Attempting to boot Zephyr w/ MultiZone about multizone-sdk HOT 8 CLOSED

Please post the content of your multizone.cfg file

from multizone-sdk.

Also make sure you take a good look at the boot code example on branch https://github.com/hex-five/multizone-sdk/tree/example/boot-code and in particular to the stub https://github.com/hex-five/multizone-sdk/blob/example/boot-code/bsp/X300/boot/main.c

from multizone-sdk.

I left the multizone.cfg untouched, I saw the same results when joining the Zephyr sample with and without zones 2-4 in the multizone.jar.

Copyright(C) 2020 Hex Five Security, Inc. - All Rights Reserved
MultiZone reserved memory: 8K @0x20010000, 6K @0x80000000
Tick = 10 # ms
Zone = 1
#irq = 3 # DMA
plic = 3 # UART
base = 0x20012800; size = 30K; rwx = rx # FLASH
base = 0x80001800; size = 4K; rwx = rw # RAM
base = 0x10013000; size = 0x100; rwx = rw # UART
Zone = 2
#irq = 20, 21, 22 # BTN0 BTN1 BTN2 (CLINT)
base = 0x2001A000; size = 8K; rwx = rx # FLASH
base = 0x80002800; size = 2K; rwx = rw # RAM
base = 0x10025000; size = 0x100; rwx = rw # PWM LED
base = 0x10012000; size = 0x100; rwx = rw # GPIO
Zone = 3
base = 0x2001C000; size = 8K; rwx = rx # FLASH
base = 0x80003000; size = 2K; rwx = rw # RAM
base = 0x10012000; size = 0x100; rwx = rw # GPIO
Zone = 4
base = 0x2001E000; size = 8K; rwx = rx # FLASH
base = 0x80003800; size = 2K; rwx = rw # RAM

Looking at those links you posted

from multizone-sdk.

We're looking into using Zephyr as our RTOS for MultiZone, similar to how the MultiZone IoT SDK can use a different RTOS such as FreeRTOS, however that SDK doesn't have a board support package for the HiFive1 Rev B (FE310). Is it possible to replace the RTOS in the TEE here?

from multizone-sdk.

MultiZone protects the execution of any binaries without requiring modifications to the code. So it realy doesn't matter what's in the zones' HEX files as long as it pleases the CPU. It can be bare metal, assembly, C, ADA, FreeRTOS, Zephyr, Linux, hypervisors, mysterious proprietary / legacy stuff, etc. In fact, you can put total trash in the binary images and MultiZone will still safely run the remaining zones without interference.

If you want to run one or more Zephyr-based binaries, you have to map these binaries to zones and configure the security setting in the multizone.cfg file. The --boot option is for hardware setup / OEM low-level code that runs only once, at boot, and is then tossed upon starting the protected execution of the zones.

To your 2nd question: The reason why the MultiZone IoT SDK doesn't provide board support for the HiFive1 Rev B (FE310) is that this SoC has only 16KB of RAM, which makes it unsuitable for any practical application involving cryptograpy and/or TLS secure communications, like the MultiZone IoT SDK secure firmware.

from multizone-sdk.

Hello Cesare and thank you for your help sir. We have spent a good bit of time trying to make this work with no success. We feel that we are close but it's possible that we are not. Is there a guide on how to configure Multizone to load a third-party OS like Zephyr or FreeRTOS? It would be a huge help to our team if we had this level of direction. The examples involve a baremetal application or the Multizone RTOS kernel and we have been able to do these successfully. However, our current step seems to need special knowledge we do not possess. Thanks again

from multizone-sdk.

Closing per request of the filer.

Note: some user comments moved to https://hex-five.com/faq/

from multizone-sdk.

@STashakkori
You have been temporarily banned from all Hex Five's repositories until you show more respect for the hard work of the many people involved in these projects.

from multizone-sdk.