OSDev.org

The Place to Start for Operating System Developers
It is currently Mon Sep 16, 2019 10:31 pm

All times are UTC - 6 hours




Post new topic Reply to topic  [ 18 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: qemu -M raspi[23] timer
PostPosted: Tue Jul 16, 2019 1:34 am 
Offline

Joined: Sat Jul 21, 2018 3:08 am
Posts: 11
zaval wrote:
I think, that Secure World devised by ARM is way more interesting, not to mention - useful, than HV. I am very eager to try it on my own, unfortunately, am not ready yet. :mrgreen: For an osdev, this feature opens a lot of challenges and fun. Unfortunately, not every vendor is ready to give it to you. I guess, Monitor Mode/EL3 availability on some platforms yet is a temporary goody, thanks to overlooking this by clumsy a little vendors like Allwinner, Rockchip etc. Eventually they will "grow up", get toothier and lock that down, not doing anything useful there by themselves and not letting anybody else. Just like TI does.


Hi zaval,

May I ask you, what do you think is so good about Secure World? I though about it a couple of times but did not find an interesting application yet... I must have been searching in the wrong place.

Thanks


Top
 Profile  
 
 Post subject: Re: qemu -M raspi[23] timer
PostPosted: Thu Jul 18, 2019 4:39 pm 
Offline
Member
Member
User avatar

Joined: Fri Feb 17, 2017 4:01 pm
Posts: 386
Location: Ukraine, Bachmut
Anything would be better, than HV. :mrgreen: Well, about searching in a right place, try ARM site, they have a paper on TrustZone, it gives you insights on what it could be used for and its capabilities. TrustZone, PSCI, ATF are keywords.
What's interesting in the Secure World? It's up to your OS design, of course, how extensively you are going to use Secure Extension (SE), if anyhow, but generally speaking, every OS has some kind of Security Subsystem. It provides many security related functions - from access control and secure account management to cryptographical APIs. So, this SE strengthens your Security Subsystem, because it gives you a hardware for it, it's much harder to "crack" it. You can put there something as simple as gateway system services (calls)-like set, that other components may invoke or as complex as running there entire different (Secure) OS, if needed. I didn't get to it yet, honestly, so I can't say what I would want to do with it, I am still Insecure for now. :lol: But looking over its features, it's rather obvious, that it's something really valuable, that definetely can find its way for providing people valuable features, usability. The fact it's now laying dormant with linux, shouldn't be considered as a proof of its unusefulness, linux never was famous for being innovative. Oh, look, I am again talking about how I dislike linux, instead of advertising SE. :D
Just a primitive example - Secure World has its own secure memory, totally inaccessible even from kernel (its insecure parts). So, your security subsystem may put there over-sensitive data and given, that access to them is possible only through the very strict gateway mechanism, the attack surface gets minimized and even intrusion into the kernel wouldn't be able to let a maluser get those data. Or vulnerabilities like Spectre, Meltdown, they won't help to guess those data either. Now elaborate on this, depending on what your system is (going to be), these capabilities definitely could be very useful. Couldn't they? There might be secure peripherals as well, - yet one field for desing considerations. Finally, Secure World handles Reset/Shutdown, idle, secondary CPUs bring up, big.LITTLE migration.

_________________
future big goal: ANT - NT-like OS for mips, arm and x86.
current smaller goal: efify - UEFI for a couple of boards (mips and arm).


Top
 Profile  
 
 Post subject: Re: qemu -M raspi[23] timer
PostPosted: Mon Jul 22, 2019 8:40 am 
Offline
Member
Member
User avatar

Joined: Mon May 22, 2017 5:56 am
Posts: 140
On tone: I've found out the hard way it's not a good idea to express anger against presumed bad moves of an organization. There's pretty-much always an acceptable (or at least understandable) reason. This has not yet stopped me expressing such anger. I have so much practice at it, it's like it's got its own inertia!

_________________
Wir mussen wissen, wir werden wissen.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ]  Go to page Previous  1, 2

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group