From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
 by mx.groups.io with SMTP id smtpd.web10.16505.1591955890067137353
 for <devel@edk2.groups.io>;
 Fri, 12 Jun 2020 02:58:10 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ard.biesheuvel@arm.com)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
	by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9EBD231B;
	Fri, 12 Jun 2020 02:58:09 -0700 (PDT)
Received: from [192.168.1.69] (unknown [10.37.8.184])
	by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BD6073F73C;
	Fri, 12 Jun 2020 02:58:07 -0700 (PDT)
Subject: Re: [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable
To: devel@edk2.groups.io
Cc: Michael D Kinney <michael.d.kinney@intel.com>,
 Liming Gao <liming.gao@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Sami Mujawar <sami.mujawar@arm.com>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>
References: <20200610081740.54581-1-ard.biesheuvel@arm.com>
From: "Ard Biesheuvel" <ard.biesheuvel@arm.com>
Message-ID: <50236702-7a20-d0f6-1b0a-9f7b43772a59@arm.com>
Date: Fri, 12 Jun 2020 11:58:03 +0200
User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:68.0) Gecko/20100101
 Thunderbird/68.9.0
MIME-Version: 1.0
In-Reply-To: <20200610081740.54581-1-ard.biesheuvel@arm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 6/10/20 10:17 AM, Ard Biesheuvel wrote:
> It is not always possible to deploy the standalone MM core in a way where
> the runtime address is known at build time. This does not matter for most
> modules, since they are relocated at dispatch time. However, for the MM
> core itself, it means we need to do some extra work to relocate the image
> in place if it ends up at a different offset than expected.
> 
> On AARCH64, the standalone MM stack is deployed inside a non-privileged
> secure world container which only has limited control over its memory
> mappings, and so we need to ensure that the executable code itself is
> free of absolute quantities that need to be fixed up. This is very similar
> to how shared libraries are constructed, given that pages can only be
> shared between processes if they are not modified, even by the dynamic
> loader. So we can use this support to emit the standaline MM core in a
> way that guarantees that the executable code does not need to modify
> itself (patch #4)
> 
> Patch #5 adds the actual code to perform the self relocation after the
> .data section has been made writable and non-executable. Note that the
> PE/COFF library code modifies the header in place, and so in the case
> where we need to perform the runtime relocation, we need to remap the
> header page writable and non-executable as well.
> 
> The remaining patches are optimizations and fixes I picked up along
> the way.
> 
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> 

Any thoughts from the StandaloneMmPkg co-maintainers?