Testing Fiasco.OC+L4re on ODROID-X2(Exynos4412)

Adam Lackorzynski adam at os.inf.tu-dresden.de
Thu Jun 25 23:40:29 CEST 2015

On Thu Jun 11, 2015 at 17:13:27 -0400, Reinier Millo Sánchez wrote:
> On 06/11/2015 04:39 PM, Adam Lackorzynski wrote:
> >Hi,
> >
> >On Thu Jun 04, 2015 at 23:56:15 -0400, Reinier Millo Sánchez wrote:
> >>We have adapted the Proc class to support the IRQ on Fiasco.OC when
> >>compiling it in TrustZone Normal Side. Following the principle that in
> >>TrustZone the IRQ are used on Normal Side and the FIQ are used in Secure
> >>Side, we have only used the IRQ when compile the Fiasco.OC with TrustZone
> >>Normal Side. By default Fiasco.OC was using the IRQ and FIQ when compiling
> >>with TrustZone Normal Side. This is our patch:
> >True that on normal side only the FIQ is used, but the FIQ state shall
> >not play a role there, as the normal side must not be able to interfere
> >with the secure side. So it shouldn't matter?
> The normal side must not interfere with secure side. The normal side only
> use the IRQ and secure side the FIQ. By default when not using TrustZone
> Secure Side, Fiasco.OC try to enable both interrupts, the IRQ and FIQ. We
> think that there is a problem, when the kernel running on normal side try to
> write the FIQ bit. In this case we think that the operation is cancelled and
> the IRQ remains deactivated too.

So any idea why this is happening? I looked at the manual and it clearly
says that CPSR.F does not play any role on the normale side, given that
SCR.FW=0 which I guess must be the case. What's running on the secure
side in this case?

> The current implementation of Fiasco.OC make a diference only in TrustZone
> Secure Side, and only activates the FIQ. We adapted the Proc class to
> activate only the IRQ when compiling FiascoOC on TrustZone Normal Side with
> a Secure Monitor Interface. In this case the FIQ bit is not write and the
> operation isn't cancelled.
> >
> >>Now when we compile Fiasco.OC and run the Hello example for Odroid-X2 using
> >>TrustZone Normal Side, it works fine.
> >Ok good. What is running on the secure side in this case?
> In this case we have nothing running on secure side.
> >
> >>We have noted the when is compiled with TrustZone Secure Side, then only use
> >>the FIQ, but when try to run it on Odroid-X2 it fails. This is the serial
> >>output:
> >>
> >>    GIC: Switching IRQ 64 to secure
> >>    GIC: Switching IRQ 79 to secure
> >>    GIC: Switching IRQ 78 to secure
> >>    GIC: Switching IRQ 9 to secure
> >>    GIC: Switching IRQ 8 to secure
> >>    GIC: Switching IRQ 10 to secure
> >>    GIC: Switching IRQ 11 to secure
> >Did you try to figure out where it is stuck?
> In this case we have only tested the simple configuration. We have seen that
> to run a example with TrustZone Secure Side, seems to be a little more
> complex. Now we are trying to test de vmm's example.
> >
> >>We are also interested to use Fiasco.OC for ODROID-X2 without TrustZone, in
> >>which case we must configure both IRQ and FIQ, but fails. This the serial
> >>output:
> >Is that the 'std' mode? I.e. there's nothing running on the secure side?
> This is standard mode without trustzone. The FiascoOC is configured in
> standard mode.
> I have been looking for information about the trustzone, this is a security
> mechanism provided by hardware. But, there is any way to use the hardware
> without trustzone, or it must be used always on normal or secure side?

If the security extension is there but you do not want to use it, just
run as it would not be there. In this case you'd be running on the
secure side. If you do not launch a normal side you do not need to care
about the TZ specifics.

Adam                 adam at os.inf.tu-dresden.de
  Lackorzynski         http://os.inf.tu-dresden.de/~adam/

More information about the l4-hackers mailing list