Hi,
On 05/27/2015 10:35 PM, ba_f wrote:
Am 2015-05-27 00:11, schrieb Adam Lackorzynski:
Hi ba_f,
On Wed May 20, 2015 at 11:40:27 +0200, ba_f wrote:
i decided not to use libshmc and do it "manually" with Dataspace and IRQ, because i think this comes closest to the communication between TrustZone worlds. It's the best starting point before pushing the project to TrustZone (ie. Normal world Client and Secure Server), isn't it?
Indeed, that really comes closer to that.
Anyway, i need some more help.
First, get_capL4Re::Dataspace("shmds") leads to a kernel warning.
KERNEL: Warning: nothing mapped: (Obj_space)
i guess, i dont understand that capability stuff entirely. What causes this warning?
Generally this warning is printed when trying to pass a capability (or memory) around but the source is empty. This is typically a programming error. Secondly I think the warning does not come from the get_cap call. That call just gets the cap from the environment where the program startup has already stored it. "shmds" must be a cap that has been specified in the "caps" table of your program in the lua script.
Adam
Ok, works now. (The Warning appeared because i did commented out 'server.loop()' and main() did exit with 'return 0').
Anyway, i still have some question about that IRQ, and i would be grateful if u could answer them, too.
I found two examples with IRQ: 'l4/pkg/examples/sys/map_irq' and 'l4/pkg/examples/libs/l4re/c++/shared_ds'. I guess i could easily adapt them.
What makes we wonder, is that both examples make use of 'L4::Ipc::Iostream'. Actually, i dont see any difference between IRQ & IPC, since both are registered servers using L4.default_loader:new_channel().
I think here is a little bit of misconception. L4.default_loader:new_channel() creates a new IPC gate (from Lua) which can be used by threads to send IPC messages. (Virtual) IRQs are a different type of kernel object but the trigger() function eventually maps to IPC. You can read about the different kernel objects here [1]. You should also make yourself familiar with the Factory API which is used to create new kernel objects.
I guess, IPC is build upon IRQ?
However, you said that IPC is not possible between TrustZone worlds, because each world has a separate microkernel instance. I reason there is no L4.default_loader:new_channel() possible between worlds? Do u have an example design for TZ communication?
Your observation is right. Essentially you have to use the 'smc' instruction (secure monitor call) to initiate a mode switch. The exception handler on the secure side then can evaluate the SMC value to determine the service requested.
Matthias.
[1] https://os.inf.tu-dresden.de/L4Re/doc/index.html#l4re_concepts_fiasco_kobjec...