Ard Biesheuvel <ard.biesheuvel@...>
On 10/16/20 3:36 AM, Fu, Siyuan wrote:
Hi, SamiCould you explain more about the gap that needs to be bridged here? I suppose the desire is to be able to reuse existing DXE_SMM_DRIVER modules, and deploy them unmodified in a standalone MM context?
So would you expect runtime dispatch for these drivers? What about any accesses to EFI boot services, which are no longer possible when running under standalone MM? Do you have any reason to believe that this hybrid MM core will be able to run a significant fraction of those existing drivers?
Would you think it's acceptable if we put the traditional MM related code controlledThis is security critical code, and having PCD controlled behavior like this makes it much hard to reason about correctness in all its instantiation. I guess I would have to see what the code looks like, but having PCD checks all over the place does not seem like a great way to do this IMHO.