Hi everyone,
I'm wondering if Realm Management Monitor (RMM -- a hypervisor for Realm VM in Armv9) could read and write to Realm VM's data.
There are interfaces between the RMM and Realm VM, which are mainly Realm Services Interface (RSI) and some power managment related interface. The specs (p.21~22, Section A1.3) for the RSI tells me that it would not be able to check Realm VM's data -- could anyone confirm that I'm being correct?Otherwise, would RMM have some channel to Realm VM for read and write operations?
Thanks in advance!
Architecturally, software running at R-EL2 is capable of writing to any Realm PAS memory.
The RMM uses this capability during allocation of memory to a Realm (RMI_DATA_CREATE{_UNKNOWN}) and deallocation of the same memory (RMI_DATA_DESTROY.) It also writes to Realm memory during execution of some RSI commands, including RSI_ATTESTATION_TOKEN_*, RSI_HOST_CALL and RSI_REALM_CONFIG.
Thanks for the reply! This helps me a lot :)
I have one final question -- would this mean that a software running at R-EL2 (i.e. RMM) would not be able to 'read' Realm PAS memory?
No, it doesn't.
The RMM at R-EL2 can both read and write any memory with Realm PAS.