From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f67.google.com (mail-wm1-f67.google.com [209.85.128.67]) by mx.groups.io with SMTP id smtpd.web10.7527.1591784512598487444 for ; Wed, 10 Jun 2020 03:21:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=ytRyHAdq; spf=pass (domain: linaro.org, ip: 209.85.128.67, mailfrom: ilias.apalodimas@linaro.org) Received: by mail-wm1-f67.google.com with SMTP id u13so1303547wml.1 for ; Wed, 10 Jun 2020 03:21:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=cPga66sThvYHiEFC385G62XGHlxcXWC6QToSnyOgqiY=; b=ytRyHAdquDTz30k7+0ZlllAanPU16RSGq1uxl5+14mLPKiqTfIykP1U/cGRdtVGevu 4XwmJf6l1HCm8rvVnDzfB65twQE6MlS7Fc3LxtmSc1pSel3d2qCBkwpsU9ZOK9UXR2// V9a6gXH/k/2EekgJoO+A3nPqomOulwEclfwUI9YH1Oiw3QA4l18vu3sqmNkczcwEI9v9 F+R5VLgJAHp8oJFg58RWA3cFI+tcbksGun3d9w3yDs7zswuNxk8Wp5raoMOMVDgjAcQM GeW4ttqScSQJNrV2A/Uk5e6rmZICptPCBxayKtejskRvZHKMoAdki+iIGpjBYh6isdtN OIrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=cPga66sThvYHiEFC385G62XGHlxcXWC6QToSnyOgqiY=; b=ctQ0N0AJIT85KisPTdOfsXpwHAMTBF+MAc66lKfG5CHGFlISEcrfSpgD5MCd6jzit1 NHJO+bREWMsb1GPqFFSvf6TaufaToCaq1rbZHeQHbpdoZIYA7R5eZv3GrpB/IN/MnpT4 tfwBwZBraQJHLUWSqN65o3JoAh/7vcSfDP3EXNevHNzWQYP0tqL5bbDvVw5iTSc3GQm6 IxzoR87bfOVe/Qnx+PkJrMK2VSaM+6II0WAHAFPgAGEKZ6rK2ZRCB2/bDF/WoGWlYK0b GLv0S+Vs+TL9zpx4qdk/U0zKDSc+ZrLe1Rx/AcMFfBszYzfQ/c24RFWY5WjMeDe/05pp u6mA== X-Gm-Message-State: AOAM5300yReCNYnsGp6wvDDum5JtLNJVbHxTW5eH3lWKNDVBrE70jEuF 1MrxvdnmyZmQ0cr+JZYiMneJtg== X-Google-Smtp-Source: ABdhPJz+5xRhLSsIRk9HVuIAcTFzmd6J8glZFzov9I4iXZS8cW3HR7Hu3aORg/3nEfxbc1WHviti5A== X-Received: by 2002:a1c:7414:: with SMTP id p20mr2435929wmc.124.1591784510977; Wed, 10 Jun 2020 03:21:50 -0700 (PDT) Return-Path: Received: from apalos.home (ppp-2-87-59-0.home.otenet.gr. [2.87.59.0]) by smtp.gmail.com with ESMTPSA id d63sm6512789wmc.22.2020.06.10.03.21.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Jun 2020 03:21:50 -0700 (PDT) Date: Wed, 10 Jun 2020 13:21:48 +0300 From: Ilias Apalodimas To: Ard Biesheuvel Cc: devel@edk2.groups.io, Michael D Kinney , Liming Gao , Jiewen Yao , Sami Mujawar Subject: Re: [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable Message-ID: <20200610102148.GA1372825@apalos.home> References: <20200610081740.54581-1-ard.biesheuvel@arm.com> MIME-Version: 1.0 In-Reply-To: <20200610081740.54581-1-ard.biesheuvel@arm.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi Ard, Tested on QEMU with the op-tee patches i mentioned in my RFC [1] Everything seems to work correctly [1] https://edk2.groups.io/g/devel/message/60835 On Wed, Jun 10, 2020 at 10:17:35AM +0200, Ard Biesheuvel wrote: > It is not always possible to deploy the standalone MM core in a way where > the runtime address is known at build time. This does not matter for most > modules, since they are relocated at dispatch time. However, for the MM > core itself, it means we need to do some extra work to relocate the image > in place if it ends up at a different offset than expected. > > On AARCH64, the standalone MM stack is deployed inside a non-privileged > secure world container which only has limited control over its memory > mappings, and so we need to ensure that the executable code itself is > free of absolute quantities that need to be fixed up. This is very similar > to how shared libraries are constructed, given that pages can only be > shared between processes if they are not modified, even by the dynamic > loader. So we can use this support to emit the standaline MM core in a > way that guarantees that the executable code does not need to modify > itself (patch #4) > > Patch #5 adds the actual code to perform the self relocation after the > .data section has been made writable and non-executable. Note that the > PE/COFF library code modifies the header in place, and so in the case > where we need to perform the runtime relocation, we need to remap the > header page writable and non-executable as well. > > The remaining patches are optimizations and fixes I picked up along > the way. > > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Jiewen Yao > Cc: Sami Mujawar > Cc: Ilias Apalodimas > > Ard Biesheuvel (5): > MdePkg/BasePrintLib: avoid absolute addresses for error strings > StandaloneMmPkg/Core: fix bogus FV pointer in DEBUG string > StandaloneMmPkg/Core: add missing GUID reference > StandaloneMmPkg: generate position independent code for StMM core > StandaloneMmPkg/StandaloneMmCoreEntryPoint: relocate StMM core on the > fly > > StandaloneMmPkg/Core/StandaloneMmCore.inf | 5 +++++ > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf | 3 +++ > StandaloneMmPkg/Include/Library/AArch64/StandaloneMmCoreEntryPoint.h | 2 ++ > MdePkg/Library/BasePrintLib/PrintLibInternal.c | 2 +- > StandaloneMmPkg/Core/Dispatcher.c | 2 +- > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/SetPermissions.c | 11 +++++++--- > StandaloneMmPkg/Library/StandaloneMmCoreEntryPoint/AArch64/StandaloneMmCoreEntryPoint.c | 22 ++++++++++++++++++++ > 7 files changed, 42 insertions(+), 5 deletions(-) > > -- > 2.26.2 > Tested-by: Ilias Apalodimas