From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.16505.1591955890067137353 for ; Fri, 12 Jun 2020 02:58:10 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: ard.biesheuvel@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9EBD231B; Fri, 12 Jun 2020 02:58:09 -0700 (PDT) Received: from [192.168.1.69] (unknown [10.37.8.184]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BD6073F73C; Fri, 12 Jun 2020 02:58:07 -0700 (PDT) Subject: Re: [PATCH 0/5] StandaloneMmPkg: make StMM core relocatable To: devel@edk2.groups.io Cc: Michael D Kinney , Liming Gao , Jiewen Yao , Sami Mujawar , Ilias Apalodimas References: <20200610081740.54581-1-ard.biesheuvel@arm.com> From: "Ard Biesheuvel" Message-ID: <50236702-7a20-d0f6-1b0a-9f7b43772a59@arm.com> Date: Fri, 12 Jun 2020 11:58:03 +0200 User-Agent: Mozilla/5.0 (X11; Linux aarch64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <20200610081740.54581-1-ard.biesheuvel@arm.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 6/10/20 10:17 AM, Ard Biesheuvel wrote: > It is not always possible to deploy the standalone MM core in a way where > the runtime address is known at build time. This does not matter for most > modules, since they are relocated at dispatch time. However, for the MM > core itself, it means we need to do some extra work to relocate the image > in place if it ends up at a different offset than expected. > > On AARCH64, the standalone MM stack is deployed inside a non-privileged > secure world container which only has limited control over its memory > mappings, and so we need to ensure that the executable code itself is > free of absolute quantities that need to be fixed up. This is very similar > to how shared libraries are constructed, given that pages can only be > shared between processes if they are not modified, even by the dynamic > loader. So we can use this support to emit the standaline MM core in a > way that guarantees that the executable code does not need to modify > itself (patch #4) > > Patch #5 adds the actual code to perform the self relocation after the > .data section has been made writable and non-executable. Note that the > PE/COFF library code modifies the header in place, and so in the case > where we need to perform the runtime relocation, we need to remap the > header page writable and non-executable as well. > > The remaining patches are optimizations and fixes I picked up along > the way. > > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Jiewen Yao > Cc: Sami Mujawar > Cc: Ilias Apalodimas > Any thoughts from the StandaloneMmPkg co-maintainers?