Support forums

Architectures and Processors forum CCA in Armv9 - Could Realm Management Monitor Check Realm VM's Data?

State Accepted Answer
Locked Locked
Replies 3 replies
Subscribers 350 subscribers
Views 1596 views
Users 0 members are here

Options

How was your experience today?

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CCA in Armv9 - Could Realm Management Monitor Check Realm VM's Data?

Jay M. over 2 years ago

Hi everyone,

I'm wondering if Realm Management Monitor (RMM -- a hypervisor for Realm VM in Armv9) could read and write to Realm VM's data.

There are interfaces between the RMM and Realm VM, which are mainly Realm Services Interface (RSI) and some power managment related interface. The specs (p.21~22, Section A1.3) for the RSI tells me that it would not be able to check Realm VM's data -- could anyone confirm that I'm being correct?
Otherwise, would RMM have some channel to Realm VM for read and write operations?

Thanks in advance!

Top replies

+1 Gareth Stockwell over 2 years ago

Architecturally, software running at R-EL2 is capable of writing to any Realm PAS memory.

The RMM uses this capability during allocation of memory to a Realm (RMI_DATA_CREATE{_UNKNOWN}) and deallocation of the same memory (RMI_DATA_DESTROY.) It also writes to Realm memory during execution of some RSI commands, including RSI_ATTESTATION_TOKEN_*, RSI_HOST_CALL and RSI_REALM_CONFIG.
Cancel
Up +4 Down

Cancel
0 Jay M. over 2 years ago in reply to Gareth Stockwell

Thanks for the reply! This helps me a lot :)

I have one final question -- would this mean that a software running at R-EL2 (i.e. RMM) would not be able to 'read' Realm PAS memory?
Cancel
Up 0 Down

Cancel
+1 djordje kovacevic over 2 years ago in reply to Jay M.

No, it doesn't.

The RMM at R-EL2 can both read and write any memory with Realm PAS.
Cancel
Up +3 Down

Cancel