MM communication buffer access denied or leading to an unhandled exception
Fabrice DECROP LONGET
I'm currently working on implemting the secure partition manager in EDK2. My platform is based on reference design DANIEL. But I'm facing several issues, that makes me very confused, and don't know what to do now for implenting this feature.
First, I enable the SPM flag in ARM-TF firmware. I'm sure that this feature is enabled. MM communication buffer is (should be) correctly configured in mapping of this firmware. I say _correctly_ because, to my understanding, SPM_MM flag is correctly set in compilation and arm-tf firmware generation. To my understanding, it should be enough for EDK2 BIOS to have RW access to MM communication buffer.
Second, in EDK2, I enable the StandaloneMmPkg in EDK2 compilation. I also add the VariableInfo application, to test the communication between the Normal and Secure world.
Then, here are descriptions of the several issues I'm facing :
1-After the later configuration of arm-tf and EDK2 (SPM_MM enabled and StandaloneMmPkg addition), boot od EDK2 is leading to an hundandled exception.
I must also mention that MM communication buffer (@FF60000) access is not possible through armds in EL2 (typing EL2:FF600000 in the memory section debugger). Memory view is not not show any content, and is colored in pink.
2-I assume that I have to add MM communication memory zone (@FF600000) in the Mmu configuration. That'as what I saw in the StandaloneAARCH64 branch of EDK2 (in edk2-staging)
To achieve this addition, I added a call to BuidRessourceDescriptorHob() in MemoryPeim() of ArmPlatformPkg. Of course, this call has PcdMmBufferBase (=0xFF600000) in input parameter.
With this addition, former hundandled exception is corrected.
But : MM communication memory zone is still pink in the memory section of ArmDs. And MmCommunicationDxe driver failed to ubstall protocol interface (gEfiCommunication2ProtocolGuid)
So, my test application VariableInfo failed to communicate with secure world.
Could someone point me what I'm doing wrong ?
Is there some configuration to do in Mmu in EDK2 to enable communication ? If so, what should it be ?
Is it normal to have no access at the output of Arm-TF (and at the very beginning of BL33 = UEFI EDK2 normal world) trough ArmDS in its memory section.
Many thanks for your help.
Fabrice DECROP LONGET
SiPearl - Ingénieur BIOS/UEFI
Mobile: +33 6 44 12 09 85
On Wed, Apr 6, 2022 at 12:25 AM, Fabrice DECROP LONGET wrote:
Couple of questions to understand this better -
1. Is the reference design DANIEL platform you work on downloaded from https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps? If yes, what is the version number of the FVP?
2. Is the software you are using same as described in https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs/-/blob/master/docs/infra/rdv1/readme.rst. If yes, what is the release tag being used?