Hi experts,
Recently I want to conduct one secure-related scanning in TrustZone for some NS kernel memory.
To do this, I need at first reporting the PA of the memory from NS kernel. My idea is developing a kernel module to achieve the goal.
I write the kernel module for NS OS looks like these:
static int test_value=1234; volatile void *k_last_vaddr=NULL; k_last_vaddr=(volatile void *)&test_value; printk(KERN_INFO "\nTest value virtual ADDRESS: %p.\n",k_last_vaddr); printk(KERN_INFO "Test value translated ADDRESS: %llx.\n",virt_to_phys(k_last_vaddr));
By running this kernel module, I get the following result:
[ 1298.691982] Test value virtual ADDRESS: ffffff80008d0758. [ 1298.698825] Test value translated ADDRESS: 788d0758.
I think the function virt_to_phys doesn't return me the real PA since the DRAM0's PA should start from 0x80000000.
After reading some related documents (e.g., the page 1-25 of this document), I find that for EL0 / EL1 applications, they could only translate VA to IPA while I'm not sure this is my case or not.
So I want to ask two things:
1) By using virt_to_phys in NS kernel module, do I get the PA or IPA of a variable?
2) If it's IPA, is that possible for me to report the real PA from NS side?
Thank you very much.
PS: I set up my Juno board according to the instruction .
The kernel is generally unware whether it's virtualized or not, so the calls will give you an IPA. But, as Yuping says, with no stage2 IPA==PA. Not sure if the support added for KVM provides any hooks you can use, but there are a range of ARM instructions to do what you want (provide a PA for a given VA input). See: infocenter.arm.com/.../index.html & look for the section on A64 system instructions for address translation