1-1: SerialNumber: AL00JG5C
> [ 7325.739007] ftdi_sio 1-1:1.0: FTDI USB Serial Device converter detected
> [ 7325.739049] usb 1-1: Detected FT232RL
> [ 7325.739231] usb 1-1: FTDI USB Serial Device converter now attached to 
> ttyUSB0
> 
> 
> Thank You
> Utkarsh Agrawal
> 
> [1] https://github.com/inversepath/usbarmory/wiki/Host-communication
> 
> Am 20.04.2016 um 08:01 schrieb Agrawal, Utkarsh:
>> Hello,
>>
>> I was able to Install ootloader, Genode, and the Linux rootfs. Thanks a lot 
>> for your guidance. I have compiled a script which does all this task easily. 
>> I would love to contribute this to the community, and would like to know how 
>> can I do it.
>>
>> Next steps as I see are:
>> 1. Connect USB Armory to host machine via USB-to-TTL serial cable.
>> 2. Connect to USB Armory COM port.
>> 3. Insert USB Armory into host USB slot and interrupt auto boot on COM port.
>> 4. Send bootloader commands on COM port:
>> 5. Linux login: The login and password of the Linux guest are both 
>> "usbarmory"
>>
>> I hope the above steps are pretty straight forward, and there should be no 
>> issues there.
>>
>> Also, at [1], they mention about this "make ARCH=arm zImage 
>> LOADADDR=0x80008000 modules". I am not sure what image they are talking 
>> about, when am I supposed to do this step.
>>
>> Next I would like to know how do I start working on TrustZone with Genode. 
>> Can you guide me on how to start with a sample application which switches 
>> between Normal and Secure World?
>>
>> Thank You
>> Utkarsh Agrawal
>>
>> [1] 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_inversepath_usbarmory_wiki_Genode-2DOS=CwIC-g=C3yme8gMkxg_ihJNXS06ZyWk4EJm8LdrrvxQb-Je7sw=hnUL4kgB9cStyuGpvYu3L9_MVOWR5t87hYpTv2FwCGo=NwzIeuHqYnvROYKinKAlZVd5PiAYFi9QCtcc7dRP5gs=xm51_erngIaEOyEFFbZcXPF_0997eNeTOB2sbteiTQU=
>> 
>> From: Agrawal, Utkarsh
>> Sent: Friday, April 15, 2016 11:12 PM
>> To: Martin Stein
>> Subject: Re: Reagaring Genode and USB Armory
>>
>> Hello,
>>
>> Thank for you the reply. I just noticed that the subject of the email has a 
>> typo. Maybe I was in a hurry when writing the first mail. :)
>>
>> I am sure that I was in the mentioned branch. I will try [2] after I have 
>> the basic setup running of Genode.
>>
>>
>> I have been trying to use [1]. But I get some errors. Following are the 
>> steps I have followed:
>>
>> I cloned the master branch of 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_genodelabs_geno

Re: [tz_vmm] Build error (#2)

[Martin Stein]

Hey Yevgeny,

Am 17.04.2016 um 09:09 schrieb Yevgeny:
> Yes, I've already tried: make run/tz_vmm, however, it doesn't create the
> *uImage* in the *var/run/tz_vmm/* directory.

A run script merely contains the common set-up of a Genode scenario.
Thus, it doesn't create bootloader-specific output like a uImage. For
such customization there is the file /etc/build.conf. In your
case you would need to add a line:

RUN_OPT += --include image/uboot

This is also documented in [1]. I think it would be the best if follow
the tutorial in there. It describes the complete process how to create a
bootable SD card with the tz_vmm script.

> I started off with this tutorial:
> https://github.com/inversepath/usbarmory/wiki/Genode-OS and everything
> went fine untill this point: cp var/run/tz_vmm/uImage to SD_CARD. Err:
> no such file or directory"

The Wiki recently was updated as the previous version seemed to cause
misconceptions. Please check out the new version.

> I've taken the following steps provided in the first link of you msg.
> export TARGET_DEV=/dev/sdX
> cd genode-16.02
> ./tool/create_builddir hw_usb_armory
> ./tool/create_uboot hw_usb_armory
> sudo dd if=contrib/uboot/build/hw_usb_armory/mmc_img of=$TARGET_DEV
> bs=1K seek=1 conv=fsync
> cd genode-16.02/build/hw_usb_armory/
> echo "RUN_OPT += --include image/uboot" >> etc/build.conf
> make run/tz_vmm
>
> and ended up with the following error:
>
> couldn't execute "mkimage": no such file or directory

I assume thta this is related to the above problems. Could please give
it another try?
>
> if instead of echo "RUN_OPT += --include image/uboot" >> etc/build.conf
> I change RUN_OPT = --include boot_dir/hw to RUN_OPT = --include
> boot_dir/hw image/uboot the build succeeds but no uImage gets created.

There is missing an --include after boot_dir/hw.

> I'm using clean Ubuntu 15.10 VM, Genode15.05 x86-64 tool chain, and the
> latest version of Genode 16.02

That should be fine. If you try using the wrong tool chain, the build
system should tell you and stop.

Cheers,
Martin

[1] https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run



Am 08.04.2016 um 11:08 schrieb Martin Stein:
> Hey Yevgeny,
> 
> If you only want to try the default setup, you can simply use the run
> script [1] by doing 'make run/tz_vmm' in your build directory. The
> script automatically downloads a precompiled Linux image. Have you tried
> that?
> 
> If you're really interested in customizing your Normal World Linux,
> there is also a link in the run script to a detailed explanation on how
> to compile the images [2]. I assume that your approach fails because of
> the wrong toolchain. Does the tutorial fix your problem?
> 
> Cheers,
> Martin
> 
> [1] https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
> 
> [2]
> https://github.com/m-stein/genode_binaries/blob/master/tz_vmm/usb_armory/README
> 
> Am 05.04.2016 um 21:49 schrieb Yevgeny:
>> I'm trying to compile Genode for usbarmory. After executing this command
>> *make ARCH=arm zImage LOADADDR=0x80008000 modules* from the root dir of
>> the downloaded linux kernel, it gives me the following error.
>>
>> Makefile:664: Cannot use CONFIG_CC_STACKPROTECTOR_STRONG:
>> -fstack-protector-strong not supported by compiler
>> CHK include/config/kernel.release
>> CHK include/generated/uapi/linux/version.h
>> CHK include/generated/utsrelease.h
>> make[1]: 'include/generated/mach-types.h' is up to date.
>> CC kernel/bounds.s
>> gcc: error: unrecognized argument in option ‘-mabi=apcs-gnu’
>> gcc: note: valid arguments to ‘-mabi=’ are: ms sysv
>> gcc: error: unrecognized command line option ‘-mlittle-endian’
>> gcc: error: unrecognized command line option ‘-mapcs’
>> gcc: error: unrecognized command line option ‘-mno-sched-prolog’
>> Kbuild:35: recipe for target 'kernel/bounds.s' failed
>> make[1]: *** [kernel/bounds.s] Error 1
>> Makefile:980: recipe for target 'prepare0' failed
>> make: *** [prepare0] Error 2
>>
>> Please advise
>>
>> —
>> You are receiving this because you are subscribed to this thread.
>> Reply to this email directly or view it on GitHub
>> <https://github.com/m-stein/linux/issues/2>
>>

--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Shared Memory in tz_vmm demo

[Martin Stein]

Hi Joseph,

Am 14.04.2016 um 02:44 schrieb Joseph Lee:
> I just only commented out line 118 (i.e.,/if (_handle_vm())/) in
> https://github.com/genodelabs/genode/blob/15.11/repos/os/src/server/tz_vmm/spec/imx53/main.cc
> so that the TZ VMM switches to the normal world immediately by invoking
> the run function of the VM session interface. I don't know how to do
> with instruction re-ordering in secure world kernel. Can you please give
> me some hint?

Maybe there is a misconception about the VM session run function. It
does not directly switch to the VM but rather marks it as executable
again. A mere hint for the scheduler. It is up to the Scheduler when to
schedule the VM according to the active subjects and their priorities /
quotas. Assuming that you use the vanilla 'tz_vmm' scenario, there are
additional subjects like the timer or the SD card driver that may be
scheduled in between VMM and VM. And the same applies for the switch
from VM to VMM. You can solve the latter by adding priorities:


...


...

...


The easiest way to improve the former (VMM to VM) temporarily is by
hacking the priority/quota of VMs in [1] like:

#include 

size_t percentage_to_quota(size_t const quota_percentage)
{
using Genode::Cpu_session;
using Genode::sizet_arithm_t;
size_t const tics = cpu_pool()->
timer()->ms_to_tics(Kernel::cpu_quota_ms);

size_t quota_user = Cpu_session::
quota_lim_upscale(quota_percentage, 100);

return Cpu_session::
quota_lim_downscale(quota_user, tics);
}

Kernel::Vm::Vm(void   * const state,
   Kernel::Signal_context * const context,
   void   * const table)
:  Cpu_job(Cpu_priority::MAX-1, percentage_to_quota(40)),
...

Leaving 20% CPU quota unused ensures that the other subjects don't starve.

> I wonder if you could tell me assembly instructions to measure small
> intervals? i have tried the following but i got 0 value.
> 
> /  asm volatile ("MRC p15, 0, %0, c9, c13, 0\t\n": "=r"(t1));
> /
> /// smc call
> //  asm volatile ("MRC p15, 0, %0, c9, c13, 0\t\n": "=r"(t2));
> /
> /  interval = t2 - t1;
> /

As far as I understand, the performance counter you're accessing here
wont help you. It counts processor cycles whereas you like to measure
time. For an MMIO timer, you can do something like:

/* Initialize timer */
unsigned v1 = 0;
unsigned v2 = TIMER_VALUE_REG_BASE;
asm volatile (
"dsb\n"
"ldr %1, [%2]\n"
"dsb\n"
"smc #0\n"
"dsb\n"
"ldr %2, [%2]\n"
"dsb\n"
: "=r" (v1), "+r" (v2) : );
unsigned interval = v2 - v1

You may use the FLEXCAN Free Running Timer or the General Purpose Timer
(GPT). You don't want to use the EPIT timers as they are needed by the
secure world for the scheduler and the userland timer that is needed by
the SDHC driver.

The DSB instructions avoid re-ordering. I'm not sure if you need that
many DSBs but as soon as the first DSB is through, the other DSBs
shouldn't cause big overhead.

> how do we measure the time taken to execute some instructions in the
> secure world? 

Cheers,
Martin

[1] base-hw/src/core/spec/arm_v7/trustzone/kernel/vm.cc

--
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Shared Memory in tz_vmm demo

[Martin Stein]

Hi Joseph,

Am 05.04.2016 um 11:19 schrieb Joseph Lee:
> Hi Stefan,
> 
> Thanks a lot for your response.
> 
> I have another questions. I have tried to measure the time for the
> context switch between the worlds. I make an /SMC/ call in the normal
> world (Linux) and modified the VMM to return to the normal world without
> doing any operation. I take time t1 before calling the SMC instruction
> and time t2 after the secure world switches back to the normal world.
> Then the difference (t2 - t1) is the time for the context switch. i am
> getting around /0.05/ milliseconds. Is that the right way to measure the
> time for the context switch? FYI, i use /getrusage( )/ function in Linux
> to measure t1 and t2.
> 
> How do we measure time for a process in Genode. Is there a method to get
> time in Genode?  Thanks again for you help and time.

In general, your set-up looks reasonable to me. It is not granted that
the scheduling order in your test case is exactly 'guest os -> vmm ->
guest os'. You have to ensure that the secure world kernel doesn't mix
in other subjects.

Personally, I also would directly use a hardware timer instead of
'getrusage' to measure such small intervals. You could sample the timer
via assembly instructions located directly before and after the SMC
call, so no other instructions interfere. Make sure to prevent
instruction re-ordering here also. The hardware as well as the compiler
may under given circumstances re-order.

You may already know, but if you like to do more detailed measurements,
a timer that is configured non-secure allows you to sample from both worlds.

Cheers,
Martin

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: FYI: microkernel.info community site

[Martin Stein]

Hi Jakub,

I really like the idea and implementation of this website. Having a
place that provides an overview of the Microkernel movement as a whole
may help to lower the barriers for outstanding people to get in touch
with it. Maybe it also helps to keep events like the FOSDEM devroom going.

Cheers,
Martin

Am 10.03.2016 um 20:50 schrieb Jakub Jermář:
> Hello,
> 
> just FYI, I have set up a simple web page[1] to promote the wider
> microkernel community and its goals. So far, the page comes with a brief
> description of the microkernel concept and an incomplete list of
> microkernel projects with links to each project's web. The description
> is made out of the first two sentences I found in the "What is XYZ"
> section or elsewhere on the web of the respective project. I also took
> the freedom to use the respective project's logo (or what I believed was
> the project's logo) for promoting it.
> 
> I hope you will find this small web a good idea. It was inspired by a
> similar (though a little bit more informative) site set up by the
> unikernel community [2]. The sources of the [1] web are hosted on Github
> [3], so feel free to submit issues or PR to make the site better.
> 
> Please send me a PM if there are any issues pertaining your project's
> cartouche that cannot be dealt with using Github.
> 
> Thanks,
> Jakub
> 
> [1] http://microkernel.info
> [2] http://unikernel.org/projects/
> [3] https://github.com/jermar/microkernel.info
> 
> --
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140
> ___
> genode-main mailing list
> genode-main@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
> 

--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Porting applications strategy

[Martin Stein]

Hi Tomasz,

Am 15.02.2016 um 22:59 schrieb Tomasz Gajewski:
> I would like to be able to do:
> 
> ./configure --host=genode-x86 && make

As far as I know, we currently do not issue 'configure' through the
ports mechanism. Instead the customized config.* files of the ports are
provided. An example for this is libav:

libports/src/lib/libav/config.h
libports/src/lib/libav/config.mak

Then the Genode sided directory is added to the include paths, so the
config header applies when building the port and the config makefile is
included and applied in the Genode config:

libports/lib/mk/av.inc:
...
INC_DIR += $(REP_DIR)/src/lib/libav
...
include $(REP_DIR)/src/lib/libav/config.mak
SRC_C += $(OBJS:.o=.c)
SRC_C += $(OBJS-yes:.o=.c)
...

Cheers,
Martin

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Writing to two different dataspaces at the same time

[Martin Stein]

Hi David,

Am 20.01.2016 um 23:42 schrieb David Werner:
> 1) Is it somehow possible to back a virtual address range with two 
> different dataspaces (attaching two different dataspaces at the same 
> virtual address is obviously not possible) ? What i want to achieve is 
> that writing to a virtual address results in writing to two dataspaces 
> at the same time, so that the dataspaces have the same content.

The only way I see to do this is by using a managed dataspace combined
with instruction emulation. But before going deeper into this: I wonder
why you want to access two dataspace at a time anyway?

A managed dataspace is not backed by physical memory but by another
virtual address range (see [2]). So, you can install your own region
manager implementation that is then called each time someone causes a
page fault on the managed dataspace. In your region manager you could
then resolve the faulting instruction to a double access. In order to do
so, your region manager would have to be able to access the text segment
of the component that uses the managed dataspace.

> 2) As far as i know a thread has to be added to a rm session as a client 
> in order to be able to use it as layout for its virtual address space. 

Not exactly. A thread can access any virtual address in the address
space of its component, without the need for a registration at the
corresponding RM session, *as long as the accessed address is already
mapped*. Rm_session::add_client is only needed to enable the handling of
page faults for a thread. It requests the RM session to create a a pager
for the thread and returns a capability that references this pager (see
[3]). To ensure that page faults of the thread are actually forwarded to
this pager, you have to call Cpu_session::set_pager(thread_cap,
pager_cap) additionally.

However, as virtual addresses are normally mapped on demand, one should
assume to cause page faults when accessing virtual addresses and thus
register its thread for page-fault handling in advance.

> Is it possible for a thread to operate on two different rm_sessions at 
> the same time?

Yes and no. You can call Rm_session::add_client for one thread on two
different RM sessions. What this does is that both RM sessions keep
ready a pager for the thread but the thread is linked to neither of them
yet. The linkage is done by Cpu_session::set_pager. As you can see for
example in [1], Cpu_session::set_pager simply overwrites the previous
configuration. So, if you call it twice with different pagers, your
thread will be linked to the pager you stated last.

But yes, you can incorporate multiple RM sessions into one address space
by the means of the already mentioned managed dataspaces. You would then
have to register your thread at the top-level RM session. However, also
in this case, each address goes down to exactly one "leaf" RM session
that is responsible for the corresponding faults.

Cheers,
Martin

[1]
https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/platform_thread.cc#L190

[2] http://genode.org/documentation/genode-foundations-15-05.pdf Page
63, "Realizing managed dataspaces"

[3]
https://github.com/genodelabs/genode/blob/master/repos/base/src/core/rm_session_component.cc#L568

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: How to calculate the TCB size

[Martin Stein]

Hi Jaemin,

Sorry for the delayed answer. Unfortunately, I overlooked your question.

Am 22.12.2015 um 12:39 schrieb JaeminPark:
> I’m working with Genode to implement the ARM TZ-based idea.
> For evaluation, I’d like to count the line of code of the TCB.
> In the build folder, I could find "var/libcache" folder, and there the 
> compiled files for my build configuration could be found.
> 
> Do I need to check all files listed in each .d files in “var/libcache” or is 
> there any efficient way to count the number of lines for the TCB?

By default we calculate our LOC values via 'sloccount ' called
for each source directory that is used. Of course, this way you have to
evaluate manually which sources (repos, components, libs, specs) are
used in your scenario. At least, I do not know a way to automate this
step. You may reduce the effort by lower requirements in accuracy. E.g.,
when compiling core for hw_panda you can simply count all in base-hw and
base to get an upper bound.

Cheers,
Martin

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Genode Hack'n'Hike 2016

[Martin Stein]

Hello everyone,

The Hack'n'Hike 2016 is approaching. During the 27th - 30th of May we'll
gather again in a cosy accommodation to
enjoy outdoor activities, collaborative hacking, and relaxation.

For everyone who's interested in getting involved with the community,
catching up, or just hanging out with the Genode crowd - feel welcome to
join us in the Gutshaus Heeselicht:

Gutshaus Heeselicht [3], Hofestr. 1a, 01833 Stolpen, district Heeselicht
Germany [4]

There is still room for more participants. Genode Labs sponsors the
event. So your participation/accommodation is free. *To simplify
organization for us, please let us know till the 26th of January if you
like to join in*. You can do so by writing to [1] or commenting on [2].
However, if you don't know by now whether you can participate, you may
join us later as well.

For further information, please have a look at [2]. Also if you have
suggestions or questions regarding the Hack'n'Hike, don't hesitate to
write to the above locations.

Best regards,
Martin

[1] hacknh...@genode-labs.com

[2] https://github.com/genodelabs/genode/issues/1544

[3] http://www.gutshaus-heeselicht.de

[4]
https://www.google.de/maps/place/Gutshaus+Heeselicht/@51.0057638,14.0968323,17z/data=!4m2!3m1!1s0x4709b0047bc32663:0xe599b8be1a2da696?hl=en

--
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: tz_vmm demo on USB Armory

[Martin Stein]

Hey John,

Am 21.12.2015 um 14:41 schrieb John David:
> Thanks a lot. Maybe i will take a look at this article
> 
> and see if i can do the same thing for USB Armory.

That's a good idea, combined with the readings about the USB Armory
Linux VM demo, it might serve as a good guide line.

> Regarding SSH connection, when i tried to connect to USB Armory Linux-VM
> via SSH over IP as described in thistutorial
>  it
> asked me to enter a password for a root user. I entered a default root
> password which is 'root'. After the password entry, it displayed,
> "|Permission denied, please try again|". I also tried to connect without
> a password but same thing happen. I would be grateful if you have some
> ideas on this issue.

As described in [1], the login name and password are both 'usbarmory'.
This is a good hint, I think I'll add this to my article.

Cheers,
Martin

[1]
https://github.com/inversepath/usbarmory/wiki/Preparing-a-bootable-microSD-image#root-file-system

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: tz_vmm demo on USB Armory

[Martin Stein]

Hi John,

Am 19.12.2015 um 02:00 schrieb John David:
> I am trying to run Android in the normal world. Is it possible to run an
> Android OS without any modification?

At least, you would have to patch the Linux Kernel that your Android is
based on. I don't know whether the rest of Android needs patching too.
If you investigate this farther, it would be nice if you could keep me
informed about your progress!

> Where i can find patchs of the
> Linux kernel in the current demo?

As described in the article, there is a tutorial on how to build the
used Linux [1]. The tutorial references a git branch that contains the
mentioned patches [2].

> Is there a trustzone demo on USB
> Armory which runs Android in the normal world while Genode in secure
>  world?

No, and I don't know anybody who's currently working at such a demo.

> I couldn't even find an Android image for USB Armory. Appreciate
> if you could give me a hint on this.

I have not tried to build Android for the USB Armory yet and can't thus
give you any other advice but to contact the Inversepath staff regarding
this question.

Cheers,
Martin

[1]
https://github.com/m-stein/genode_binaries/blob/master/tz_vmm/usb_armory/README

[2] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: tz_vmm demo on USB Armory

[Martin Stein]

Hey John,

Am 18.12.2015 um 13:37 schrieb John David:
> Thank you for your explanation. i want a command prompt to run a user
> mode program in Linux (normal world). Can you please suggest me if there
> is something i can do this?

As the tutorial [1] that I've linked in my last mail suggests, you can
do SSH over IP, using an SSH client on your USB host and an SSH server
in your USB-Armory Linux-VM. OpenSSH [2] is a popular SSH implementation ;)

Cheers,
Martin

[1] https://github.com/inversepath/usbarmory/wiki/Host-communication
[2] http://www.openssh.com/

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: tz_vmm demo on USB Armory

[Martin Stein]

Hey John,

Am 18.12.2015 um 01:25 schrieb John David:
> it displays log messages (see on the attached ) and hangs. The tz_vmm

Unfortunately, your mail has no attachment. Did you miss it?

> start the virtual machine (Linux) but I couldn't get a Linux shell to
> run Linux commands so i have no chance to access the root file system on
> the SD_card (non-secure). it could be a ridiculous question but please
> tell me what is missing?

A shot in the dark: Which state of the Genode sources are you using? I
recomend to use the 15.11 release state [1]. If you have a clone of the
git repository, you can get this state by doing 'git checkout 15.11'.

I only just recognized that I did not mention this in the article. I'll
try to fix that.

[1] https://github.com/genodelabs/genode/tags

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: i.mx53qsb and ARM Trustzone Techology

[Martin Stein]

Hi Joseph,

Am 10.12.2015 um 14:08 schrieb Joseph Lee:
> I have some more questions. How in VMM I can read contents of VM's RAM
> by accessing the physical memory address directly instead of virtual
> address? 

I wonder why you want to do this? In the userland on Genode+ARM, the MMU
is always enabled, there is and shall be no way to disable it from
within the userland. You can use the IOMEM mapping of the VM RAM in the
tz_vmm [1] to access non-secure RAM. Likewise, you can IOMEM-map this
RAM in other components. When IOMEM-mapped, the VM RAM is non-cached in
the VMM but it may be partially cached in the non-secure world. So,
either you only access regions that are non-cached also in the
non-secure world or synchronize before accessing them (For details
regarding these two cases see a recent mail [6] of me).

> Or is MMU in Genode configured for one to one mapping the
> virtual address to physical address? 

No. It is possible to determine the physical address of a dataspace via
[4] and to suggest a local mapping address via [3] but what do you
expect to be the benefit of a 1:1 mapping?

> how do i use DMA without involving
> the CPU to read contents of VM's RAM inside VMM?

I don't know how this is done but AFAIK nothing speaks against doing it.
DMA engines are configured in the CSU [5] whether to be allowed or
forbidden to access secure RAM.

Cheers,
Martin

[1]
https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/include/vm_base.h#L69

[3]
https://github.com/genodelabs/genode/blob/master/repos/base/include/rm_session/rm_session.h#L139

[4]
https://github.com/genodelabs/genode/blob/master/repos/base/include/dataspace/dataspace.h#L35

[5]
https://github.com/genodelabs/genode/blob/master/repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h#L221

[6] http://sourceforge.net/p/genode/mailman/message/34685275/

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: ARM TrustZone Shared Memory Crossworld

[Martin Stein]

Hi Stefan,

Am 09.12.2015 um 17:15 schrieb Stefan Brenner:
> 1) We use mmap(NULL, , PROT_READ|PROT_WRITE, MAP_SHARED|MAP_ANON,
> -1, 0) to allocate the buffer in normal world (Linux). Is there a better
> way to allocate uncached memory?

The only way I found, when working at Genode's TrustZone VMM on USB
Armory, was by allocating DMA memory. As far as I know, Linux doesn't
provide allocating non-cached DMA regions in the userland. However, you
can do this inside the kernel. You may have a look at the initialization
of genblk_buf in my para-virtualized block driver [1]. The resulting
address is used for shared RAM between secure and normal world. The
secure back end of the driver can be found in [2].

> 2) We've tried __cpuc_flush_user_all(), __cpuc_flush_kern_all() in order
> to invalidate all cache lines (later maybe only the affected cache lines
> once this works in general). Is this correct, to do this in normal world
> (i.e. Linux)?

I do not know whether this is sufficient, but recently there was a post
with the same idea [3] and maybe the author got it working at the end.
In the corresponding thread I also suggested a general design for memory
synchronization caused from within the VMM. This is useful when not
having non-cached memory _and_ the VMM is the transfer initiator. But I
assume that the latter is not the case in your scenario.

> 3) At the moment we assume that Genode doesn't have to invalidate/flush
> its cache lines because as it is the VMM it should be aware of the fact
> that the cache might be stale.

I'm afraid I do not understand what you mean. A RAM region shared
between the TrustZone worlds must always be located in non-secure RAM.
In the tz_vmm, the whole non-secure RAM is mapped as IOMEM [4], which is
- using ARM-speak - tagged as "Device Memory" and thus non-cached. So,
yes, the tz_vmm must not flush caches as it should always use these
non-cached mappings.

> Any help is appreciated. A short hint: Currently our idea is to send an
> hypercall to the Genode VMM after Linux has written to the buffer, so
> Genode will pretty quickly access the memory after it has been written
> to from Linux.

This is exactly what is done in the para-virtualized block driver
mentioned above after a write request has been set-up in the buffer [5].

Cheers,
Martin

[1]
https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/block/genode.c#L338

[2]
https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/block.cc

[3] http://sourceforge.net/p/genode/mailman/message/34667551/

[4]
https://github.com/genodelabs/genode/blob/master/repos/os/src/server/tz_vmm/include/vm_base.h#L69

[5]
https://github.com/m-stein/linux/blob/genode_hw_usb_armory_tz_vmm/drivers/block/genode.c#L204

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Article about the new TrustZone demo on the USB Armory

[Martin Stein]

Hello everyone,

as already announced, Genode's recent release 15.11 contains enhanced
TrustZone support on the USB Armory board using our custom base-hw
kernel. Due to the many-sided and perceptive story behind this
improvement, we decided to provide a dedicated article. Besides telling
our story, the article also illustrates how the new TrustZone demo on
the USB Armory works and how you can easily bring it to your own USB
Armory. If you are interested in this topic, you may read the article at:

  http://genode.org/documentation/articles/usb_armory

I hope you enjoy it and may even find it helpful.

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Upgrade to 15.11 from 15.02 results in quota exceded message

[Martin Stein]

Hi Bob,

Am 03.12.2015 um 13:37 schrieb Bob Stewart:
> The scenario I run includes sdcard, gpio, gp timers, uarts, i2c, and PWM
> drivers and vfs is also in there. All of this, with my modified base-hw
> kernel, appears to be running as it does in 15.02 with the exception of
> the PWM driver. The log from the 15.11 implementation shows nothing
> exceptional (attached) and is practically identical to what is output on

While reading this, it came to my mind that somewhere around the
beginning of the year, interrupt semantics have changed on base-hw. In
the past, an IRQ session, once opened, directly started handling
interrupts. Today, the handling, and therefore also the reception, of
interrupts doesn't start until an initial 'Irq_session::irq_ack' call. I
know, its a shot in the dark. But just to be sure you may check whether
your drivers already send this initial ack.

> 15.02. Running my PWM driver in verbose mode shows that data received
> from sensors on the i2c bus and from a manual input controller is being
> correctly received, processed, and sent to the PWM driver. The PWM does
> some signal conditioning and writes updated duty cycle values to an IO
> register from which the SoC's pwm subsystem sends the modified pulse to
> an IO pin. That pin is attached to a motor ESC which provides the power
> to drive the motor. The motor never receives the pulse. So, presumably,

My first intention is, that this could also be a bad GPIO configuration.
However, with the information I have this can only be a vague guess. Can
you share your source code including the run script that you're using?
Most comfortable would be an on-line git branch :)

> there is an issue with IO mapping and the signal is not going to the
> correct register location. I notice in the 5.11 release notes that there
> have been changes in the area of memory mapped IO, so I'm starting to

Sorry, I'm afraid that I do not know which changes you mean. Could you
please go in more detail?

> explore that avenue. I have not touched the PWM driver code in more than
> a year so I doubt that the problem is there.

Cheers,
Martin


--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: memory dump

[Martin Stein]

Hi Abhay,

Am 03.12.2015 um 16:44 schrieb Abhay Amala:
> I could put the RAM data into a file using the following snippet and get
> a file with size 268.4 MB. But when i tried to make some kind memory
> analysis on the file, i get something which is different from what i
> expect.

What is the inconsistency you're observing and what analysis methods do
you use - can you go in more detail?

> Is this snippet the right one to do memory imaging? thanks in
> advance for answers.
> 
>  size_t size = Vm_base::ram()->size(); 
>  void* addr = (void*)Vm_base::ram()->local();
>  FILE *fd = fopen("memdump.dd", "w+b");
>  if(fd != NULL)
>  fwrite(addr, 1, size, fd);

Unfortunately, I'm not very used to libc file handling. However, from
what I know, this looks good. You could check whether it's correct by
executing it in a Linux (using a properly prepared RAM region).

Regarding your cache-flush SMC: Have you added a certain register value,
say r0=1234 that identifies the cache-flush SMC at the tz_vmm side? Are
you sure to do a flush of all entries of all non-secure ARM data-cache
levels?

Cheers,
Martin

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: i.mx53qsb and ARM Trustzone Techology

[Martin Stein]

Hi Joseph,

Am 03.12.2015 um 08:02 schrieb Joseph Lee:
> In VMM, the virtual address spaces of VM is starting from the base
> address (_ram.base( ) ) to the size of RAM (256MB). Is that correct? my
> question is how do we read the contents of physical memory of VM inside
> VMM/secure world.

I've recently wrote an answer to another question on the mailing list
that should also answer your questions:
http://sourceforge.net/p/genode/mailman/message/34666744/

Cheers,
Martin

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Upgrade to 15.11 from 15.02 results in quota exceded message

[Martin Stein]

Hello Bob,

Am 02.12.2015 um 15:17 schrieb Bob Stewart:
>  I just upgraded from 15.02 to 15.11 and ran my base-hw based os and 
> applications, which have been running for some time on 15.02. The 
> changes made during the update were to the directory structure required 
> by the "platform" changes and gpio driver changes to accomodate the 
> removal of the wait_for_irq method.

It's nice to hear that you already got your hands on the new release :)

> immediately after init starts I get a "quota execeeded"mesage:
> 
> Starting kernel ...
> 
> kernel initialized
> Genode 15.11 
> int main(): --- create local services ---
> int main(): --- start init ---
> int main(): transferred 501 MB to init
> int main(): --- init created, waiting for exit condition ---
> Quota exceeded! amount=12288, size=12288, consumed=12288
> [init -> uart_drv] int main(int, char**): --- OMAP3 UART driver started ---
> [init -> ctrl_module] --- Beaglebone Control Module Server ---
> [init -> platform_drv] --- bbb platform driver running ---
> [init -> pwm_drv] --- am33xx pwm driver ---
> .
> ,
> ,
> 
> No changes have been made to available ram constants in board_base so 
> I'm confused as to what caused this message to be generated. Did I miss 
> a change to how quota's are requested and managed?

Since 15.05, the accounting of quota on base-hw got much more
comprehensive. Most notably, for the costs of PD related things like the
page tables [1] or the local representations of capabilities [2] a
component must now pay via quota. I assume that your "Quota exceeded" is
printed by the Allocator_guard [3] (Otherwise it could only be a
'loader' server component which is unlikely).

The basic sessions (say those of the Genode environment) are given an
initial amount of quota. This amount is a guess on how much is needed to
bring the component up. If this quota does not suffice, the session asks
the parent to upgrade it by using some of the components slack quota. If
its slack quota isn't sufficient for that, the component still may ask
its parent to donate some more. So, the quota you assign to a component
via the init configuration is the guaranteed minimum the component
receives. Init may or may not - depending from what is left after
starting all children and saving some quota for itself - hand in more
quota to components if they ask for.

During these mechanisms, the Allocator_guard is the one that applies
given quota limits to allocations by wrapping the background allocator.
That said, the warning indicates that you've reached a limit but it does
not necessarily indicate a problem as, in return, your scenario may be
able to relax the limit.

And even more, there are places in Genode where reaching the limit is
expected. My favourite explanation in your case is the
upgrade_pd_session_quota function that triggers such behaviour. It is,
for example, called when receiving capabilities in IPC and not having
enough PD quota to create local references [4]. It results in a call of
Capability_space::upgrade_slab in core [5]. This function currently
allocates as much additional SLAB blocks as possible and, by doing so,
always triggers the warning. The reason for this is that it's hard to
measure how much additional blocks are needed at this point. Maybe you
could give it a try and test if this is responsible for your warning.

If so, the warning is no problem and I wonder whether your scenario runs
properly apart from it. It would also be interesting to know whether
you've sent the complete log output (what is the meaning of the point
and the commas?). Please note that we're already planning to change
output behaviour on reaching quota limits as it provides little
information and can obviously be misleading.

Cheers,
Martin

[1] Commit cc58b11 hw: replace page table allocator with static one
[2] Commit e081554 hw: kernel backed capabilities (Fix #1443)
[3] repos/base/include/base/allocator_guard.h
[4] repos/base-hw/src/base/ipc/ipc.cc
[5] repos/base-hw/src/core/platform_pd.cc

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: memory dump

[Martin Stein]

Hey Abhay,

First of all, sorry for the late feedback, last week, I couldn't find
the time to answer your mail.

Am 27.11.2015 um 00:19 schrieb Abhay Amala:
> I am running tz_vmm on imx53qsb and thinking about taking a snapshot of
> the normal world memory inside the tz_vmm app and put into a file as a
> raw data. I appreciate if anyone give me a hint.

Inside the tz_vmm the guest RAM is already mapped. You can get its local
base address via Vm_base::ram()->local(). Its size can be read via
Vm_base::ram()->size().

However, be aware that the state you read from the guest RAM in tz_vmm
is most probably not up-to-date as the non-secure world uses separate
caches that do not synchronize with the caches of the secure world. As
far as I know, there is no way to cause a non-secure cache flush from
within the secure world. But I might be wrong as I haven't read the
manual [1] in depth regarding this topic. Maybe it's a solution to
implement a simple protocol between VMM and VM, using interrupt
injection and SMCs to requests the guest OS to flush its caches for you.

Regarding the file you want to create from the read RAM data: It might
be a good idea to use the SD card as storage medium as an appropriate
driver [2] already exists. However, the driver provides a Block session
while you want to use a File_system session in tz_vmm. Assuming, that
you have formatted your SD partition with FAT32, you can create a
File_system session out of a Block session by using use ffat_fs. You may
have a look at the test scripts [3] to receive an impression on how
ffat_fs is used.

If you have further questions, don't hesitate to ask ;)

Cheers,
Martin

[1] https://cache.freescale.com/files/32bit/doc/ref_manual/iMX53RM.pdf
[2] repos/os/src/drivers/sd_card/spec/imx53
[3]
repos/libports/run/libc_ffat_fs.run
repos/libports/run/libc_ffat.run

--
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Noux application

[Martin Stein]

Hey Joseph,

Am 19.11.2015 um 13:44 schrieb Joseph Lee:
> I just want to let only Genode to access the ESDHC and run tz_vmm
> successfully without generating data abort exception . Can i disable the
> ESDHC in the Linux kernel so that the Linux (unsecure side) can't
> request to access the ESDHC. Please let me know if it is possible and
> how i can do that.

You can do this by adapting the Linux config using a text editor
(editing .config or arch/arm/configs/YOUR_CONFIG) or tools like 'make
menuconfig'. For information on Linux configs in general or on how to
use related tools, please refer to the varied online documentation. For
information on what to adapt, you can have a look at the Linux commit I
posted in my last mail [2] as it consequently disables ESDHC too.

> Or is there something to do this in Genode configuration?

No. You might ignore the data aborts and simply continue VM execution
but I assume that this would lead to more or less critical errors in Linux.

Cheers,
Martin

[2]
https://github.com/m-stein/linux/commit/9418cc87ed26b6cd7c4ec66ba4bdc1f998cd5ccd

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Noux application

[Martin Stein]

Hey Joseph,

Am 19.11.2015 um 01:58 schrieb Joseph Lee:
> the problem was that the SDHC driver timed out which then generates the 
> "Completion host signal timed out" error message. It is solved by replacing
> 
>if (!wait_for(irq_goal, _delayer)) {
>   PERR("Completion host signal timed out");
> 
> in [1] with
> 
>if (!wait_for(irq_goal, _delayer, 3000)) {
>   PERR("Completion host signal timed out %x", read());

Thank you for the info :)

> I tried to modify trustzone settings for ESDHC MMIO and IRQs  and make
> run/tz_vmm. it hangs when the Linux kernel tries to access the sd_card
> and displays the following error message.
> 
> mxsdhci: MXC Secure Digital Host Controller Interface driver
> mxsdhci: MXC SDHCI Controller Driver.
> [init -> tz_vmm] Cpu state:
> [init -> tz_vmm]   Register Virt Phys
> [init -> tz_vmm] -
> [init -> tz_vmm]   r0 = c5bc6e00 [85bc6e00]
> [init -> tz_vmm]   r1 = 0001 []
> [init -> tz_vmm]   r2 = c030aef8 [8030aef8]
> [init -> tz_vmm]   r3 = c690e000 [50004000]
> [init -> tz_vmm]   r4 = c5bc6e00 [85bc6e00]
> [init -> tz_vmm]   r5 = c5bc6e00 [85bc6e00]
> [init -> tz_vmm]   r6 =  []
> [init -> tz_vmm]   r7 = 0001 []
> [init -> tz_vmm]   r8 = c088cf50 [8088cf50]
> [init -> tz_vmm]   r9 =  []
> [init -> tz_vmm]   r10= 0001 []
> [init -> tz_vmm]   r11= c5b5b0c0 [85b5b0c0]
> [init -> tz_vmm]   r12= 2000 []
> [init -> tz_vmm]   sp =  []
> [init -> tz_vmm]   lr =  []
> [init -> tz_vmm]   ip = c0309288 [80309288]
> [init -> tz_vmm]   cpsr   = 2013
> [init -> tz_vmm]   sp_und = c08e3978 [808e3978]
> [init -> tz_vmm]   lr_und = c08e3978 [808e3978]
> [init -> tz_vmm]   spsr_und   =  []
> [init -> tz_vmm]   sp_svc = c5023ee8 [85023ee8]
> [init -> tz_vmm]   lr_svc = c030afd0 [8030afd0]
> [init -> tz_vmm]   spsr_svc   = 6013 []
> [init -> tz_vmm]   sp_abt = c08e396c [808e396c]
> [init -> tz_vmm]   lr_abt = c0038a20 [80038a20]
> [init -> tz_vmm]   spsr_abt   = 2093 []
> [init -> tz_vmm]   sp_irq = c08e3960 [808e3960]
> [init -> tz_vmm]   lr_irq = c0038a80 [80038a80]
> [init -> tz_vmm]   spsr_irq   = 6093 []
> [init -> tz_vmm]   sp_fiq =  []
> [init -> tz_vmm]   lr_fiq =  []
> [init -> tz_vmm]   spsr_fiq   =  []
> [init -> tz_vmm]   ttbr0  = 85e34019
> [init -> tz_vmm]   ttbr1  = 80004019
> [init -> tz_vmm]   ttbrc  = 
> [init -> tz_vmm]   dfar   = c690e02c [5000402c]
> [init -> tz_vmm]   exception  = data_abort
> [init -> tz_vmm] Could not handle data-abort will exit!

As you configured your ESDHC secure, unsecure Linux consequently isn't
allowed anymore to access it. If you want to let both Linux and Genode
access the ESDHC you can use an SMC-based stub block driver in the
unsecure world. You might have a look at [1] (unsecure sided driver) and
[2] (secure sided back-end) as an inspiration. In this example, Genode
secures the ESDHC in general but, via part_blk and tz_vmm, provides the
second partition of an ESDHC medium to the Linux stub block driver.

Cheers,
Martin

[1]
https://github.com/m-stein/genode/commit/225f1fe1296da11b8304ebe55a4c23f6e29f9aa5

 repos/os/src/server/tz_vmm/include/block.h
 repos/os/src/server/tz_vmm/block.cc

[2]
https://github.com/m-stein/linux/commit/9418cc87ed26b6cd7c4ec66ba4bdc1f998cd5ccd

 drivers/block/genode.c

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Noux application

[Martin Stein]

Hi Joseph,

Am 15.11.2015 um 03:05 schrieb Joseph Lee:
> Hi Martin, thank you so much! it works for me.

Nice! Could you please also share with us what the problem was and what
solved it.

> Now I just need to use the sd_card driver with Genode trustzone feature
> (hw_imx53_qsb_tz). I tried to incorporate sd_card driver with tz_vmm run
> script and make run/tz_vmm. I get the following log messages and it gets
> stuck. it doesn't even run tz_vmm application. I appreciate if you can
> give me some hints to fix this.

As already mentioned earlier in this discussion, hw_imx53_qsb_tz sets
the ESDHC MMIO and IRQs unsecure. This is done in [1], [2] and [3]. You
can find examples on how to do Trustzone settings specifier-dependend in
my working branch [4].

Cheers,
Martin

[1] repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h:159
[2] repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h:215
[3] repos/base-hw/src/core/spec/imx53/trustzone/platform_support.cc:48
[4] https://github.com/m-stein/genode/tree/1497_usb_armory_demo

--
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a 
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Noux application

[Martin Stein]

Hey Joseph,

Am 11.11.2015 um 00:53 schrieb Joseph Lee:
> Can anyone please tell me something about 'Completion host signal timed out' 
> error message? 

You get this message because the SDHC driver timed out when waiting for
the host state that signals that both the command and the transfer of a
multi-block access completed. In short, either one of the bits
"transfer-complete"/"command-complete" is missing or an unexpected IRQ
(e.g. an error) was raised. This may be a bug in the driver. To make
sure which is the case, could you please replace

   if (!wait_for(irq_goal, _delayer)) {
  PERR("Completion host signal timed out");

in [1] with

   if (!wait_for(irq_goal, _delayer, 3000)) {
  PERR("Completion host signal timed out %x", read());

and post the new log (I also raised the time out, just in case that the
operation simple takes longer in your case).

Could you please also send me your custom sd_card.run file to enable me
to reproduce your scenario (assuming you modified nothing else)?

Cheers,
Martin

[2] repos/os/src/drivers/sd_card/spec/imx53/esdhcv2.cc: line 116

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: TrustZone: transfering information cross-world using interrupts

[Martin Stein]

Hi David,

Am 06.11.2015 um 15:39 schrieb David Goltzsche:
> One possible approach would be to write something to a certain location
> in the non-secure memory before triggering the interrupt and reading
> that location from Linux. Of course, a cross-world synchronization
> mechanism is required here to maintain the consistency of the reserved
> memory range.

I would recommend this approach. An example how to implement this, is
the paravirtualized block-driver for the Linux-VM on my working branches
1497_usb_armory_demo [1] and [2]. The secure back-end of the driver is
implemented in [3] whereas the unsecure front-end can be found in [4].
Initially, genode_blk_init (Linux) installs a piece of unsecured RAM as
communication buffer by requesting Vmm::Block::_buffer (Genode). The
latter checks that the buffer is completely in the VMs RAM and
determines its local base. Now, as soon as the device signals the
completion of a block request to the VMM, Callback::entry (Genode)
injects an IRQ into the VM. Then, event_interrupt (Linux) requests
Vmm::Block::_collect_reply (Genode) which writes the result of the block
request into the communictaion buffer. For proper communication, it is
important that the buffer is mapped uncached on both secure and unsecure
side. On the unsecure side, this is achieved via dma_alloc_coherent wich
unfortunately requires a device object as input. As we have no real
device, we create a dummy device object for that purpose at the
beginning of genode_blk_init. On the secure side, the whole VM RAM is
mapped as "IO-MEM", which is uncached by default (see _ram and
_ram_iomem in [5]).

> Another approach could use Linux's shared interrupts: Additional
> information can be transferred via the dev_id pointer passed to an
> interrupt handler.

Admittedly, I have don't know whether this approach is feasible and, in
case it is, how much effort it would be to implement it. But I assume
that communicating via shared RAM means less effort and higher flexibility.

Cheers,
Martin

[1] https://github.com/m-stein/genode/tree/1497_usb_armory_demo
[2] https://github.com/m-stein/linux/tree/1497_usb_armory_demo
[3] /repos/os/src/server/tz_vmm/block.cc
[4] /drivers/block/genode.c
[5] /repos/os/src/server/tz_vmm/include/vm_base.h

--
Presto, an open source distributed SQL query engine for big data, initially
developed by Facebook, enables you to easily query your data on Hadoop in a 
more interactive manner. Teradata is also now providing full enterprise
support for Presto. Download a free open source copy now.
http://pubads.g.doubleclick.net/gampad/clk?id=250295911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Noux application

[Martin Stein]

Hi Joseph

Am 05.11.2015 um 00:52 schrieb Joseph Lee:
> I just try "make run/sd_card" on imx53QSB using this branch
> (https://github.com/m-stein/genode/commits/1497_usb_armory_demo)
> 

This working branch is a good starting point as it contains some ESDHC
fixes that are not on master yet. I've updated it last night. Do you
have the latest version?

> it displays the following log messages and hangs. It doesn't even start
> the test application (test/test-blk-cli) included the run script. Is the
> sd_card driver working? or what is missing?

Be aware, that you should not run 'sd_card' with Genodes Trustzone
feature-set (platform 'hw_imx53_qsb_tz'), because Genode will then
declare the ESDHC-IRQ to be unsecure to enable Linux to drive SD cards.
Use the platform 'hw_imx53_qsb' instead when issuing 'create_builddir'.

Doing so, 'sd_card' succeeds on my i.Mx53. But make sure to cancel the
test before the "write" stage begins if you don't want to risk data loss
on your card. Did that solve your problems?

Cheers,

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Using ARM/Neon fp hardware with libc

[Martin Stein]

Hi Bob,

On 06.10.2015 14:23, robjsstew...@gmail.com wrote:> Stefan,
> So, implementing the Cpu_lazy_state in cpu.h in the core spec for the
> Cortex A9 into cpu.h for the Cortex A8 spec is all that is required?

The FPU support for Cortex-A9 in base-hw works as follows:

Initially, the FPU is turned off by the Kernel, regardless of whether an
FPU is supported. So, if a thread issues an FPU instruction, it always
traps to the Kernel with an 'UNDEFINED_INSTRUCTION' exception first.
'Thread::exception' in [1] then asks the CPU-specific code whether to
retry the unknown instruction. On most CPUs, the questioned code does
nothing more then returning "no". But on Cortex-A9 CPUs that have the
FP/SIMD extensions, the method 'Cpu::retry_undefined_instr' in [2] does
more. First, it toggles the FPU on. Then, it checks who was the last
user of the FPU. If the last user was another one than the thread that
now triggered the 'UNDEFINED_INSTRUCTION', the FPU context has to be
switched. The FPU context is part of the so-called "lazy CPU state".
This state is part of every thread and is called "lazy" because, in
contrast to the common CPU state of a thread (r0-r12,ip,sp,...), it
isn't necessarily switched on every thread-switch. At the end of
'Cpu::retry_undefined_instr', the Kernel denotes which is the new user
and tells 'Thread::exception' to let the application retry its last
instruction. Now that the FPU is on and contains the correct context,
the instruction succeeds. However, the context of the thread remains in
the FPU. To enable other threads to use the FPU in parallel, the Kernel
has to ensure that it gets the opportunity to switch the context again
when necessary. Thus, it disables the FPU again as soon as the thread
that enabled it, gets scheduled away. The hook for this is the
CPU-specific method 'Cpu::prepare_proceeding' [2] that is called on
every Kernel pass in 'Cpu::exception' [3].

In a nutshell, the FPU is turned on only on an FPU instruction and
turned off again as soon as the thread that called the FPU instruction
looses the scheduling focus. The FPU context is switched only on an FPU
instruction that is issued by another thread than the one that issued
the last FPU instruction.

To enable FPU support for Cortex A8, you would have to implement
'Arm_v7::finish_init_phys_kernel' (initialize but toggle off FPU),
'Genode::Cpu_lazy_state', 'Cpu::retry_undefined_instr', and
'Cpu::prepare_proceeding'. All in [4].

If you have further question, don't hesitate to ask ;)

Cheers,
Martin

[1] repos/base-hw/src/core/spec/arm/kernel/thread.cc
[2] repos/base-hw/src/core/include/spec/cortex_a9/cpu.h
[3] repos/base-hw/src/core/kernel/cpu.cc
[4] repos/base-hw/src/core/include/spec/cortex_a8/cpu.h

--
Full-scale, agent-less Infrastructure Monitoring from a single dashboard
Integrate with 40+ ManageEngine ITSM Solutions for complete visibility
Physical-Virtual-Cloud Infrastructure monitoring from one console
Real user monitoring with APM Insights and performance trend reports 
Learn More http://pubads.g.doubleclick.net/gampad/clk?id=247754911=/4140
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Uboot creation script fails

[Martin Stein]

Hi Mark,

On 04.09.2015 14:23, Mark Albers wrote:
> i use Genode 15.05 with the corresponding toolchain. Now, i have a
> problem with the uboot creation script.

I don't think that this is the problem but you may try the latest
version 15.08 [1]. If you do so, please create a new build directory
with the updated 'create_builddir' to avoid inconsistencies.

> For example, when i build the hello-tutorial for hw_pbxa9 platform (in a
> fresh build directory), i get this error:
> 
> make[1]: Verzeichnis »/home/mark/genode_git/build/hw_pbxa9« wird verlassen
> child process exited abnormally
> while executing
> "exec [cross_dev_prefix]readelf -h $elf_img |  grep "Entry point
> address: " |  sed -e "s/.*Entry point address: *//""

This is strange. I've tested these commands manually and they work just
fine. Have you added the following to your '/etc/build.conf':

REPOSITORIES += $(GENODE_DIR)/repos/hello_tutorial

If yes, could you please send the output of the following:

/usr/local/genode-gcc/bin/genode-arm-readelf --version

> ...
> 
> Without run option "include image/uboot" the build finished cleanly and
> image.elf was created correctly.

I'm a litte confused. The ARM PBXA9 board is merely used as a reference
design with Qemu and an Uboot image is not needed for booting in this
case. Thus, '--include image/uboot' doesn't make much sense and the
RUN_OPT of a freshly created build directory for hw_pbxa9 normally
doesn't contain this argument. However, even if I add it to my RUN_OPT,
'make run/hello' finishes and the corresponding Uboot image [2] gets
created.

Cheers,
Martin

[1] https://github.com/genodelabs/genode/releases/tag/15.08
[2] /var/run/hello/uImage

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: TrustZone: forcing instant switch from secure to normal world?

[Martin Stein]

Hey David

On 04.08.2015 14:28, David Goltzsche wrote:
 thanks for the help. When passing the physical IRQ number, it works!

Maybe one more hint, by the way, although I assume that you're already
aware of it. Choose carefully which IRQ numbers to use for cross-world
communication. Logically, you don't want to use any IRQ number that is
used for device-software communication at the same time or that is not
unmasked in your Linux guest.

As you can see in [1], I have made good experience with IRQ 92 (TV
encoder IRQ) on the USB armory.

Cheers,
Martin

[1] GENODE/repos/os/run/tz_vmm.run

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: TrustZone: forcing instant switch from secure to normal world?

[Martin Stein]

Hi David,

Yes, you're right. I had the same problem when I received my first IRQ.
This is what Linux commit [1] is for. It calls tzic_end_sw_irq at the
end of event_interrupt in file [2]. Note that you have to call it with
the physical IRQ number (in my case defined through the Genode config
and read via SMC genode_block_irq) and not the virtual IRQ number, which
is normally used in Linux (e.g. on request_irq).

[1] 0fa1c63 .handle multiple replies and end interrupt

[2] LINUX/drivers/block/genode_block.c

On 28.07.2015 15:03, David Goltzsche wrote:
 Hi Martin,
 
 based on the commits you mentioned, I implemented a minimal kernel
 module, which should receive the interrupts injected by genode.
 
 Overall it works: My Handler gets called when I trigger a software
 interrupt in genode.
 
 However, the handler is called endlessly for a single interrupt. I
 assume, i have to clear the interrupt somehow. I called
 tzic_end_sw_irq(..) before returning from the handler.
 
 Here is my code: http://pastebin.com/NDBV6qYf
 
 Any Hints?
 
 David
 
 On 06/29/2015 12:05 PM, Martin Stein wrote:
 Hi David,

 On 29.06.2015 09:20, Stefan Kalkowski wrote:
 So, my approach would be using software interrupts which sould be routed
 to the normal world. I played around with the svc (supervisor call)
 instruction, but I don't know how to route this to the secure world.

 Indeed, this seems to be the most promising approach triggering a
 software interrupt on the secure side, and handle it in the normal
 world. Everything that needs to be done is marking a designated SPI (ARM
 terminology for software-triggered IRQ) as a non-secure interrupt, and
 delegate that interrupt to your kernel module within the guest OS.
 Moreover, you will need to extend the VM session interface with the
 ability to trigger that designated TrustZone interrupt, as the
 user-level VMM is not able to access the interrupt controller directly,
 which has to be done by the kernel itself.

 On my working branches [1] I've implemented IRQ injection to provide a
 pseudo block device in a non-secure linux guest. Maybe this code gives
 you some good hints. Especially the linux commits [2] and the Genode
 commits [3] should be interesting. Please be aware that this code is
 still in progress and should not be considered as final solution.

 Don't hesitate to ask if you have further questions ;)

 Cheers,
 Martin

 [1]
 https://github.com/m-stein/genode/tree/1497_usb_armory_demo
 https://github.com/m-stein/linux/tree/1497_usb_armory_demo

 [2]
 0fa1c63 .handle multiple replies and end interrupt
 9ca75d0 .injected IRQ reaches the stub-block handler in linux

 [3]
 08a3b09 .prototype of inject_vm_irq kernel call
 2927f04 .Vm_session::inject_irq(unsigned irq)
 42865c4 .injected IRQ reaches the stub-block handler in linux

 --
 Monitor 25 network devices or servers for free with OpManager!
 OpManager is web-based network management software that monitors 
 network devices and physical  virtual servers, alerts via email  sms 
 for fault. Monitor 25 devices for free with no restriction. Download now
 http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
 ___
 genode-main mailing list
 genode-main@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/genode-main

 

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Data Communication btw Normal and Secure World in IMX53_QSB

[Martin Stein]

Hi Jaemin,

Without going deeper into your specific problem, I'd like to suggest you
to have a look at my working branches [1] that concern with issue [2].
They show a working implementation of shared-mem communication between
secure and non-secure world. The interesting parts in your case are:

* Mapping of the buffer in file [3] in line 422. Note that we create a
pseudo-device struct for that in line 406. This struct isn't related to
any real device and is merely needed because dma_alloc_coherent must
know from which DMA pool to allocate with which parameters.

* Registration of the buffer in file [3] via function genblk_smc_buffer

* Secure to non-secure communication in file [3] in genblk_smc_name.
Secure back-end in file [4] in Vm::smc_blk_name.

* Non-secure to secure communication in file [3] in genode_blk_request
if argument write=true. Secure back-end in file [4] in
Vm::smc_blk_submit the call to blk_buf_to_pkt.

Please be aware that - although it works on hardware - this code is
still in progress and should not be considered as final solution. If you
have further questions, don't hesitate to ask ;)

Cheers,
Martin

[1]
https://github.com/m-stein/genode/tree/1497_usb_armory_demo
https://github.com/m-stein/linux/tree/1497_usb_armory_demo

[2]
https://github.com/genodelabs/genode/issues/1497

[3] LINUX/drivers/block/genode_block.c

[4] GENODE/repos/os/src/server/tz_vmm/usb_armory/vm.h

On 14.07.2015 11:00, JaeminPark wrote:
 I’m currently developing a simple trustzone device driver running in
 Normal World to communicate with Genode in Secure World.
 I’m using IMX53 QSB,  Genode 15.02 as Secure OS, and customized Linux as
 OS for Normal World.
 
 In Normal World, my simple device driver calls */smc/* instruction
 inside */module_init()/*.
 The instruction is invoked with the command structure (named by
 “*/struct smc_cmd/*”).
 The physical address of struct smc_cmd is passing to Genode via
 */_vm-state()-r1/*.
 There exists two physical addresses inside “struct smc_cmd: one for
 request buffer and the other for response buffer where the response
 buffer is allocated by */kzalloc()/*.
 For the address conversion, I used /*virt_to_phys()*/.
 
 In Secure World (Genode),  I’m modifying the */tz_vmm /*source code for
 this experiment. 
 I’m succeed in reading the request buffer from Normal World by directly
 accessing the physical address of the request buffer :
 
 *PINF(req_buf = %s (0x%x), (char*)((struct
 smc_cmd*)cmd_addr)-req_buf_phys, ((struct
 smc_cmd*)cmd_addr)-req_buf_phys);*
 
 Ridiculously and Unfortunately, I’m in trouble to write some characters
 in response buffer (whose address is the physical address of Normal World).
 I used */Genode::memcpy()/* to write the characters as follows where
 */cmd_addr/* is the physical address of the command structure passed
 from Normal World :
 
 *//* acquire data to be written into memory space of normal world *//*
 */Genode::memcpy(tmp, (const char*) From Secure World,
 strlen(From Secure World));/*
 */tmp[17] = '\0';/*
 */
 /*
 *//* write a data into resp_buf_phys *//*
 */Genode::memcpy((char*)((struct smc_cmd*)cmd_addr)-resp_buf_phys,
 (const char*) tmp, sizeof(tmp));/*
 */
 /*
 *//* printout contents of memory for debug *//*
 */PINF(res_buf = %s (0x%x), (char*)((struct
 smc_cmd*)cmd_addr)-resp_buf_phys, ((struct
 smc_cmd*)cmd_addr)-resp_buf_phys);/*
 
 It seems that the writing operation in Secure World is successful since
 the last PINF() shows me the “From Secure World” in console.
 
 However, when I read the address (converted from the physical address
 using */phys_to_virt()/*) in my device driver, I can only see the empty
 string (initial status).
 
 My questions are :
 
   * Do I need another approach to write the physical memory of Normal
 World in the side of Genode?
   * Is there any simple example or any volunteer to share an example for
 this kind of operation?
   * Is there any comment to implement this kind of example?
 
 
 
 --
 Don't Limit Your Business. Reach for the Cloud.
 GigeNET's Cloud Solutions provide you with the tools and support that
 you need to offload your IT needs and focus on growing your business.
 Configured For All Businesses. Start Your Cloud Today.
 https://www.gigenetcloud.com/
 
 
 
 ___
 genode-main mailing list
 genode-main@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/genode-main
 

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-hw: Virtualbox thread priorities

[Martin Stein]

Hi Adrian,

On 13.07.2015 12:28, Adrian-Ken Rueegsegger wrote:
 Do you have an idea why the effective numbers on hardware would be so
 far off the mark from the assigned quota numbers?

When looking at your raw counter values, I assume that this is caused by
overflows. Some of your hardware values are near (uint32_t)~0 while your
Qemu values are all relatively small. I've addressed this issue recently
in [1]. Commit [2] there introduces 64 bit counter values, but maybe its
also a good idea to check for overflows. The commits are on
genodelabs/staging but not on genodelabs/master yet. Could you please
give staging a try?

Btw.: From tomorrow till the 1st of August I'm on vacation and wont read
my mails.

Cheers,
Martin

[1] https://github.com/genodelabs/genode/issues/1628
[2]
https://github.com/m-stein/genode/commit/bf7855d259950339b1e8411c58161d779ecced79

--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-hw: Virtualbox thread priorities

[Martin Stein]

Hi Adrian,

On 08.07.2015 18:07, Adrian-Ken Rueegsegger wrote:
 I just gave the current staging branch (4b7b440...) a try and while the
 cpu_quota scenario completes successfully on QEMU, it seems to be stuck
 after the test_[fast|midl|slow] results are logged. It appears that the
 Conclusion part of the script [1] is never run.

Unfortunately, I was not able to reproduce this behavior with 4b7b440.
My attempt to run cpu_quota on hw_x86_64 fully succeeded. Although I
don't expect this to be the problem, which version of TCL, expect and
qemu you are using? (I'm using qemu 2.0.0, expect 5.45 and TCL 8.6)

Cheers,
Martin

--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-hw: Virtualbox thread priorities

[Martin Stein]

Hey Adrian,

On 10.07.2015 14:37, Adrian-Ken Rueegsegger wrote:
 Sorry for the inaccurate wording which I tried to clarify in the
 follow-up email. It works for me on QEMU but the cpu_quota run script
 does not complete if I run it on real hardware (Lenovo T430s). There I
 see that the results are logged and done messages appear but the
 analysis of the results is never performed so I do not see a Test
 succeeded nor Test failed message.

Ah ok. Have you propagated the serial output to the run tool somehow? If
not the script is not able to detect whether the test succeeded or even
when to start detection. The run tool comes with several methods that
can be used to achieve this but one can even add a new method to capture
the output. The existing methods are in tool/run/log and can be included
via --include log/METHOD in your BUILDIR/etc/build.conf. You must
also set the parameters of the chosen method in there. For example via
direct serial connection:

RUN_OPT += \
--include log/serial \
--log-serial-cmd 'picocom -b 115200 /dev/SERIALDEV'

Or via ethernet:

RUN_OPT += \
--include log/serial \
--log-serial-cmd 'socat -s - tcp:HOST:PORT' \
--log-serial-filter 'stdbuf -o0 tr \200-\377 .'

The filter in the second example is used because in this method
sometimes bad chars (\200...\377) get generated that could crash the
capture tool.

After configuring your build.conf accordingly, the script should stay
active, listening on the declared interface, detect the done messages
and then continue with the conclusion part.

Cheers,
Martin

--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: base-hw: Virtualbox thread priorities

[Martin Stein]

Hi Adrian,

On 02.07.2015 12:02, Adrian-Ken Rueegsegger wrote:
 Hi,
 
 While investigating the cause for the performance discrepancy of
 Virtualbox on NOVA vs hw_x86_64[_muen] [1], I have determined, with help
 from Alexander, that Virtualbox thread priorities [2] are not applied on
 base-hw. Even though priorities are specified when constructing the
 Cpu_connection [3], they have no effect since no quota is subsequently
 assigned/transferred. According to the 14.11 release notes [4], threads
 without quota have no guarantee to be scheduled and their priority is
 ignored. I believe this is the main cause for the difference in
 execution speed of Virtualbox on NOVA and base-hw.

First of all, be aware that in the 15.05 release the integration of the
base-hw scheduling model has changed a bit [1]. Let's say you configure
a component with something like 'resource name=CPU quantum=30/'.
Before 15.05, these 30% of the parent quota were merely transferred to
the env()-cpu_session() of the new component without any effect until
you explicitely say thread X shall receive Y percent of this quota
inside the component.

Since 15.05, all quota of a CPU session is automatically and permanently
distributed to the threads of the session. So as long as there is only
the main thread in our example component, this thread receives 30% of
the parent quota. After starting two additional threads, every thread
would receive 10% and so on.

To influence this distribution, there are the so-called thread weights.
By default, every thread gets the same weight 10. But if you create a
thread with a higher weight, it receives relatively more quota from its
session. So, in the above example, if there is the main thread (default
weight 10) and an additional thread with weight 90, the main thread
receives 3% of the parent quota while the other thread 27%.

However, you're right in general. CPU quota is our way to restrict the
time that a priority is allowed to get effective during a scheduling
super-period. So, if a prioritized thread has quota 0, the priority is
never applied by the scheduler.

 I was wondering if you could confirm my analysis of the issue and
 provide some pointers on how to best achieve the proper application of
 Virtualbox thread priorities on base-hw.

AFAIK, in the virtualbox component, we create a CPU session for each
priority level. To get these priorities active, the following would have
to be done:

* Configure the vbox component to receive some quota from init (add
resource name=CPU quantum=${PERCENTAGE}/ as subnode to the vbox
start node)

* Set the reference account of every new CPU connection in vbox to the
env session by doing
my_cpu_connection.ref_account(Genode::env()-cpu_session()). This
enables you to transfer quota from the reference account to your CPU
connection.

* Let env()-cpu_session() transfer its quota to the new CPU
connections. This is a bit tricky. When transferring, you state the
percentage of the source-session quota scaled up to
Cpu_session::QUOTA_LIMIT. So, if you state (Cpu_session::QUOTA_LIMIT /
2), this means 50% of the source-session quota while
(Cpu_session::QUOTA_LIMIT / 3) means 33% and so on. Furthermore, the
value refers to the quota that is left at the source session not its
initial quota. Thus, if you want to distribute quota evenly to 3 other
sessions A, B, C, start with transferring 33% to A, then transfer 50% to
B, and then transfer 100% to C. For an example see
Init::Child::Resources::transfer_cpu_quota in os/include/init/child.h.
It takes the percentages that refer to the initial env quota from the
init config and translates them to percentages that refer to the latest
env quota.

* Optional: Specify individual weights for the vbox threads when
constructing them. If you roughly know, which thread needs more time for
its task and which one needs less, specifying individual weights may
optimize the overall performance. It goes without saying that this also
depends on how you've distributed quota in the previous steps. Thread
weights influence only the session-local distribution.

Now, let's say you have 4 threads. Thread A needs low latencies but has
little to do when it gets scheduled. Thread B also needs low latencies
but normally has a bigger work load than thread A. Thread C does not
need low latencies but should have the guarantee to be scheduled
frequently nevertheless. In addition, thread C normally has the biggest
workload. Thread D needs no guarantee about whether it gets scheduled
frequently and with which latency. So, an exemplary configuration would
be the following:

CPU connection 1: 40% of env quota, higher prio
   thread A: weight 1 (10% of env quota)
   thread B: weight 3 (30% of env quota)

CPU connection 2: 60% of env quota, lower prio
   thread C: default weight (60% of env quota)

CPU connection 3: 0% of env quota, prio doesn't matter
   thread D: default weight (0% of env quota)

Thread D could also be created at the env session if you distribute all

Re: cannot run make run/demo

[Martin Stein]

Hi Daren,

On 01.07.2015 10:11, Daren Sin wrote:
 I got the error
 //usr/bin/expect: bad interpreter: No such file or directory/
 /make: *** [run/demo] Error 126/
 /
 /
 Some background: I followed all the steps, even those that are not in
 that page above, like commenting out certain parts of /build.conf/ in
 the build directory (I named mine /build_dir)/. I searched around, and
 found out from
 http://sourceforge.net/p/genode/discussion/825067/thread/e2d61570/?limit=25#5624
 that I haven't had the expect package installed. But I still got the
 same error after installing the package.

Maybe your expect packed didn't install to /usr/bin/. You may circumvent
this problem by creating a link. Find out where your expect resides in
(for example by using whereis) and do

sudo ln -sf $YOUR_ABSOLUTE_EXPECT_PATH /usr/bin/expect

Cheers,
Martin

--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: TrustZone: forcing instant switch from secure to normal world?

[Martin Stein]

Hi David,

On 29.06.2015 09:20, Stefan Kalkowski wrote:
 So, my approach would be using software interrupts which sould be routed
 to the normal world. I played around with the svc (supervisor call)
 instruction, but I don't know how to route this to the secure world.
 
 Indeed, this seems to be the most promising approach triggering a
 software interrupt on the secure side, and handle it in the normal
 world. Everything that needs to be done is marking a designated SPI (ARM
 terminology for software-triggered IRQ) as a non-secure interrupt, and
 delegate that interrupt to your kernel module within the guest OS.
 Moreover, you will need to extend the VM session interface with the
 ability to trigger that designated TrustZone interrupt, as the
 user-level VMM is not able to access the interrupt controller directly,
 which has to be done by the kernel itself.

On my working branches [1] I've implemented IRQ injection to provide a
pseudo block device in a non-secure linux guest. Maybe this code gives
you some good hints. Especially the linux commits [2] and the Genode
commits [3] should be interesting. Please be aware that this code is
still in progress and should not be considered as final solution.

Don't hesitate to ask if you have further questions ;)

Cheers,
Martin

[1]
https://github.com/m-stein/genode/tree/1497_usb_armory_demo
https://github.com/m-stein/linux/tree/1497_usb_armory_demo

[2]
0fa1c63 .handle multiple replies and end interrupt
9ca75d0 .injected IRQ reaches the stub-block handler in linux

[3]
08a3b09 .prototype of inject_vm_irq kernel call
2927f04 .Vm_session::inject_irq(unsigned irq)
42865c4 .injected IRQ reaches the stub-block handler in linux

--
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical  virtual servers, alerts via email  sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Porting base-hw to ARM Juno with TrustZone

[Martin Stein]

Hi Matthias,

On 25.06.2015 11:48, Stefan Kalkowski wrote:
 On 06/24/2015 04:41 PM, Matthias Lorenz wrote:
 I'm interested in porting genode base-hw to ARM Juno (Vexpress64)
 (http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php).

That's really cool! I'm curious about your findings.

 Can somebody estimate how much time and work this would take?
 I would estimate something between 3 months
 and 6 months.

We observed the basic porting of base-hw to x86-64bit recently. It was
done by a team of two programmers that had a good understanding of the
architecture and some kick-off guidance by us in about one month. This
might serve as a best-case estimation.

 Are there any good starting points to start my work/research?

Additional to the excellent explanations of Stefan, I'd like to provide
the following remarks:

* Have a look at the ouput of

find base-hw -type f -wholename *x86* | grep -ve x86_32 -e gdt -e tss -e
idt -e crt0_tr -e port_io -e pseudo -e mtc_u

It gives you a good overview of the basic files when porting a new
architecture.

* A good initial target might be a 'Genode::printf(Hello\n);
while(1);' at the beginning of 'init_kernel_up()'. It is the first C++
function that should be called by your CRT0. If you've managed to see
this output on your serial port, you're through most of the bureaucratic
stuff of porting base-hw and have obtained a simple debugging tool.

Don't hesitate to ask if you have further questions ;-)

Cheers,
Martin

--
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical  virtual servers, alerts via email  sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Is X11 forwarding still implemented?

[Martin Stein]

Hi Jookia,

On 16.06.2015 17:59, Norman Feske wrote:
 If you decide to go this route, you may
 benefit from Martin's current line of work on providing a virtual block
 device to the normal world. The secure world retains the exclusive
 access to the real device and can make a partition available to the
 normal world.

My working branches regarding this topic are [1] and [2]. If you have
questions on that, don't hesitate to ask ;)

Cheers,
Martin

[1]
https://github.com/m-stein/genode/tree/1497_hw_usb_armory_USB_in_tz_vmm_linux
[2] https://github.com/m-stein/linux/tree/usb_armory_genode_tz_vmm_usb

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: USB armory USB driver - porting

[Martin Stein]

Hi Vladimir,

Sorry for the latency...

On 03.06.2015 00:13, Vladimir Lushnikov wrote:
 I am currently starting to port the Linux drivers necessary to
 get USB (both Host and OTG) working on the USB armory. Given my current
 schedule I hope to have something working by the end of the month (or at
 least that is my goal).

Its cool to hear that you've such ambitious plans on the USB armory :-)
For us, an USB driver port for i.MX53 (as well as for i.MX6 as you state
later) would be a much appreciated contribution.

 First off, some notes from my investigation. ...

Your working plan sounds good to me. But admittedly, I'm neither much
experienced with porting via DDE nor with the USB internals. Maybe
others who have a better insight in these topics would like to comment
on this!?

 Is anybody else working on supporting the USB armory USB currently (just
 to make sure)?

As far as we know, there's nobody else working on this target currently.

 My bigger question is of course - what shall be done about the USB
 gadgets necessary to have things like CDC ethernet or serial working. Of
 course we can port them from Linux initially but I guess because some of
 them will be simple (? like serial, hopefully) it would make perhaps
 make sense to make a native Genode port. But I have not yet thought
 about this in depth because I want to get the controller working first.

Of course, this is always an individual decision depending on your
requirements on the implementation. I asked Josef (he had to make this
decision more often than I) about his opinion and he would port the
gadgets too while in porting due to the USB driver anyway and decide
afterwards whether to replace a port by a native implementation.

 The Wandboard uses the same USB driver but it needs some code to control
 the PHY and I don't know about the pin muxing.

Regarding the pin muxing, there is already a so-called GPIO driver for
i.MX53 [1] that should be used for that purpose. You may have a look at
[2] and [3] for an example how our demo on i.MX53 provides GPIO to its
intput driver (The same goes for the framebuffer).

Cheers,
Martin

[1] os/src/drivers/gpio/imx53
[2] os/run/demo.run
[3] os/src/drivers/input/imx53/driver.h

--
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Memory access in tz_vmm

[Martin Stein]

Hi Chirag,

On 05.05.2015 07:38, chirag garg wrote:
 It gives me the following fault. 
 
 I/O memory [4000,5000) not available
 Local MMIO mapping failed!
 [init - tz_vmm] C++ runtime: Genode::Parent::Service_denied

You can take this fault as a starting point by searching (e.g. via grep)
for I/O memory .* not available in the repositories base and base-hw.
Presumably, this will lead you to the code path that is responsible for
allocating MMIO regions. From there, you might be able to trace back
were your region gets lost and to whom.

Cheers,
Martin



--
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: i.MX53 TrustZone cross world interactions

[Martin Stein]

Hi Ofer,

On 05.05.2015 11:06, Ofer Hasson wrote:
 My question is, how in the Genode hypervisor I can access this memory
 address ?
 Any idea will be helpful

You should have a look at '_ram_iomem' in [1]. It is the IO_MEM session
of the VMM that references the RAM of the normal world. Once estalished,
this session provides a refernce to the RAM in form of a so-called
dataspace. This dataspace can be used to attach the RAM locally via
'env()-rm_session()'. The VMM stores the resulting local address in
'Vm_base::_ram'. So, if you're in the VMM, you can acces the RAM through
this object. If you're in another component you would have to request
the VMM to release the IO_MEM-Region to be able to allocate it through a
new IO_MEM session.

Cheers,
Martin

[1] repos/os/src/server/tz_vmm/include/vm_base.h

--
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Develop Trustzone support for imx6

[Martin Stein]

Hi Bharath,

On 27.04.2015 11:02, bharath wrote:
 I tried build by the following steps:
 cd genode-hw_sabrelite_tz_support/tools/
 ./create_builddir hw_sabrelite_tz BUILD_DIR=build_sabrelite
 cd build_sabrelite/
 RUN_OPT=--target uboot

The --target uboot option is a deprecated way of configuring the run
tool. You should not set RUN_OPT by hand when calling 'make' but adapt
it in [1] to the following value:

RUN_OPT = --include boot_dir/hw --include image/uboot

For more details on the new run options, see chapter Modular tool kit
for automated testing in [2].

 wrong # args: should be run_boot_dir
 while executing
 run_boot_dir $binaries
 (procedure build_boot_image line 2)
 invoked from within
 build_boot_image core init tz_vmm linux initrd.gz
 (file genode-hw_sabrelite_tz_support/repos/os/run/tz_vmm_mx6.run line 
 49)
 invoked from within
 source $include_name
 (foreach body line 6)
 invoked from within
 foreach include_name [get_cmd_arg --include ] {
   # first check if the include name is absolute
   if {[string first / $include_name] == 0} {
   puts ...
 (file genode-hw_sabrelite_tz_support/tool/run/run line 630)
 make: *** [run/tz_vmm_mx6] Error 1

This error report at the end of your log is completely related to the
bad RUN_OPT mentioned above. The run environment (our framework for
automated testing that wraps the Genode build-system) complains that
you have to define a method for creating the boot directory at least
(--include boot_dir/xxx).

Cheers,
Martin Stein

[1] $BUILD_DIR/etc/build.conf
[2] http://genode.org/documentation/release-notes/15.02

--
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Develop Trustzone support for imx6

[Martin Stein]

Hi Thong,

On 21.04.2015 09:24, thong wrote:
 Hi Chirag garg,
 
 Thanks for your help. I tried to build your hw_sabrelite_tz_support
 branch as follow:
 RUN_OPT=--target uboot make run/tz_vmm_mx6

The --target uboot option is a deprecated way of configuring the run
tool. Thus, I assume that you either have an old Genode state with the
IIT-Madras imx6-support (a pretty recent feature) rebased onto it, or
you have a Genode state that is up-to-date and applying the deprecated
run options mistakenly.

If you're on the iitmadras/hw_sabrelite_tz_support branch, the latter is
the case. Make sure that you've deleted your old build directory and
created a new one by doing:

$GENODE_DIR/tool/create_builddir hw_sabrelite_tz

Then, you should not set RUN_OPT by hand when calling 'make' but adapt
it in [1] to the following value:

RUN_OPT = --include boot_dir/hw --include image/uboot

For more details on the new run options, see chapter Modular tool kit
for automated testing in [2].

 Hit any key to stop autoboot:  0
 MX6Q SABRESD U-Boot  fatload mmc 2:1 0x10001000 sabrelite.bin
 reading sabrelite.bin

According to [3], the text address of your image is 0x10001000. Thus, it
isn't a good idea to fatload the image to this address too. You should
use an address that is outside of any image-segment range (see [4]) and
outside the boot loader image. According to the Sabrelite RAM-config in
[5], 0x4000 might be a good idea in your case.

Cheers,
Martin

[1] $BUILD_DIR/etc/build.conf
[2] http://genode.org/documentation/release-notes/15.02
[3] $GENODE_DIR/base-hw/mk/spec-hw_sabrelite.mk
[4] genode-arm-objdump -ph $BUILD_DIR/var/run/$TARGET/image.elf
[5] $GENODE_DIR/base/include/platform/sabrelite/drivers/board_base.h

--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Develop Trustzone support for imx6

[Martin Stein]

Hi Thong,

On 21.04.2015 12:57, thong wrote:
 Is that my board MX6Q SABRESD differs from SABRELITE causing this?
 Please help me what I should do.

Of course, this might be a problem. I'd suggest you to check the UART
and the RAM configuration of Genode. For Sabrelite, both can be found in
[1]. Maybe you're simply listening at another UART port.

If you find differences, you should add a new platform 'hw_sabresd_tz'.
What to do for that can be easily found by doing:

find $GENODE_DIR/repos/ $GENODE_DIR/tool/ -wholename *sabrelite*
grep -ri sabrelite $GENODE_DIR/repos/ $GENODE_DIR/tool/

The new platform should make use of the less specific imx6 sources like
it's done in the sabrelite sources.

Cheers,
Martin

[1] $GENODE_DIR/repos/base/include/platform/sabrelite/drivers/board_base.h

 Just notice you that 'sabrelite.bin' is binary format not u-boot image
 which I got from:
 //usr/local/genode-gcc/bin/genode-arm-objcopy -O binary
 var/run/tz_vmm_mx6/image.elf var/run/tz_vmm_mx6/sabrelite.bin/
 So I think I should fatload 'sabrelite.bin' into 0x10001000 which is
 text address of the image then I can directly execute it at that address
 with 'go' command. Is that my understanding wrong?


--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Develop Trustzone support for imx6

[Martin Stein]

Hi Thong,

 Just notice you that 'sabrelite.bin' is binary format not u-boot image
 which I got from:
 //usr/local/genode-gcc/bin/genode-arm-objcopy -O binary
 var/run/tz_vmm_mx6/image.elf var/run/tz_vmm_mx6/sabrelite.bin/
 So I think I should fatload 'sabrelite.bin' into 0x10001000 which is
 text address of the image then I can directly execute it at that address
 with 'go' command. Is that my understanding wrong?

Admittedly, I don't know if using a raw-binary-copied image of Genode
triggers any problems. I always use the uImage [1].

Cheers,
Martin

[1] $BUILD_DIR/var/run/$TARGET/uImage

--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Adding a Kernel Module in base-hw

[Martin Stein]

Hi Franc,

On 16.04.2015 13:52, Franc sylvester wrote:
 I have one more doubt regarding reading the general purpose register in
 Genode.
 I want to read the General purpose register value. Can you give me some
 clue on this   

In which environment do you want to read whose general purpose register?
Could you please give more details about your doubt?

Cheers,
Martin

--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Adding a Kernel Module in base-hw

[Martin Stein]

Hi Franc,

On 16.04.2015 12:01, Franc sylvester wrote:
 I used this explanation to write a system call but i am not able to get
 user argument value inside the system call.
 Can  you provide some more information to get argument value inside the
 system call.

As you can see in the other system calls in [1] it should be sufficient
in the userland to do:

ret = call(call_id_NAME(), (Call_arg)arg_0, (Call_arg)arg_1, ...);

This method can mangle up to 6 arguments into the appropriate registers
(on ARM registers R0...R5, for details see [2]). In the kernel, you can
then read these arguments by calling the following methods on the
Kernel::Thread object of the user:

arg_0 = user_arg_0();
arg_1 = user_arg_1();
...

To pass a return value to the user, call the following on the users
Kernel::Thread object:

user_arg_0(ret);

The return value is then returned by the initially mentioned function in
the userland.

Cheers,
Martin

[1] base-hw/include/kernel/interface.h
[2] base-hw/src/base/arm/kernel/interface.cc


--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main

Re: Data Abort MMU exception on mapped IO register read

[Martin Stein]

Hi Bob,

On 13.04.2015 14:41, Bob Stewart wrote:
 
 I'm running with 15.02, base-hw on a TI AM3359 processor. I've 
 successfully created device drivers for most of the devices on the 
 peripheral bus without issue. Accessing the the final device i need a 
 driver for, is causing me fits.
 
 I attached the IO device register space with the usual creation of a 
 Attached_io_mem_dataspace  based object which also uses the very useful 
 MMIO utility object. I also tried it without MMIO and just accessed the 
 space through local_addrvoid.

To simplify the error case even further, you could manually create an
'Io_mem_connection($DEVICE_BASE) io' and access the return value of
'env()-attach(io-dataspace())'.

 
 When I try to read an address in the mapped space I get an unknown MMU 
 exception. When I write to the same address no error occurs (I'm 
 assuming for now it's failing silently). Putting PDBG's in the arm 
 thread code shows that the error on the read is is being caused by a 
 DATAT_ABORT. Peeking at the data fault status register (dfsr) shows 
 0x805 which according the the the ARM7 technical reference manual 
 decodes to a translation table error.

This looks fishy to me. unknown MMU exception is printed if the
'in_fault' function returns false. The implementation of this function
in [1] returns false only on Data Aborts if 'Dfsr::Fs' is neither 5
(section transl. fault) nor 7 (page transl. fault) but obviously it is 5
in your case.

 
 The virtual address created when the io device is mapped is 0x81B0_ 
 (the load_addrvoid), but I see no section table entry being created 
 for 0x8100_. Only one is created at 0x8000_. If I'm remembering 
 correctly sections are 16 MB is size for this architecture. I'm 
 instrumenting short_translation_table.h to see what translation table 
 entries are being created. I also don't seen any short translation table 
 entries being created in the 0x81bxx_ region.

This must not be a problem as the Region Manager in Core doesn't map
eager. Instead, Core gets contacted by the kernel as soon as the first
fault occurs on a region (this is what should happen next in your
scenario). Then, if the faulter is allowed to acces the region, Core
adds the mapping to the translation table and resumes the faulter with
its PC set to the instruction that caused the fault.

 
 My platform support code does include the physical address and size for 
 the region containing the device I'm trying to access.
 
 The only physical difference with this device and the others I've 
 successfully created drivers for, is that is runs of the L4 
 interconnection whereas the others were on the L3 interconnect. In this 
 SoC the L4 is bridged to the L3 interconnect and runs at half the speed 
 of the L3 bus. But I doubt that this would make any difference to the 
 mapping of the device. This device is also much higher in memory that 
 the other devices.

Although I assume the 'in_fault' inconsistency mentioned above to be the
problem: Have you checked wether there is an additional bridge or
bus-access controller for the L4? E.g. we had problems with such a
controller (AIPS) on our i.MX boards in the past. It prevented access to
some devices that were connected through one bus (IPS) while access to
devices at the another bus wasn't a problem. Thus, we configure the
controller in [2].

Cheers,
Martin

[1] base-hw/src/core/include/spec/arm/cpu_support.h
[2] base-hw/src/core/include/spec/imx/board_support.h

--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF
___
genode-main mailing list
genode-main@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/genode-main