From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web11.6173.1591777070265348711 for ; Wed, 10 Jun 2020 01:17:50 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ard.biesheuvel@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id DF8D91F1; Wed, 10 Jun 2020 01:17:48 -0700 (PDT) Received: from localhost.localdomain (unknown [10.37.8.184]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 505B93F6CF; Wed, 10 Jun 2020 01:17:47 -0700 (PDT) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Michael D Kinney , Liming Gao , Jiewen Yao , Sami Mujawar , Ilias Apalodimas Subject: [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable Date: Wed, 10 Jun 2020 10:17:35 +0200 Message-Id: <20200610081740.54581-1-ard.biesheuvel@arm.com> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable It is not always possible to deploy the standalone MM core in a way where the runtime address is known at build time. This does not matter for most modules, since they are relocated at dispatch time. However, for the MM core itself, it means we need to do some extra work to relocate the image in place if it ends up at a different offset than expected. On AARCH64, the standalone MM stack is deployed inside a non-privileged secure world container which only has limited control over its memory mappings, and so we need to ensure that the executable code itself is free of absolute quantities that need to be fixed up. This is very simila= r to how shared libraries are constructed, given that pages can only be shared between processes if they are not modified, even by the dynamic loader. So we can use this support to emit the standaline MM core in a way that guarantees that the executable code does not need to modify itself (patch #4) Patch #5 adds the actual code to perform the self relocation after the .data section has been made writable and non-executable. Note that the PE/COFF library code modifies the header in place, and so in the case where we need to perform the runtime relocation, we need to remap the header page writable and non-executable as well. The remaining patches are optimizations and fixes I picked up along the way. Cc: Michael D Kinney Cc: Liming Gao Cc: Jiewen Yao Cc: Sami Mujawar Cc: Ilias Apalodimas Ard Biesheuvel (5): MdePkg/BasePrintLib: avoid absolute addresses for error strings StandaloneMmPkg/Core: fix bogus FV pointer in DEBUG string StandaloneMmPkg/Core: add missing GUID reference StandaloneMmPkg: generate position independent code for StMM core StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the fly StandaloneMmPkg/Core/StandaloneMmCore.inf = | 5 +++++ StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntry= Point.inf | 3 +++ StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h = | 2 ++ MdePkg/Library/BasePrintLib/PrintLibInternal.c = | 2 +- StandaloneMmPkg/Core/Dispatcher.c = | 2 +- StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermission= s.c | 11 +++++++--- StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmC= oreEntryPoint.c | 22 ++++++++++++++++++++ 7 files changed, 42 insertions(+), 5 deletions(-) --=20 2.26.2