Hi,Stefan
>Surely this is the right way to go. All ingredients are already in place. Have
>a look at the usb_armory platform, which uses exactly the same SoC i.MX53 with
>a trustzone Linux using the sd-card client-wise from the Genode secure-world.
>You need to change the sd-card device assignment in:
>`repos/base-hw/src/bootstrap/spec/imx53_qsb/platform_trustzone.cc`
>The fourth parameter of the Csu object decides over the sd-card assignment.
>And of course you need to change the Linux kernel to use the paravirtualized
>block device of the trustzone VMM.
>Please use the Linux kernel version + adaptations from here as inspiration:
>https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
Thank you very much for your help. Now I am trying to modify the linux kernel
according to your advice. And I have another question want for your help. Since
i.mx53 quick start board have two SD card slot, which are MicroSD card
slot(mmc0) and SD card slot(mmc1) respectively.So, can I configure them to be
secure or non-secure seperately?In other words, does the CSU object in the
repos/base-hw/src/bootstrap/spec/imx53_qsb/platform_trustzone.cc configure both
mmc0 and mmc1 to be secure or non-secure at the same time? Because, from the
system booting message, I can only find the mmc0 which is also used for
booting that is found by the SD card driver, but there's no information about
mmc1. I have insert SD card to both mmc0 and mmc1 and part of the booting
message are as follows:
[init -> platform_drv] --- i.MX53 platform driver ---
[init -> sd_card_drv] --- SD card driver ---
[init] child "platform_drv" announces service "Platform"
[init] child "sd_card_drv" announces service "Block"
[init -> sd_card_drv] CID: 0x3534453 0x55303447 0x80b0970d 0x4000e700
[init -> sd_card_drv] RCA: 0xe624
[init -> sd_card_drv] SD card detected
[init -> sd_card_drv] capacity: 3781 MiB
[init -> part_blk] Partition 1: LBA 10240 (7733248 blocks) type: 83
[init] child "part_blk" announces service "Block"
[init -> part_blk] session opened at partition 1 for 'rump_fs -> '
[init -> rump_fs] Using ext2fs as file system
[init -> rump_fs] asserting rump kernel 14109 KB of RAM
[init -> rump_fs] rump: /genode: file system not clean; please fsck(8)
I am wondering if I can config mmc0 and mmc1 to be secure and non-secure
respectively.In this way, the mmc1 can be used by linux kernel directly. Thank
you in advance!
------------------
Best wishes_______________________________________________
Genode users mailing list
[email protected]
https://lists.genode.org/listinfo/users
