Hi,
I just got a raspberry pi 2 and I'd like to play with Trustzone.
People on the Raspberry forum http://www.raspberrypi.org/forums/viewtopic.php?p=697474#p697474 explained me how to
get my hand on the boot of the 4 core A7 CPU, and I managed to boot my kernel (at 0x8000) in monitor mode, thus I can
do pretty much whatever I want (by replacing the 'movs pc, lr' by a 'bx lr' at the end of the secure_monitor, cf line 50 at http://pastebin.com/rgGgBuTN).
However, I'm trying to understand the code they gave me, and I noticed some really weird situation:
- If I replace the 'smc #0' instruction line 80 with a 'cps #MON_MODE' followed by the body of the _secure_monitor handler, the boot hangs (see http://pastebin.com/TngpAmt1)
I thought that 'smc' only updated cpsr, sprs and lr. Is an explicit 'smc' instruction is required to successfully initialize a cortex A7 ?
- In the _secure_monitor, if I do not set SCR.NS to 1, I expected to stay in secure mode, but the boot hangs
- However, once I reached my code (0x8000), I can change SCR.NS any way I want.
I'm really not familiar with CPU initialization and SMP context, any help to understand what is happening is welcome !
Best,
Vincent
In the _secure_monitor, if I do not set SCR.NS to 1, I expected to stay in secure mode, but the boot hangs
Does the default board setup actually set up any secure resources?
In "normal" operation the system is flipped over to non-secure during boot, so I would expect most of the memory and peripherals to also have been configured as non-secure so that Linux / Android / etc is able to use them. In your case you need some secure resources to be available to the software (or secure page tables configured to access non-secure memory areas - although this doesn't carry any security benefits).
HTH, Pete
To my knowledge, the board does not initialize anything except for this small boot code that you can disable if you want (see my answer to Matt for the details). In this configuration, I am sure to boot in monitor mode with the MMU turned off.