Support for ARM TrustZone in QEMU
TrustZone provides a separation mechanism used for firmware, security and virtualisation layers. Only a very basic shim is currently supported in Linaro QEMU (and non upstream). Support is likely to become more important on platforms that provide complex TrustZone interfaces, and with virtualisation.
Whiteboard
NB: somebody else appears to have been working in this area:
https:/
Haven't looked much at the code but judging from the commit log it is reasonably complete featurewise.
Work Items
Work items:
Pull appropriate bits of monitor mode and SMC implementation from meego patches: TODO
Bank all the required CP15 registers for secure/nonsecure mode: TODO
Modify interrupt entry to select appropriate mode for entry based on security configuration: TODO
Modify GIC to restrict modification of secure interrupts to be done from secure mode: TODO
Modify MMU/TLB walk code to examine NS bits and use correct (banked, etc) cp15 regs: TODO
Add new QEMU "MMU modes" for "secure user" and "secure priv" so they get different QEMU TLBs to nonsecure: TODO
Make CPU start properly in secure mode: TODO
Make relevant CPUs have trustzone feature bit, confirm this doesn't break existing images: TODO
Test that omap3_boot's use of trustzone works OK: TODO
Implement at least some of the A9 Versatile Express trustzone hardware: TODO
Provide a simple piece of monitor mode setup/test code: TODO
Test with more complicated trustzone images if available: TODO
Clean up patchset and submit upstream: TODO
Handle issues raised in code review: TODO
