Support fake-TrustZone mode in QEMU
QEMU doesn't currently support full TrustZone emulation, and it's not possible under KVM in any case. We have a plan for a "fake" TrustZone implementation which is sufficient for a custom boot ROM implementation to provide the support for a stock guest kernel which expects to run in the NonSecure world. (See http://
Blueprint information
- Status:
- Not started
- Approver:
- Michael Hope
- Priority:
- Medium
- Drafter:
- Peter Maydell
- Direction:
- Needs approval
- Assignee:
- Peter Maydell
- Definition:
- Drafting
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
This used to be a dependency of kvm-development, but in fact it's not really KVM specific and at the moment it looks like we can happily get away without it (there doesn't seem to be anything on A15 that would require a Linux kernel in non-secure mode to make SMCs, so we don't need a fake-monitor-mode).
The work is still worth doing as part of getting omap3 stuff out of the qemu-linaro patchstack.
Work Items
Work items:
Document the general principles somewhere: TODO
Make sure we have implementations of all the TZ registers: TODO
Implement SMC and fake-monitor mode: TODO
Test that this all works OK for omap3: TODO
Get patches upstream: TODO