8393ac6895
* Introduces Schedule_context * Use fast-interrupts or normal interrupts * Add mode-transition between secure/non-secure world * Limit system resources for Genode apps due to non-secure world This commit implements the newly introduced Vm session interface to be used on top of TrustZone capable Armv7 CPUs. Therefore a new Schedule_context is introduced in the kernel. Threads and Vms are both Schedule_contexts used by the scheduler. In contrast to a thread a vm uses a different assembler mode switch to the non-secure, virtual world, as well as another exception is used, when the non-secure world is left. For both worlds to co-exist the interrupt-controller needs to be configured, so that the secure (Genode) world uses fast-interrupts only, and the non-secure world only legacy interrupts. The only TrustZone capable platform the base-hw kernel works on top of is the CoreTile Express 9x4 for the Versatile Express motherboard. For a virtual machine working properly on top some platform resources must be reserved. Therefore there exist two flavours of this platform now, one with the 'trustzone' spec-variable enabled, and one without. If 'trustzone' is specified most platform resources (DDR-RAM, and most IRQs) are reserved for the Vm and not available to the secure Genode world.
74 lines
1.8 KiB
C++
74 lines
1.8 KiB
C++
/*
|
|
* \brief Core-specific instance of the VM session interface
|
|
* \author Stefan Kalkowski
|
|
* \date 2012-10-08
|
|
*/
|
|
|
|
/*
|
|
* Copyright (C) 2012 Genode Labs GmbH
|
|
*
|
|
* This file is part of the Genode OS framework, which is distributed
|
|
* under the terms of the GNU General Public License version 2.
|
|
*/
|
|
|
|
#ifndef _CORE__INCLUDE__VM_SESSION_COMPONENT_H_
|
|
#define _CORE__INCLUDE__VM_SESSION_COMPONENT_H_
|
|
|
|
/* Genode includes */
|
|
#include <base/allocator.h>
|
|
#include <base/rpc_server.h>
|
|
#include <vm_session/vm_session.h>
|
|
#include <dataspace/capability.h>
|
|
|
|
/* Core includes */
|
|
#include <dataspace_component.h>
|
|
|
|
namespace Genode {
|
|
|
|
class Vm_session_component : public Rpc_object<Vm_session>
|
|
{
|
|
private:
|
|
|
|
Rpc_entrypoint *_ds_ep;
|
|
Range_allocator *_ram_alloc;
|
|
unsigned long _vm_id;
|
|
void *_vm;
|
|
addr_t _ds_addr;
|
|
Dataspace_component _ds;
|
|
Dataspace_capability _ds_cap;
|
|
|
|
static size_t _ds_size() {
|
|
return align_addr(sizeof(Cpu_state_modes),
|
|
get_page_size_log2()); }
|
|
|
|
addr_t _alloc_ds(size_t *ram_quota)
|
|
{
|
|
addr_t addr;
|
|
if (_ds_size() > *ram_quota ||
|
|
!_ram_alloc->alloc_aligned(_ds_size(), (void**)&addr,
|
|
get_page_size_log2()))
|
|
throw Root::Quota_exceeded();
|
|
*ram_quota -= _ds_size();
|
|
return addr;
|
|
}
|
|
|
|
public:
|
|
|
|
Vm_session_component(Rpc_entrypoint *ds_ep,
|
|
Range_allocator *ram_alloc,
|
|
size_t ram_quota);
|
|
~Vm_session_component();
|
|
|
|
|
|
/**************************
|
|
** Vm session interface **
|
|
**************************/
|
|
|
|
Dataspace_capability cpu_state(void) { return _ds_cap; }
|
|
void exception_handler(Signal_context_capability handler);
|
|
void run(void);
|
|
};
|
|
}
|
|
|
|
#endif /* _CORE__INCLUDE__VM_SESSION_COMPONENT_H_ */
|