This repository explains how to evaluate the artifact for our paper:
Rushmore: Securely Displaying Static and Animated Images Using TrustZone (MobiSys'21)
We aim for the following two badges:
- Artifacts Evaluated - Functional: our system can be built correctly.
- Artifacts Available: we make source code publicly available with instructions.
For the "Artifacts Evaluated - Functional" badge, we explain how to build our system below (Build-Only Instructions).
For the "Artifacts Available" badge, we make our source code available in this repo. The full instructions on how to build, flash, and test our system are available here. However, the full instructions require the same board and the display that we use.
We provide a VirtualBox VM image (Ubuntu, 8.7GB) containing all required packages, prebuilt AOSP images (Nougat-7.1.1), the source code for Rushmore, and all environmental settings prepared. The AOSP prebuilt images are only necessary for flashing and testing Rushmore when following the full instructions.
From this link, download the VM image and install it using VirtualBox Manager with the following settings:
[OS Type] Linux
[Version] Ubuntu (64-bit)
[Memory] 4096 MB (recommended)
[Hard Disk] Check "Use an existing virtual hard disk file" and use the provided image
Start up the created machine above and use the following Ubuntu account to login:
ID: rushmore
PWD: rushmore2021After installing and booting the VM image, you can go to the root directory of Rushmore as follows.
$ cd ~/RushmoreThe directory has Android 7 (Nougat) prebuilt images (~/Rushmore/aosp-src) and Rushmore source code (~/Rushmore/rushmore).
As the first step to build Rushmore, compile U-Boot with the following commands:
~/Rushmore$ cd rushmore/u-boot-imx6
u-boot-imx6$ export ARCH=arm
u-boot-imx6$ export CROSS_COMPILE=arm-linux-gnueabihf-
u-boot-imx6$ make nitrogen6q_defconfig
u-boot-imx6$ make -j2This should produce the following files in the same directory.
u-boot.xxx(xxx: bin, cfg, cfgout, imx, lds, map, srec, sym)
As the second step, compile the Linux kernel (for the normal world) and the Rushmore kernel (for the secure world) as follows.
u-boot-imx6$ cd ..
rushmore$ python3 build/compile.py optee This should produce the following output in out/.
zImage(the Linux kernel image that will replace the kernel image in original AOSP)sImage(the Rushmore kernel image that will run in the secure world)imx6q-sabrelite.dtb(the device table of the newly created Linux kernel)smc_driver.ko(the Rushmore driver to enable SMC calls between the normal world and the secure world)
As the third step, compile the Rushmore library (for the normal world) that app developers can use as follows.
rushmore$ cd librushmore
librushmore$ makeThis should produce the following output in the same directory.
librushmore.alibrushmore.so
As the last step, build the boot script for U-Boot as follows.
librushmore$ cd ../bootscript
rushmore/bootscript$ makeThis should produce the following output in the same directory.
rushmore_bootscript.scr
This concludes all the steps to build all required images for Rushmore and the boot script.