在ZedBoard例子,运行ARM的TrustZone安全/正常的世界&QUOT [英] Running ARM TrustZone Secure/Normal world"example on the ZedBoard
问题描述
有谁知道如何实现运行的安全世界和正常世界的TrustZone的例子下面的ARM文档网站上的ZedBoard给出?关于这个问题(在ZedBoard运行的TrustZone)的任何文件将是有帮助的。
Does anyone know how to implement the example of TrustZone running "Secure world" and "Normal world" given on the ARM documentation website below on the ZedBoard? Any documentation on this subject (running TrustZone on the ZedBoard) would be also helpful.
的http://信息中心.arm.com /帮助/ index.jsp的?主题= / com.arm.doc.faqs / ka15417.html
该ZedBoard有一个赛灵思:Zynq®-7000所有可编程SoC的双基于ARM®Cortex™-A9 MPCore的™。在ZedBoard的更多信息可以在这里找到:
The ZedBoard has a Xilinx : Zynq® -7000 All Programmable SoC Dual ARM® Cortex™-A9 MPCore™. More information on the ZedBoard can be found here:
http://www.zedboard.org/content/overview
推荐答案
这是一个广泛的话题。希望下面的一些信息会有所帮助。
This is a broad topic. Hopefully some of the following information will help.
首先只是去行话一点点,SOC ==系统芯片。
First off just to de-jargon a little, SOC == system-on-a-chip.
Digilent公司,董事会的制造商,拥有您的主板支持的一些文件,如果你有机会到Xilinx工具链。因此,首先,如果你去的http://www.digilentinc.com/Products/Detail.cfm?NavPath=2,400,1028&Prod=ZEDBOARD在底部,你会发现两个文件命名为LT为Linux的ISE硬件设计&;版本号方式>
Digilent, the board's manufacturer, has some support files for your board if you have access to the Xilinx toolchain. So first, if you go to http://www.digilentinc.com/Products/Detail.cfm?NavPath=2,400,1028&Prod=ZEDBOARD , at the bottom, you will find two files named "Linux Hardware Design for ISE" <version number>.
另外假设你使用赛灵思开发工具,如果你浏览到赛灵思/&LT;版本Number>/ISE_DS/EDK/hw/XilinxProcessorIPLib/pcores/axi_interconnect_v1_06_a/doc/ds768_axi_interconnect.pdf ,你会发现你的板采用AXI中断控制器上的信息。这包括它支持的TrustZone和真正使用它的一些信息的事实。
Also assuming you are using the Xilinx development tools, if you browse to Xilinx/<Version Number>/ISE_DS/EDK/hw/XilinxProcessorIPLib/pcores/axi_interconnect_v1_06_a/doc/ds768_axi_interconnect.pdf , you will find information on the AXI interrupt controller your board uses. This includes the fact that it supports TrustZone and some information on actually using it.
接下来,如果你去 http://zedboard.org/content/creating-custom-外围,你会发现在打外围设备的一些指令。我把这个引号是因为实际上该设备的可编程逻辑内完全存在;这是不是你插入micro USB接口或者你会认为传统作为周边的东西。
Next, if you go to http://zedboard.org/content/creating-custom-peripheral, you will find some instructions on making a "peripheral" device. I put this in quotes because the device in fact exists completely within the programmable logic; it's not something you plug into the micro usb port or what you'd traditionally think of as a "peripheral".
在本教程的最后,还有一个链接,这将帮助您从外围读取数据。
At the end of the tutorial, there is also a link that will help you read data from your peripheral.
如果您重复所有步骤,包括在您最初下载的zip的system.xmp文件,然后你会发现所有繁重的任务,我们为你做的。在你已经堵塞,并准备去AXI总线已经与TrustZone的,刚准备和等待着你去勾一点点的hello world装置,它可以在中断控制器。
If you repeat all those steps with the system.xmp file included in the zip you initially downloaded, then you'll notice all the heavy lifting has been done for you. You have a plugged in and ready to go interrupt controller on the AXI bus already that works with TrustZone, just ready and waiting for you to hook a little hello world device to it.
但是,你有什么打算与世界你好设备呢?如果您在装配为你链接到教程看,你会发现在他们谈论了很多关于所谓安全配置寄存器的评论看。如果您的处理器的文档中进行查找(在资源部分在这里, HTTP ://www.arm.com/products/processors/cortex-a/cortex-a9.php )并搜索术语的TrustZone的扩展名(目前第34页,但是,显然这是可能发生变化),则终有一天会发现一个链接,详细说明该寄存器另一页。这是相同的注册,他们在本教程中在理论上使用,这样,如果你有一个值得信赖的执行环境设置,你现在可以做的hello world教程工作(主要是,你会很可能想要做他们在做什么装配有任何VHDL或Verilog code和刚刚露出结果的地方容易在C读)。
But what are you going to do with that hello world device? If you look in the assembly for the tutorial you linked to, you'll see in the comments they talk a lot about something called the "Secure Configuration Register". If you look in your processor's documentation (in the resources section here, http://www.arm.com/products/processors/cortex-a/cortex-a9.php) and search for the term "TrustZone extensions" (currently page 34 although obviously that's subject to change), you'll find a link to another page detailing this register. This is the same register they use in the tutorial, so in theory, if you have a trusted execution environment set up, you can now make the hello world tutorial work (mostly; you're going to likely want to do what they do in assembly with either vhdl or verilog code and just expose the results somewhere easy to read in C).
现在我刚才提到的一切只会让你接触到的TrustZone数据在AXI总线。为了做到任何与这个有趣的,你将有实际创造一个安全的世界和正常世界的阅读。否则,你放在一起的演示将只打印你好,从安全的世界(或不正确的功能)。因此,这是解压该教程您链接到真正阅读他们的源将支付股息。
Now everything I have just mentioned will merely get you access to the TrustZone data in the AXI bus. In order to do anything interesting with this, you are going to have to actually create a secure world and normal world to read from. Otherwise any demo you put together will merely print "Hello from Secure World" (or function incorrectly). So this is where unzipping that tutorial you linked to and really reading their source will pay dividends.
虽然我的回答到现在为止也是不完整的,因为你的链接的Hello World教程的目的不是教你如何建立规范的世界(也可能是监测世界)开始。它在的readme.txt明确地说。所以,阅读源不会帮你。对于这一点,你会需要链接的http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html 。有大量的信息有,但它的目的是作为一个参考和前两章,在我的愚见,只是我喜欢称之为skipable味道的文字。但如果你有时间可以浪费了一些有趣的是和翔实尽可能一般的安全理论。第3章将开始教你如何制定的TrustZone。
Although my answer up until now is also incomplete, as the Hello World tutorial you linked isn't designed to teach you how to create Normal World (and possibly Monitor World) to begin with. Which it says explicitly in the ReadMe.txt . So reading the source won't help you with that. For that, you're going to need the link http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html . There's a lot of info there but it's intended as a reference and the first two chapters, in my humble opinion, are just what I like to call "skipable flavor text". Although if you do have time to waste some of it is fascinating and informative as far as security theory in general. Chapter 3 will begin to teach you how to develop for TrustZone.
但希望我提供的服务将它变成少你一个权限问题,并为更多的教育问题的信息。我还在自己的教育上这个东西。
But hopefully the information I provided will turn this into less of a permissions problem for you and into more of an education problem. I'm still educating myself on this stuff.
这篇关于在ZedBoard例子,运行ARM的TrustZone安全/正常的世界&QUOT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
