2012-10-10 17:31:22 +02:00
|
|
|
#
|
|
|
|
# \brief Virtual-machine monitor demo
|
|
|
|
# \author Stefan Kalkowski
|
2015-02-25 00:02:36 +01:00
|
|
|
# \author Martin Stein
|
2012-10-10 17:31:22 +02:00
|
|
|
# \date 2012-06-25
|
|
|
|
#
|
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
#
|
|
|
|
# On USB Armory
|
|
|
|
# #############
|
|
|
|
#
|
|
|
|
# Create bootable microSD card
|
|
|
|
# ============================
|
|
|
|
#
|
|
|
|
# :User settings:
|
|
|
|
#
|
|
|
|
# ! export TARGET_DEV=/dev/sdX # empty boot medium
|
|
|
|
# ! export TARGET_MNT=/mnt # where to mount the boot medium
|
|
|
|
# ! export GENODE_DIR=/path/genode # root of the Genode sources
|
2017-01-03 13:17:41 +01:00
|
|
|
# ! export BUILD_DIR=/path/build/usb_armory # Genode build directory
|
2015-11-02 14:34:49 +01:00
|
|
|
#
|
|
|
|
# :Format microSD card:
|
|
|
|
#
|
|
|
|
# ! sudo parted $TARGET_DEV --script mklabel msdos
|
|
|
|
# ! sudo parted $TARGET_DEV --script mkpart primary ext4 10M 110M
|
|
|
|
# ! sudo parted $TARGET_DEV --script mkpart primary ext4 110M 2105M
|
|
|
|
# ! sudo mkfs.ext4 ${TARGET_DEV}1
|
|
|
|
# ! sudo mkfs.ext4 ${TARGET_DEV}2
|
|
|
|
#
|
|
|
|
# :Install bootloader:
|
|
|
|
#
|
|
|
|
# ! cd $GENODE_DIR
|
2017-01-03 13:17:41 +01:00
|
|
|
# ! ./tool/create_uboot usb_armory
|
|
|
|
# ! sudo dd if=contrib/uboot/build/usb_armory/mmc_img of=$TARGET_DEV bs=1K seek=1 conv=fsync
|
2015-11-02 14:34:49 +01:00
|
|
|
#
|
|
|
|
# :Install Genode:
|
|
|
|
#
|
|
|
|
# ! cd $BUILD_DIR
|
|
|
|
# ! echo "RUN_OPT += --include image/uboot" >> etc/build.conf
|
|
|
|
# ! make run/tz_vmm
|
|
|
|
# ! sudo mount ${TARGET_DEV}1 $TARGET_MNT
|
|
|
|
# ! sudo cp var/run/tz_vmm/uImage $TARGET_MNT
|
|
|
|
# ! sudo umount $TARGET_MNT
|
|
|
|
#
|
|
|
|
# :Install Linux rootfs:
|
|
|
|
#
|
|
|
|
# ! sudo partclone.extfs -r -d -s var/run/tz_vmm/rootfs -o ${TARGET_DEV}2
|
|
|
|
#
|
|
|
|
# :Insert microSD card into USB Armory:
|
|
|
|
#
|
|
|
|
# [https://github.com/inversepath/usbarmory/wiki/microSD-compatibility]
|
|
|
|
#
|
|
|
|
# :Connect USB Armory to host machine via USB-to-TTL serial cable:
|
|
|
|
#
|
|
|
|
# [https://github.com/inversepath/usbarmory/wiki/GPIOs#breakout-header]
|
|
|
|
#
|
|
|
|
# :Connect to USB Armory COM port:
|
|
|
|
#
|
|
|
|
# ! sudo picocom -b 115200 -r -l /dev/ttyUSB0
|
|
|
|
#
|
|
|
|
# :Insert USB Armory into host USB slot and interrupt auto boot on COM port:
|
|
|
|
#
|
|
|
|
# :Send bootloader commands on COM port:
|
|
|
|
#
|
|
|
|
# ! ext2load mmc 0:1 0x74000000 /uImage
|
|
|
|
# ! bootm 0x74000000
|
|
|
|
#
|
2016-01-19 11:04:14 +01:00
|
|
|
# :Linux login:
|
|
|
|
#
|
|
|
|
# The login and password of the Linux guest are both "usbarmory"
|
|
|
|
#
|
2015-11-02 14:34:49 +01:00
|
|
|
# :Communicate with Linux via CDC Ethernet:
|
|
|
|
#
|
|
|
|
# [https://github.com/inversepath/usbarmory/wiki/Host-communication#cdc-ethernet]
|
|
|
|
#
|
|
|
|
# Further information
|
|
|
|
# ===================
|
|
|
|
#
|
|
|
|
# :Tutorial on how to reproduce the Linux images:
|
|
|
|
#
|
2016-03-07 10:29:45 +01:00
|
|
|
# [http://genode.org/files/release-15.11/usb_armory_tz_vmm/README]
|
2015-11-02 14:34:49 +01:00
|
|
|
#
|
|
|
|
# :Wiki about the USB Armory and the Linux:
|
|
|
|
#
|
|
|
|
# [https://github.com/inversepath/usbarmory/wiki]
|
|
|
|
#
|
|
|
|
|
2015-02-24 16:31:50 +01:00
|
|
|
assert_spec hw
|
2021-01-13 10:15:10 +01:00
|
|
|
assert_spec imx53_qsb_tz
|
2012-10-10 17:31:22 +02:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
# determine platform specific configuration
|
2021-01-13 10:15:10 +01:00
|
|
|
set trusted_led [have_board usb_armory]
|
|
|
|
set inversepath_linux [have_board usb_armory]
|
|
|
|
set freescale_linux [have_board imx53_qsb_tz]
|
2015-11-02 14:34:49 +01:00
|
|
|
set initrd_rootfs $freescale_linux
|
|
|
|
set mmc_rootfs $inversepath_linux
|
|
|
|
set dtb $inversepath_linux
|
|
|
|
|
|
|
|
set targets { core init server/tz_vmm }
|
|
|
|
|
2019-05-14 16:14:15 +02:00
|
|
|
proc tz_vmm_binary {} {
|
2021-01-13 10:15:10 +01:00
|
|
|
if {[have_board usb_armory]} { return usb_armory_tz_vmm }
|
|
|
|
if {[have_board imx53_qsb]} { return imx53_qsb_tz_vmm }
|
2019-05-14 16:14:15 +02:00
|
|
|
return no_tz_vmm_binary
|
|
|
|
}
|
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
if { $mmc_rootfs } {
|
|
|
|
|
|
|
|
# choose interrupt for paravirtualized block
|
2021-01-13 10:15:10 +01:00
|
|
|
if { [have_board imx53_qsb_tz] } { set tz_vmm_block_irq 92 }
|
2015-11-02 14:34:49 +01:00
|
|
|
|
|
|
|
# add targets that enable MMC access via paravirtualized block
|
2019-01-03 18:01:49 +01:00
|
|
|
lappend targets timer
|
2015-11-02 14:34:49 +01:00
|
|
|
lappend targets drivers/platform
|
2020-11-23 17:14:19 +01:00
|
|
|
lappend targets drivers/sd_card/imx53
|
2019-01-06 21:17:07 +01:00
|
|
|
lappend targets server/part_block
|
2015-11-02 14:34:49 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
lappend_if $trusted_led targets drivers/gpio
|
|
|
|
|
|
|
|
build $targets
|
|
|
|
|
2012-10-10 17:31:22 +02:00
|
|
|
create_boot_directory
|
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
# compose config
|
|
|
|
set config {
|
2012-10-10 17:31:22 +02:00
|
|
|
<config verbose="yes">
|
|
|
|
<parent-provides>
|
|
|
|
<service name="ROM"/>
|
|
|
|
<service name="IRQ"/>
|
|
|
|
<service name="IO_MEM"/>
|
2015-11-02 14:34:49 +01:00
|
|
|
<service name="IO_PORT"/>
|
2012-10-10 17:31:22 +02:00
|
|
|
<service name="PD"/>
|
|
|
|
<service name="RM"/>
|
|
|
|
<service name="CPU"/>
|
|
|
|
<service name="LOG"/>
|
|
|
|
<service name="VM"/>
|
|
|
|
</parent-provides>
|
|
|
|
<default-route>
|
|
|
|
<any-service><any-child/><parent/></any-service>
|
2017-05-07 22:36:11 +02:00
|
|
|
</default-route>
|
|
|
|
<default caps="100"/>}
|
2015-11-02 14:34:49 +01:00
|
|
|
|
|
|
|
append_if $trusted_led config {
|
2020-09-24 16:07:27 +02:00
|
|
|
<start name="platform_drv" caps="150">
|
|
|
|
<resource name="RAM" quantum="1M"/>
|
|
|
|
<provides> <service name="Platform"/> </provides>
|
|
|
|
<config>
|
|
|
|
<device name="gpio">
|
|
|
|
<io_mem address="0x53f90000" size="0x4000"/>
|
|
|
|
<irq number="56"/>
|
|
|
|
<irq number="57"/>
|
|
|
|
</device>
|
2020-11-23 17:14:19 +01:00
|
|
|
<device name="sd_card">
|
|
|
|
<io_mem address="0x50004000" size="0x4000"/>
|
|
|
|
<irq number="1"/>
|
|
|
|
</device>
|
|
|
|
<policy label="imx_gpio_drv -> "> <device name="gpio"/> </policy>
|
|
|
|
<policy label="sd_card_drv -> "> <device name="sd_card"/> </policy>
|
2020-09-24 16:07:27 +02:00
|
|
|
</config>
|
|
|
|
</start>
|
|
|
|
|
|
|
|
<start name="imx_gpio_drv">
|
2015-11-02 14:34:49 +01:00
|
|
|
<resource name="RAM" quantum="3M"/>
|
|
|
|
<provides><service name="Gpio"/></provides>
|
|
|
|
<config/>
|
2020-09-24 16:07:27 +02:00
|
|
|
<route>
|
|
|
|
<service name="Platform"><child name="platform_drv" /></service>
|
|
|
|
<any-service><parent/><any-child/></any-service>
|
|
|
|
</route>
|
2015-11-02 14:34:49 +01:00
|
|
|
</start>}
|
|
|
|
|
|
|
|
append_if $mmc_rootfs config {
|
|
|
|
<start name="timer">
|
|
|
|
<resource name="RAM" quantum="3M"/>
|
|
|
|
<provides><service name="Timer"/></provides>
|
|
|
|
</start>
|
2020-11-23 17:14:19 +01:00
|
|
|
<start name="sd_card_drv">
|
|
|
|
<binary name="imx53_sd_card_drv"/>
|
2015-11-02 14:34:49 +01:00
|
|
|
<resource name="RAM" quantum="3M"/>
|
|
|
|
<provides><service name="Block"/></provides>
|
2020-09-24 16:07:27 +02:00
|
|
|
<route>
|
2020-11-23 17:14:19 +01:00
|
|
|
<service name="Platform"> <child name="platform_drv"/> </service>
|
2020-09-24 16:07:27 +02:00
|
|
|
<any-service><parent/><any-child/></any-service>
|
|
|
|
</route>
|
2015-11-02 14:34:49 +01:00
|
|
|
</start>
|
2019-01-06 21:17:07 +01:00
|
|
|
<start name="part_block">
|
2015-11-02 14:34:49 +01:00
|
|
|
<resource name="RAM" quantum="10M" />
|
|
|
|
<provides><service name="Block" /></provides>
|
|
|
|
<route>
|
2019-05-03 22:49:19 +02:00
|
|
|
<service name="Block"><child name="imx53_sd_card_drv" /></service>
|
2015-11-02 14:34:49 +01:00
|
|
|
<any-service><parent/><any-child/></any-service>
|
|
|
|
</route>
|
|
|
|
<config>
|
|
|
|
<policy label="tz_vmm -> sda1" partition="2"/>
|
|
|
|
</config>
|
|
|
|
</start> }
|
|
|
|
|
|
|
|
append config {
|
2013-11-27 11:58:35 +01:00
|
|
|
<start name="tz_vmm">
|
2019-05-14 16:14:15 +02:00
|
|
|
<binary name="} [tz_vmm_binary] {"/>
|
2015-11-02 14:34:49 +01:00
|
|
|
<resource name="RAM" quantum="10M"/> }
|
|
|
|
|
|
|
|
if { $mmc_rootfs } {
|
|
|
|
append config "
|
|
|
|
<config>
|
2017-01-05 20:42:16 +01:00
|
|
|
<block name=\"sda1\" irq=\"$tz_vmm_block_irq\"/>
|
2015-11-02 14:34:49 +01:00
|
|
|
</config>
|
|
|
|
<route>
|
2019-01-06 21:17:07 +01:00
|
|
|
<service name=\"Block\"><child name=\"part_block\" /></service>
|
2015-11-02 14:34:49 +01:00
|
|
|
<any-service><any-child/><parent/></any-service>
|
|
|
|
</route> "
|
|
|
|
}
|
|
|
|
|
|
|
|
append config {
|
2012-10-10 17:31:22 +02:00
|
|
|
</start>
|
2015-11-02 14:34:49 +01:00
|
|
|
</config> }
|
|
|
|
|
|
|
|
install_config $config
|
|
|
|
|
|
|
|
# download and add linux
|
|
|
|
cd bin
|
|
|
|
if { $inversepath_linux } {
|
|
|
|
|
2016-03-07 10:29:45 +01:00
|
|
|
set linux_uri "http://genode.org/files/release-15.11/usb_armory_tz_vmm/linux"
|
2015-11-02 14:34:49 +01:00
|
|
|
|
|
|
|
} elseif { $freescale_linux } {
|
|
|
|
|
|
|
|
set linux_uri "http://genode.org/files/images/imx53_qsb/linux_trustzone.bin"
|
2012-10-10 17:31:22 +02:00
|
|
|
}
|
2015-11-02 14:34:49 +01:00
|
|
|
if {![file exists linux]} {
|
|
|
|
puts "Download linux binary ..."
|
|
|
|
exec >& /dev/null wget -c -O linux $linux_uri
|
|
|
|
}
|
|
|
|
exec >& /dev/null wget -O linux.md5 $linux_uri.md5
|
|
|
|
exec md5sum -c linux.md5
|
|
|
|
|
2019-05-14 16:14:15 +02:00
|
|
|
set boot_modules { core ld.lib.so init linux }
|
|
|
|
lappend boot_modules [tz_vmm_binary]
|
2012-10-10 17:31:22 +02:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
if { $dtb } {
|
|
|
|
|
|
|
|
# download and add DTB
|
2016-03-07 10:29:45 +01:00
|
|
|
set dtb_uri "http://genode.org/files/release-15.11/usb_armory_tz_vmm/dtb"
|
2015-11-02 14:34:49 +01:00
|
|
|
if {![file exists dtb]} {
|
2015-02-25 00:02:36 +01:00
|
|
|
puts "Download device tree ..."
|
2015-11-02 14:34:49 +01:00
|
|
|
exec >& /dev/null wget -c -O dtb $dtb_uri
|
2015-02-25 00:02:36 +01:00
|
|
|
}
|
2015-11-02 14:34:49 +01:00
|
|
|
exec >& /dev/null wget -O dtb.md5 $dtb_uri.md5
|
|
|
|
exec md5sum -c dtb.md5
|
|
|
|
lappend boot_modules dtb
|
2015-02-25 00:02:36 +01:00
|
|
|
}
|
2014-06-24 11:48:25 +02:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
if { $mmc_rootfs } {
|
|
|
|
|
|
|
|
# add components that enable MMC access via parvirtualized block
|
|
|
|
lappend boot_modules timer
|
2019-05-03 22:49:19 +02:00
|
|
|
lappend boot_modules imx53_sd_card_drv
|
2019-01-06 21:17:07 +01:00
|
|
|
lappend boot_modules part_block
|
2015-11-02 14:34:49 +01:00
|
|
|
|
|
|
|
# download and add rootfs
|
2016-03-07 10:29:45 +01:00
|
|
|
set rootfs_uri "http://genode.org/files/release-15.11/usb_armory_tz_vmm/rootfs"
|
2015-11-02 14:34:49 +01:00
|
|
|
if {![file exists rootfs]} {
|
|
|
|
puts "Download rootfs ..."
|
|
|
|
exec >& /dev/null wget -c -O rootfs.gz $rootfs_uri.gz
|
|
|
|
puts "Extract rootfs ..."
|
|
|
|
exec >& /dev/null gunzip rootfs.gz
|
|
|
|
}
|
|
|
|
exec >& /dev/null wget -O rootfs.md5 $rootfs_uri.md5
|
|
|
|
exec md5sum -c rootfs.md5
|
|
|
|
exec ln -sf ../../../bin/rootfs $env(PWD)/[run_dir]/rootfs
|
|
|
|
|
|
|
|
} elseif { $initrd_rootfs } {
|
|
|
|
|
|
|
|
# download and add initrd
|
|
|
|
set initrd_uri "http://genode.org/files/images/imx53_qsb/initrd.gz"
|
|
|
|
if {![file exists initrd.gz]} {
|
|
|
|
puts "Download initramfs ..."
|
|
|
|
exec >& /dev/null wget -c -O initrd.gz $initrd_uri
|
|
|
|
}
|
|
|
|
exec >& /dev/null wget -O initrd.gz.md5 $initrd_uri.md5
|
|
|
|
exec md5sum -c initrd.gz.md5
|
|
|
|
lappend boot_modules initrd.gz
|
2013-11-27 17:12:39 +01:00
|
|
|
}
|
|
|
|
cd ..
|
|
|
|
|
2020-09-24 16:07:27 +02:00
|
|
|
lappend_if $trusted_led boot_modules imx_gpio_drv
|
|
|
|
lappend_if $trusted_led boot_modules platform_drv
|
2015-11-02 14:34:49 +01:00
|
|
|
|
2015-02-25 00:02:36 +01:00
|
|
|
build_boot_image [join $boot_modules " "]
|
2013-11-27 11:58:35 +01:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
if { $inversepath_linux } {
|
2014-06-24 11:48:25 +02:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
# execute and wait for console
|
|
|
|
run_genode_until "Debian GNU/Linux 7 usbarmory console\n" 220
|
2014-06-24 11:48:25 +02:00
|
|
|
|
2015-11-02 14:34:49 +01:00
|
|
|
} elseif { $freescale_linux } {
|
|
|
|
|
|
|
|
# execute and wait for console
|
|
|
|
run_genode_until {.*\/ #.*} 220
|
|
|
|
set serial_id [output_spawn_id]
|
|
|
|
|
|
|
|
# wait for network to settle down
|
|
|
|
send -i $serial_id "sleep 5\n"
|
|
|
|
|
|
|
|
# test network
|
|
|
|
send -i $serial_id "wget http://genode.org/\n"
|
|
|
|
run_genode_until "Connecting to genode.org" 10 $serial_id
|
|
|
|
run_genode_until {.*\/ #.*} 30 $serial_id
|
|
|
|
}
|