* Re: MAIR_EL2 Attributes
2017-10-24 15:41 ` Christoffer Dall
@ 2017-10-25 6:56 ` Raz
0 siblings, 0 replies; 3+ messages in thread
From: Raz @ 2017-10-25 6:56 UTC (permalink / raw)
To: Christoffer Dall, kvmarm
[-- Attachment #1.1: Type: text/plain, Size: 2208 bytes --]
On Tue, Oct 24, 2017 at 3:41 PM, Christoffer Dall <cdall@linaro.org> wrote:
> Hi,
>
> On Mon, Oct 23, 2017 at 09:33:28PM +0000, Raz wrote:
> > 1. According the documentation of MAIR_EL2 there are 8 attributes but
> > in the code you present only 6. Why ?
>
> I just don't think we need those other defines.
>
> > 2. Why there are names to the attributes ? Does it make a difference if I
> > assign
> > an attribute index 2 or attribute index 0 in the page while the two attr
> >
>
> I'm not entirely sure what you're asking here.
>
> Can you try to explain what the background of your question is?
>
Well, I wrote a thin hypervisor. The hypervisor is used to execute
protected code in a trusted environment , in this case EL2 is the trusted
environment.
The flow is as follows: Consider a function foo() :
..
int foo() {
return 19;
}
..
After g++ compilation:
_Z3foov():
mov w0, #0x13
ret
Now let say you want to run foo() in a trusted environment. To do that we
encrypt foo() and add its encrypted form as a new section to the program's
ELF. The old foo() is replaced
by opcodes that generates a trap.I chose brk:
_Z3foo():
brk
brk
Now, Whenever an encrypted program is executed , the moment it execute the
brk command, it traps into the hypervisor. The hypervisor decrypts foo and
executes it in EL2.
That's about it.
The essence of this idea is that I never let foo() code be visible to the
operating system.
My main obstacle now is performance ( I am 20 times slower) as at the
moment I have to flush the cache. I need to implement a cache write back
and this is done by manipulating mair_el2 and
the page descriptor.
Kind regards
Raz
>
>
> I think these defines are just the way Linux configures the page tables.
>
>
> > /*
> > * Memory types available.
> > */
> > #define MT_DEVICE_nGnRnE 0
> > #define MT_DEVICE_nGnRE 1
> > #define MT_DEVICE_GRE 2
> > #define MT_NORMAL_NC 3
> > #define MT_NORMAL 4
> > #define MT_NORMAL_WT 5
>
> -Christoffer
>
--
https://sites.google.com/site/ironspeedlinux/
[-- Attachment #1.2: Type: text/html, Size: 3831 bytes --]
[-- Attachment #2: TEEinARM.pdf --]
[-- Type: application/pdf, Size: 344669 bytes --]
[-- Attachment #3: Type: text/plain, Size: 151 bytes --]
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
^ permalink raw reply [flat|nested] 3+ messages in thread