From: "loïc tourlonias" <loic.tourlonias@gmail.com>
To: "Valdis Klētnieks" <valdis.kletnieks@vt.edu>
Cc: Raul Piper <raulpblooper@gmail.com>,
kernelnewbies <kernelnewbies@kernelnewbies.org>
Subject: Re: Does FreeRTOS works on Linux?
Date: Tue, 11 May 2021 09:54:14 +0200 [thread overview]
Message-ID: <CA+XxOSEhAU+SsaRJGDdvCHUM-mrfUJftdayGB-DcCwRA=+T56g@mail.gmail.com> (raw)
In-Reply-To: <499618.1620704647@turing-police>
On Tue, May 11, 2021 at 5:44 AM Valdis Klētnieks
<valdis.kletnieks@vt.edu> wrote:
>
> On Sun, 09 May 2021 08:40:56 +0200, loïc tourlonias said:
>
> > related to our architecture. We are working on a ARM Cortex-A7 which
> > have an isolation between a normal world and a secure world. Linux is
> > working on the normal world for the UI and FreeRTOS is running on the
> > secure world.
>
> Is there an easily comprehensible explanation of how that whole ARM normal/secure
> stuff is supposed to work?
I'll try to explain shortly. On ARM Cortex-A family, the core has two
isolated worlds (normal/secure). The two worlds have their own context
(register, stack ...) and the normal world have less privileges than
the secure world.
The core starts in the secure world and the secure software configures
the context of the normal world before giving the execution to the
normal world with a specific ARM instruction SMC 0.
The communication between normal and secure worlds is done through
SMC. When the normal world requires privileged access (secure clock
configuration for example), it askes the secure world the access by
calling a SMC instruction (with a specific ID), then a SMC exception
is triggered in the secure context. The secure monitor catches this
exception and handles it before returning to the normal world.
I haven't found any block diagram or data flow to explain this.
I've only found some useful links from ARM community:
https://www.microcontrollertips.com/embedded-security-brief-arm-trustzone-explained/
https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/architecting-more-secure-world-with-isolation-and-virtualization
HTH
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
prev parent reply other threads:[~2021-05-11 7:54 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-05 18:07 Does FreeRTOS works on Linux? Raul Piper
2021-05-05 19:30 ` loïc tourlonias
2021-05-06 14:42 ` Raul Piper
[not found] ` <YJTgOwiVQxyc8oyx@kroah.com>
[not found] ` <CAEwN+MBHdNQ8idf77GAshkgjrbxg84Lz+un4_12QW=Qo4nMhLg@mail.gmail.com>
2021-05-08 8:46 ` Greg KH
2021-05-09 6:40 ` loïc tourlonias
2021-05-11 2:39 ` jim.cromie
2021-05-11 3:44 ` Valdis Klētnieks
2021-05-11 7:54 ` loïc tourlonias [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CA+XxOSEhAU+SsaRJGDdvCHUM-mrfUJftdayGB-DcCwRA=+T56g@mail.gmail.com' \
--to=loic.tourlonias@gmail.com \
--cc=kernelnewbies@kernelnewbies.org \
--cc=raulpblooper@gmail.com \
--cc=valdis.kletnieks@vt.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.