Discussion:
tz_vmm run script
John David
2016-02-03 21:51:56 UTC
Permalink
Hi all,

I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be displayed
on the LVDS while the Genode uses the serial console. I wonder if you could
tell me how can i do this.

Thanks!
Stefan Kalkowski
2016-02-10 13:52:41 UTC
Permalink
Hi John,
Post by John David
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be displayed
on the LVDS while the Genode uses the serial console. I wonder if you could
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world
(Genode) and non-secure world (Linux). This is primarily done via the
CSU (Central Security Unit) of this Freescale SoC. You can find the
relevant configuration hardcoded within:

repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h

just reset mostly all devices except the UART to belong to the
non-secure world, and set the DMA channel of the GPU (line 222) to be
unsecure. Remove the relevant patches of the Linux guest OS from this
branch (I think the last 4 commits):

https://github.com/skalk/linux/commits/imx53-tz

and then re-build the Linux kernel and Genode scenario.

Regards
Stefan
Post by John David
Thanks!
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
John David
2016-02-12 23:54:52 UTC
Permalink
Hi Stefan,

Thanks a lot.

I have tried to configure and run the tz_vmm example according to your
explanation, but only the Linux penguin is displayed on left corner of the
LVDS display kit and then it hangs. As you mentioned, I removed the last
four patches from this branch (
https://github.com/skalk/linux/commits/imx53-tz) and re-compiled the Linux
kernel. I also changed the kernel cmdline argument value in
genode/os/src/server/tz_vmm/imx53/main.cc file to *console=ttymxc0,115200
gpu_nommu video=mxcdi0fb:RGB666,XGA di0_primary ldb=di0*. I wonder if you
could tell me what is missing?

Thanks!



On Wed, Feb 10, 2016 at 2:52 PM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Post by John David
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be
displayed
Post by John David
on the LVDS while the Genode uses the serial console. I wonder if you
could
Post by John David
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world
(Genode) and non-secure world (Linux). This is primarily done via the
CSU (Central Security Unit) of this Freescale SoC. You can find the
repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
just reset mostly all devices except the UART to belong to the
non-secure world, and set the DMA channel of the GPU (line 222) to be
unsecure. Remove the relevant patches of the Linux guest OS from this
https://github.com/skalk/linux/commits/imx53-tz
and then re-build the Linux kernel and Genode scenario.
Regards
Stefan
Post by John David
Thanks!
------------------------------------------------------------------------------
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
Stefan Kalkowski
2016-02-22 10:18:16 UTC
Permalink
Hi John,

sorry for my late response, I was in holidays.
Post by John David
Hi Stefan,
Thanks a lot.
I have tried to configure and run the tz_vmm example according to your
explanation, but only the Linux penguin is displayed on left corner of the
LVDS display kit and then it hangs.
Ok, that means Linux succeeds in using the LVDS display. When you write:
"it hangs" do you get any message from the Genode side, e.g. a VM
exception dump? Otherwise you need to inspect the Linux kernel messages,
did you enabled earlyprintk, and removed the serial console redirection
of the kernel messages within the kernel commandline parameters?

regards stefan
Post by John David
As you mentioned, I removed the last
four patches from this branch (
https://github.com/skalk/linux/commits/imx53-tz) and re-compiled the Linux
kernel. I also changed the kernel cmdline argument value in
genode/os/src/server/tz_vmm/imx53/main.cc file to *console=ttymxc0,115200
gpu_nommu video=mxcdi0fb:RGB666,XGA di0_primary ldb=di0*. I wonder if you
could tell me what is missing?
Thanks!
On Wed, Feb 10, 2016 at 2:52 PM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Post by John David
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be
displayed
Post by John David
on the LVDS while the Genode uses the serial console. I wonder if you
could
Post by John David
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world
(Genode) and non-secure world (Linux). This is primarily done via the
CSU (Central Security Unit) of this Freescale SoC. You can find the
repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
just reset mostly all devices except the UART to belong to the
non-secure world, and set the DMA channel of the GPU (line 222) to be
unsecure. Remove the relevant patches of the Linux guest OS from this
https://github.com/skalk/linux/commits/imx53-tz
and then re-build the Linux kernel and Genode scenario.
Regards
Stefan
Post by John David
Thanks!
------------------------------------------------------------------------------
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
John David
2016-02-24 23:58:30 UTC
Permalink
Hi Stefan,

thank you so much for your response.

On Mon, Feb 22, 2016 at 11:18 AM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
sorry for my late response, I was in holidays.
Post by John David
Hi Stefan,
Thanks a lot.
I have tried to configure and run the tz_vmm example according to your
explanation, but only the Linux penguin is displayed on left corner of
the
Post by John David
LVDS display kit and then it hangs.
"it hangs" do you get any message from the Genode side, e.g. a VM
exception dump?
no VM exception dump if i disable the serial port (CONFIG_SERIAL_MXC and
CONFIG_SERIAL_MXC_CONSOLE) in the Linux configuration file. FYI, i use
imx53_android_deconfig in /arch/arm/configs for building the Linux kernel.
Post by Stefan Kalkowski
Otherwise you need to inspect the Linux kernel messages,
did you enabled earlyprintk, and removed the serial console redirection
of the kernel messages within the kernel commandline parameters?
I changed the kernel commandline parameters to *"video=mxcdi0fb:RGB666,XGA
earlyprintk di0_primary ldb=di0*" and also enable early_printk
(CONFIG_EARLY_PRINTK=y ), but it still displays the Linux penguin logo on
top left conner of the LVDS display, and hangs. Do i still miss something?
Would you please let me know? However, If i set the UART device as
UNSECURED and enable the the serial port in the configuration file, the
Linux boots properly without an error and i get a shell in the serial
console.
Post by Stefan Kalkowski
regards stefan
BTW, is it possible to run the guest OS unmodified in the normal world
while Genode in the secure world using this 'tz_vmm' run example? i have a
prebuilt Android/Linux uImage for imx53 QSB from the www.freeescale.com. Is
it possible to run this uImage if i put it manually in place of Linux
uImage in Genode build directory? if not, how do i modify if i get the
source code? Do you have any other experiment for ARM TrustZone on imx53
QSB?

Thanks!
Post by Stefan Kalkowski
Post by John David
As you mentioned, I removed the last
four patches from this branch (
https://github.com/skalk/linux/commits/imx53-tz) and re-compiled the
Linux
Post by John David
kernel. I also changed the kernel cmdline argument value in
genode/os/src/server/tz_vmm/imx53/main.cc file to
*console=ttymxc0,115200
Post by John David
gpu_nommu video=mxcdi0fb:RGB666,XGA di0_primary ldb=di0*. I wonder if you
could tell me what is missing?
Thanks!
On Wed, Feb 10, 2016 at 2:52 PM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Post by John David
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be
displayed
Post by John David
on the LVDS while the Genode uses the serial console. I wonder if you
could
Post by John David
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world
(Genode) and non-secure world (Linux). This is primarily done via the
CSU (Central Security Unit) of this Freescale SoC. You can find the
repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
just reset mostly all devices except the UART to belong to the
non-secure world, and set the DMA channel of the GPU (line 222) to be
unsecure. Remove the relevant patches of the Linux guest OS from this
https://github.com/skalk/linux/commits/imx53-tz
and then re-build the Linux kernel and Genode scenario.
Regards
Stefan
Post by John David
Thanks!
------------------------------------------------------------------------------
Post by John David
Post by Stefan Kalkowski
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Post by John David
Post by Stefan Kalkowski
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
Stefan Kalkowski
2016-02-25 09:25:16 UTC
Permalink
Hi John,
Post by John David
Hi Stefan,
thank you so much for your response.
On Mon, Feb 22, 2016 at 11:18 AM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
sorry for my late response, I was in holidays.
Post by John David
Hi Stefan,
Thanks a lot.
I have tried to configure and run the tz_vmm example according to your
explanation, but only the Linux penguin is displayed on left corner of
the
Post by John David
LVDS display kit and then it hangs.
"it hangs" do you get any message from the Genode side, e.g. a VM
exception dump?
no VM exception dump if i disable the serial port (CONFIG_SERIAL_MXC and
CONFIG_SERIAL_MXC_CONSOLE) in the Linux configuration file. FYI, i use
imx53_android_deconfig in /arch/arm/configs for building the Linux kernel.
Post by Stefan Kalkowski
Otherwise you need to inspect the Linux kernel messages,
did you enabled earlyprintk, and removed the serial console redirection
of the kernel messages within the kernel commandline parameters?
I changed the kernel commandline parameters to *"video=mxcdi0fb:RGB666,XGA
earlyprintk di0_primary ldb=di0*" and also enable early_printk
(CONFIG_EARLY_PRINTK=y ), but it still displays the Linux penguin logo on
top left conner of the LVDS display, and hangs. Do i still miss something?
Would you please let me know? However, If i set the UART device as
UNSECURED and enable the the serial port in the configuration file, the
Linux boots properly without an error and i get a shell in the serial
console.
I wonder that you do not see any kernel messages when not redirecting
the kernel console to serial line. However, potentially your Linux setup
boots successfully, but there the only TTY that is started refers to the
serial console. At least if you use the unmodified initramfs archive of
our i.MX53 TrustZone example setup this would be the case.
So you have to unpack the initramfs, patch the init's configuration so
that it will start a (login) shell on tty1.

If that does not help, you need to find out why the kernel does not show
anything (kernel messages) on screen by setting up the same scenario
without Genode with an unmodified Linux kernel and thereby tweaking the
kernel/initramfs until you see the kernel messages on screen.
Post by John David
Post by Stefan Kalkowski
regards stefan
BTW, is it possible to run the guest OS unmodified in the normal world
while Genode in the secure world using this 'tz_vmm' run example? i have a
prebuilt Android/Linux uImage for imx53 QSB from the www.freeescale.com. Is
it possible to run this uImage if i put it manually in place of Linux
uImage in Genode build directory? if not, how do i modify if i get the
source code? Do you have any other experiment for ARM TrustZone on imx53
QSB?
No it is not possible to run an unmodified kernel in the normal world.
TrustZone is _no_ virtualization technology. The "guest" kernel always
needs to be aware what resources it is able to access and which not. It
is hard, or in general impossible to virtualize via trap-and-emulate.
Please, have a look at our TrustZone article for further details,
including our Android scenario:

http://genode.org/documentation/articles/trustzone

Currently, we do not have any out-of-the-box example scenarios for the
i.MX53 QSB, which make use of TrustZone. Other examples are using either
the i.MX53 SABRE Tablet, or the USB armory. For the latest, please have
a look at the development story and presentation of Martin Stein:

http://genode.org/documentation/articles/usb_armory

http://mirrors.dotsrc.org/fosdem/2016/k4601/genodes-trustzone-demo-on-the-usb-armory.mp4

Regards
Stefan
Post by John David
Thanks!
Post by Stefan Kalkowski
Post by John David
As you mentioned, I removed the last
four patches from this branch (
https://github.com/skalk/linux/commits/imx53-tz) and re-compiled the
Linux
Post by John David
kernel. I also changed the kernel cmdline argument value in
genode/os/src/server/tz_vmm/imx53/main.cc file to
*console=ttymxc0,115200
Post by John David
gpu_nommu video=mxcdi0fb:RGB666,XGA di0_primary ldb=di0*. I wonder if you
could tell me what is missing?
Thanks!
On Wed, Feb 10, 2016 at 2:52 PM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Post by John David
Hi all,
I am running tz_vmm run script on i.mx53qsb. I have LVDS display kit
attached to the board. I want the Linux (non secure world) to be
displayed
Post by John David
on the LVDS while the Genode uses the serial console. I wonder if you
could
Post by John David
tell me how can i do this.
You have to adjust the partitioning of the devices btween secure world
(Genode) and non-secure world (Linux). This is primarily done via the
CSU (Central Security Unit) of this Freescale SoC. You can find the
repos/base-hw/src/core/include/spec/imx53/trustzone/csu.h
just reset mostly all devices except the UART to belong to the
non-secure world, and set the DMA channel of the GPU (line 222) to be
unsecure. Remove the relevant patches of the Linux guest OS from this
https://github.com/skalk/linux/commits/imx53-tz
and then re-build the Linux kernel and Genode scenario.
Regards
Stefan
Post by John David
Thanks!
------------------------------------------------------------------------------
Post by John David
Post by Stefan Kalkowski
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Post by John David
Post by Stefan Kalkowski
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Post by John David
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
Martin Stein
2016-02-25 10:35:58 UTC
Permalink
Hi John,
Post by John David
I changed the kernel commandline parameters to
/"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0/" and also
enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the
Have you set CONFIG_DEBUG_LL and CONFIG_TTY_PRINTK in your Linux config?
AFAIK this is also needed for earlyprintk. When I want my Linux to be
really verbose, I furthermore add "loglevel=10" to the command line.
Post by John David
Do you have any other experiment for ARM TrustZone on imx53 QSB?
AFAIK, no. We have a Trustzone demo for the USB Armory currently for
which you can find the Linux [1] and Genode sources [2] online. There
are several topic branches in my Linux repo that correspond to the USB
Armory port and document the problems that we solved in a more detailed
way as the final branch. Furthermore, there is a github issue [3] were I
documented parts of the development too.

Cheers,
Martin


[1] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
[2] https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
[3] https://github.com/genodelabs/genode/issues/1497
John David
2016-03-03 01:38:04 UTC
Permalink
Hi,
Post by Stefan Kalkowski
Hi John,
Post by John David
I changed the kernel commandline parameters to
/"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0/" and also
enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the
Have you set CONFIG_DEBUG_LL and CONFIG_TTY_PRINTK in your Linux config?
AFAIK this is also needed for earlyprintk. When I want my Linux to be
really verbose, I furthermore add "loglevel=10" to the command line.
Could you please see the attached kernel log messages and check for
possible errors? because I am still getting only the Linux penguin on the
LVDS display. there are some errors such as,
*da9052_ssc_i2c 0-0048: 2 - da9052_i2c_read:master_xfer Failed!*
Post by Stefan Kalkowski
Post by John David
Do you have any other experiment for ARM TrustZone on imx53 QSB?
AFAIK, no. We have a Trustzone demo for the USB Armory currently for
which you can find the Linux [1] and Genode sources [2] online. There
are several topic branches in my Linux repo that correspond to the USB
Armory port and document the problems that we solved in a more detailed
way as the final branch. Furthermore, there is a github issue [3] were I
documented parts of the development too.
I have managed to run the trustzone demo on USB Armory. Currently i am
using the serial port to boot the demo. I want the Linux (non secure world)
to be displayed on a separate device while the Genode uses the serial port.
Is it possible to connect the USB Armory to external device such as
keyboard and display? I have an external USB NIC card connected to the USB
Armory using the host adapter and tried to check the network connection in
the normal world (Linux) after i run the Trustzone demo, but the network
card is not detected. How to connect to the internet using USB Armory?


Thank you in advance for your answers.
Post by Stefan Kalkowski
Cheers,
Martin
[1] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
[2]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
[3] https://github.com/genodelabs/genode/issues/1497
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
Stefan Kalkowski
2016-03-04 10:35:02 UTC
Permalink
Hi John,
Post by John David
Hi,
Post by Stefan Kalkowski
Hi John,
Post by John David
I changed the kernel commandline parameters to
/"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0/" and also
enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the
Have you set CONFIG_DEBUG_LL and CONFIG_TTY_PRINTK in your Linux config?
AFAIK this is also needed for earlyprintk. When I want my Linux to be
really verbose, I furthermore add "loglevel=10" to the command line.
Could you please see the attached kernel log messages and check for
possible errors? because I am still getting only the Linux penguin on the
LVDS display. there are some errors such as,
*da9052_ssc_i2c 0-0048: 2 - da9052_i2c_read:master_xfer Failed!*
Ok, obviously you redirect the bootconsole to serial line again. But did
you see any boot messages when not redirecting and setting the kernel
options that Martin mentioned?
More importantly, what about my hint to inspect the initramfs you are
using, whether the init process will spawn a tty on-screen at all? It's
hard to follow you when not getting feedback regarding earlier questions.

Alternatively, you can provide a git branch containing the Linux version
including your currently used configuration, and a Genode branch with
your state including the run-script you are using (including the
initramfs, you're using), so one can reproduce your results.

Regarding the I2C error in your kernel boot messages, I think something
importantly for the I2C controller to work properly is missing in your
kernel configuration (in our branch we gave control of it to Genode, so
it was normal that the kernel could not succeed with it).

Regards
Stefan
Post by John David
Post by Stefan Kalkowski
Post by John David
Do you have any other experiment for ARM TrustZone on imx53 QSB?
AFAIK, no. We have a Trustzone demo for the USB Armory currently for
which you can find the Linux [1] and Genode sources [2] online. There
are several topic branches in my Linux repo that correspond to the USB
Armory port and document the problems that we solved in a more detailed
way as the final branch. Furthermore, there is a github issue [3] were I
documented parts of the development too.
I have managed to run the trustzone demo on USB Armory. Currently i am
using the serial port to boot the demo. I want the Linux (non secure world)
to be displayed on a separate device while the Genode uses the serial port.
Is it possible to connect the USB Armory to external device such as
keyboard and display? I have an external USB NIC card connected to the USB
Armory using the host adapter and tried to check the network connection in
the normal world (Linux) after i run the Trustzone demo, but the network
card is not detected. How to connect to the internet using USB Armory?
Thank you in advance for your answers.
Post by Stefan Kalkowski
Cheers,
Martin
[1] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
[2]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
[3] https://github.com/genodelabs/genode/issues/1497
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
John David
2016-03-05 01:57:03 UTC
Permalink
Hi Stefan,


Thank you for your reply.

On Fri, Mar 4, 2016 at 11:35 AM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Hi,
On Thu, Feb 25, 2016 at 11:35 AM, Martin Stein <
Post by Stefan Kalkowski
Hi John,
Post by John David
I changed the kernel commandline parameters to
/"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0/" and also
enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the
Have you set CONFIG_DEBUG_LL and CONFIG_TTY_PRINTK in your Linux config?
AFAIK this is also needed for earlyprintk. When I want my Linux to be
really verbose, I furthermore add "loglevel=10" to the command line.
Could you please see the attached kernel log messages and check for
possible errors? because I am still getting only the Linux penguin on the
LVDS display. there are some errors such as,
*da9052_ssc_i2c 0-0048: 2 - da9052_i2c_read:master_xfer Failed!*
Ok, obviously you redirect the bootconsole to serial line again. But did
you see any boot messages when not redirecting and setting the kernel
options that Martin mentioned?
More importantly, what about my hint to inspect the initramfs you are
using, whether the init process will spawn a tty on-screen at all? It's
hard to follow you when not getting feedback regarding earlier questions.
I have tried different options, but no luck so far.
Post by Stefan Kalkowski
Alternatively, you can provide a git branch containing the Linux version
including your currently used configuration, and a Genode branch with
your state including the run-script you are using (including the
initramfs, you're using), so one can reproduce your results.
Please find my patches in the following branches (Genode, Linux and
initramfs)

https://github.com/jonhedave/Genode/tree/genode
https://github.com/jonhedave/linux/tree/linux
https://github.com/jonhedave/initramfs/tree/initramfs
Post by Stefan Kalkowski
Regarding the I2C error in your kernel boot messages, I think something
importantly for the I2C controller to work properly is missing in your
kernel configuration (in our branch we gave control of it to Genode, so
it was normal that the kernel could not succeed with it).
Regards
Stefan
Thanks,
Post by Stefan Kalkowski
Post by Stefan Kalkowski
Post by John David
Do you have any other experiment for ARM TrustZone on imx53 QSB?
AFAIK, no. We have a Trustzone demo for the USB Armory currently for
which you can find the Linux [1] and Genode sources [2] online. There
are several topic branches in my Linux repo that correspond to the USB
Armory port and document the problems that we solved in a more detailed
way as the final branch. Furthermore, there is a github issue [3] were I
documented parts of the development too.
I have managed to run the trustzone demo on USB Armory. Currently i am
using the serial port to boot the demo. I want the Linux (non secure
world)
to be displayed on a separate device while the Genode uses the serial
port.
Is it possible to connect the USB Armory to external device such as
keyboard and display? I have an external USB NIC card connected to the
USB
Armory using the host adapter and tried to check the network connection
in
the normal world (Linux) after i run the Trustzone demo, but the network
card is not detected. How to connect to the internet using USB Armory?
Thank you in advance for your answers.
Post by Stefan Kalkowski
Cheers,
Martin
[1] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
[2]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
Post by Stefan Kalkowski
[3] https://github.com/genodelabs/genode/issues/1497
------------------------------------------------------------------------------
Post by Stefan Kalkowski
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
Stefan Kalkowski
2016-03-07 11:15:46 UTC
Permalink
Hi John,
Post by John David
Hi Stefan,
Thank you for your reply.
On Fri, Mar 4, 2016 at 11:35 AM, Stefan Kalkowski <
Post by Stefan Kalkowski
Hi John,
Hi,
On Thu, Feb 25, 2016 at 11:35 AM, Martin Stein <
Post by Stefan Kalkowski
Hi John,
Post by John David
I changed the kernel commandline parameters to
/"video=mxcdi0fb:RGB666,XGA earlyprintk di0_primary ldb=di0/" and also
enable early_printk (CONFIG_EARLY_PRINTK=y ), but it still displays the
Have you set CONFIG_DEBUG_LL and CONFIG_TTY_PRINTK in your Linux config?
AFAIK this is also needed for earlyprintk. When I want my Linux to be
really verbose, I furthermore add "loglevel=10" to the command line.
Could you please see the attached kernel log messages and check for
possible errors? because I am still getting only the Linux penguin on the
LVDS display. there are some errors such as,
*da9052_ssc_i2c 0-0048: 2 - da9052_i2c_read:master_xfer Failed!*
Ok, obviously you redirect the bootconsole to serial line again. But did
you see any boot messages when not redirecting and setting the kernel
options that Martin mentioned?
More importantly, what about my hint to inspect the initramfs you are
using, whether the init process will spawn a tty on-screen at all? It's
hard to follow you when not getting feedback regarding earlier questions.
I have tried different options, but no luck so far.
Post by Stefan Kalkowski
Alternatively, you can provide a git branch containing the Linux version
including your currently used configuration, and a Genode branch with
your state including the run-script you are using (including the
initramfs, you're using), so one can reproduce your results.
Please find my patches in the following branches (Genode, Linux and
initramfs)
https://github.com/jonhedave/Genode/tree/genode
https://github.com/jonhedave/linux/tree/linux
https://github.com/jonhedave/initramfs/tree/initramfs
As I've assumed Linux already succeeded with its boot process. The
console messages and prompt was not shown, because the Linux Kernel
configuration was missing "framebuffer console" support. Probably that
is not needed for Android, but it is for the busybox initramfs setup. To
simplify these kind of Linux problems debugging, I've integrated the
para-virtual serial line driver we use for the USB armory. Have a look
at my forks of your branches:

https://github.com/skalk/genode/tree/johndave
https://github.com/skalk/linux/tree/johndave

Regards
Stefan
Post by John David
Post by Stefan Kalkowski
Regarding the I2C error in your kernel boot messages, I think something
importantly for the I2C controller to work properly is missing in your
kernel configuration (in our branch we gave control of it to Genode, so
it was normal that the kernel could not succeed with it).
Regards
Stefan
Thanks,
Post by Stefan Kalkowski
Post by Stefan Kalkowski
Post by John David
Do you have any other experiment for ARM TrustZone on imx53 QSB?
AFAIK, no. We have a Trustzone demo for the USB Armory currently for
which you can find the Linux [1] and Genode sources [2] online. There
are several topic branches in my Linux repo that correspond to the USB
Armory port and document the problems that we solved in a more detailed
way as the final branch. Furthermore, there is a github issue [3] were I
documented parts of the development too.
I have managed to run the trustzone demo on USB Armory. Currently i am
using the serial port to boot the demo. I want the Linux (non secure
world)
to be displayed on a separate device while the Genode uses the serial
port.
Is it possible to connect the USB Armory to external device such as
keyboard and display? I have an external USB NIC card connected to the
USB
Armory using the host adapter and tried to check the network connection
in
the normal world (Linux) after i run the Trustzone demo, but the network
card is not detected. How to connect to the internet using USB Armory?
Thank you in advance for your answers.
Post by Stefan Kalkowski
Cheers,
Martin
[1] https://github.com/m-stein/linux/tree/genode_hw_usb_armory_tz_vmm
[2]
https://github.com/genodelabs/genode/blob/master/repos/os/run/tz_vmm.run
Post by Stefan Kalkowski
[3] https://github.com/genodelabs/genode/issues/1497
------------------------------------------------------------------------------
Post by Stefan Kalkowski
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs
http://www.genode-labs.com/ · http://genode.org/
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
------------------------------------------------------------------------------
_______________________________________________
genode-main mailing list
https://lists.sourceforge.net/lists/listinfo/genode-main
--
Stefan Kalkowski
Genode Labs

http://www.genode-labs.com/ · http://genode.org/
Loading...