Sorry for the delayed response.
The only way I can think your Linux VM can access the ELF image is if you configure the instance with pass-through access to the reader device. You can prevent the VM instance from having access to the SD card by ensuring you aren't passing through the untyped mmio's and irqs that correspond to the SD card reader device e.g. ensuring its not in either of the 'dtb', 'untyped_mmio' and 'irqs' fields in the vm component configuration (https://bitbucket.ts.data61.csiro.au/projects/SEL4PROJ/repos/camkes-arm-vm/b...). ________________________________ From: Devel email@example.com on behalf of Michael Neises firstname.lastname@example.org Sent: Saturday, October 12, 2019 3:48 AM To: email@example.com firstname.lastname@example.org Subject: [seL4] Fwd: camkes vm question
In my system, sel4 is loaded by u-boot from an sd card that contains only an ELF image. I would like to store some sensitive data in plaintext for use in a non-vm component, but I worry that it can be read from the ELF image. Can this sd card data be accessed from within a linux vm instance? Or otherwise, is it certain that the vm cannot access this data?
Best, Michael Neises