RealmManagementMonitor手册资源-CSDN文库

需积分: 5 180 浏览量 2023-12-06 15:28:26 上传评论收藏 1.65MB PDF 举报

资源推荐

资源详情

资源评论

Realm Management Monitor

speciﬁcation

Document number DEN0137

Document quality EAC

Document version 1.0-eac5

Document conﬁdentiality Non-conﬁdential

Document build information

790fd539 doctool 0.54.0-rc1

Realm Management Monitor speciﬁcation

Release information

1.0-eac5 (05-10-2023)

Clariﬁcations

• Fix attestation token ﬂows (FENIMORE-718)

• Clarify behavior on Host rejection of a RIPAS change request (FENIMORE-719)

• Replace Granule::pas attribute with Granule::gpt

– PAS is an attribute of a memory access, not of a Granule.

Defects

• {RMI,RSI}_VERSION: (FENIMORE-724)

– Clarify rules regarding returned interface version, and provide examples

–

Remove rule that if the return code is SUCCESS, subsequent calls to the interface adhere to the behavior corresponding

with the returned interface version

•

Specify that SMCCC registers not speciﬁed as command input / output values are SBZ and MBZ respectively

(FENIMORE-724)

• RSI_ATTESTATION_TOKEN_INIT: return upper bound on token size (FENIMORE-720)

• RMI_DATA_CREATE: move RIPAS=RAM from being a pre-condition to a post-condition (FENIMORE-721)

Relaxations

None

1.0-eac4 (06-09-2023)

Clariﬁcations

• Exclude GIC, timer and PMU values from “On REC exit . . . all other REC exit ﬁelds are zero” (FENIMORE-712)

• Amend contradictory statement regarding RTT folding to level 1 (FENIMORE-715) [I

QWQSB

]

Defects

• RMI_RTT_{INIT,SET}_RIPAS: ﬁx “top” alignment check

– Ensure that “top” is Granule aligned (FENIMORE-710)

– Ensure that return code is deterministically speciﬁed (FENIMORE-711)

– Prevent RIPAS change from proceeding beyond the “top” address provided by the Realm (FENIMORE-711)

• {RMI,RSI}_VERSION: add handshake (FENIMORE-708)

– The caller provides a “requested version”

– The RMM either returns:

A version which it can implement, that is compatible with the requested version (and a SUCCESS return code)

A version which it implements, that is incompatible with the requested version (and an error code)

–

If the return code is SUCCESS, subsequent calls to the interface adhere to the behavior corresponding with the

returned interface version

• Increase width of PsciReturnCode to 64 bits (FENIMORE-709)

Relaxations

•

RMI_REALM_CREATE: permit number of PMU counters to be less than number supported by the implementation

(FENIMORE-716)

•

RMI_REALM_CREATE: permit number of breakpoints or watchpoints to be less than number supported by the

implementation (FENIMORE-717)

1.0-eac3 (20-07-2023)

Clariﬁcations

• Clarify which bits of command input / output values should / must be zero (FENIMORE-674)

• Explain distinction between concrete and abstract types (FENIMORE-693)

•

Clarify return value from RSI_IPA_STATE_SET when stopping at ﬁrst DESTROYED entry (FENIMORE-699) [I

GXDDX

]

Defects

• PSCI_SYSTEM_{OFF,RESET}: change Realm state to SYSTEM_OFF (FENIMORE-694)

• RMI_REC_CREATE: update RIM only if runnable ﬂag is set (FENIMORE-697)

• RMI_REALM_CREATE: ﬁx list of measured parameters (FENIMORE-695)

• Remove members from RmmSystemRegisters (FENIMORE-700)

–

State saved / restored depends on architecture features supported by the platform, so deﬁning this type as an empty

placeholder

• Avoid use of reserved ASL v1 keyword “entry” in MRS (FENIMORE-702)

– RmiRecEntry -> RmiRecEnter

– RmiRecEntryFlags -> RmiRecEnterFlags

– RmiRecRun::entry -> RmiRecRun::enter

– RmmRttWalkResult::entry -> RmmRttWalkResult::rtte

• RSI_IPA_STATE_SET: prohibit RSI_DESTROYED input value (FENIMORE-705)

• RMI_PSCI_COMPLETE: PSCI_CPU_ON: ﬁx copy of context_id to target CPU X0 (FENIMORE-703)

• Allow Host to reject request to change RIPAS to RAM (FENIMORE-661)

• Allow Host to reject PSCI_CPU_ON request via RMI_PSCI_COMPLETE (FENIMORE-706)

Relaxations

• Permit folding of level 2 RTT to create level 1 block mapping (FENIMORE-608)

• Remove restriction that attestation token size must not exceed 4KB (FENIMORE-691)

1.0-eac2 (07-06-2023)

Clariﬁcations

• Remove reference to triggering ERROR_INPUT by setting MBZ bit to 1 (FENIMORE-675)

• Clarify constraints on output values in case of command failure [R

TFZMS

] (FENIMORE-676)

• Clarify encoding of RmiRealmParams::sve_sz (FENIMORE-684)

• Clarify set of SMCCC interfaces available to a Realm [R

NPLKX

] (FENIMORE-685)

Defects

• Replace PMU ﬁelds in RmiRecExit with single bit indicating the PMU overﬂow status [R

WXTZF

] (FENIMORE-679)

• RMI_PSCI_COMPLETE: failure condition should compare against MPIDR, not RD address (FENIMORE-681)

• RMI_REC_CREATE: remove params_valid failure condition (FENIMORE-686)

• RMI_RTT_{INIT,SET}_RIPAS: check alignment of “top” input value (FENIMORE-687)

• Reduce coupling between HIPAS and RIPAS (FENIMORE-680)

– Replace HIPAS=DESTROYED with RIPAS=DESTROYED

– Remove RmiRttEntryState::RMI_DESTROYED

– Change encoding of RmiRttEntryState::RMI_TABLE

– Add RmiRipas::RMI_DESTROYED

– Add RsiRipas::RSI_DESTROYED

– RMI_DATA_CREATE_UNKNOWN: remove pre-condition that RIPAS=RAM

– RMI_DATA_DESTROY:

In all cases, post-condition now states that HIPAS=UNASSIGNED

If pre-condition was RIPAS=RAM, post-condition states that RIPAS=DESTROYED

– RMI_RTT_DESTROY:

Remove post-condition that HIPAS=DESTROYED

Add post-condition that state of parent RTTE is UNASSIGNED

Add post-condition that RIPAS=DESTROYED

DEN0137

1.0-eac5

Non-conﬁdential

iii

– RMI_RTT_SET_IPA_STATE: stop at ﬁrst DESTROYED entry if “destroyed” ﬂag is set

– RSI_IPA_STATE_SET: add “destroyed” ﬂag

– Clarify distinction between “RTT folding” [D

QPXCP

] and “RTT destruction” [D

VXRZW

]

• RMI_RTT_INIT_RIPAS: success conditions should be bounded by walk_top, not top

Relaxations

• RSI_REALM_CONFIG: provide Realm hash algorithm (FENIMORE-678)

1.0-eac1 (31-03-2023)

Clariﬁcations

• Unused bits of RmiRecEntry::gicv3_hcr are SBZ [I

SMHXB

] (FENIMORE-666)

•

RMI_REC_ENTER: all RMI_ERROR_INPUT failure conditions precede all RMI_ERROR_REC failure conditions

(FENIMORE-668)

• Avoid use of raw Xn values in command conditions where possible (FENIMORE-671)

• Clarify deﬁnition of REC exit due to (Non-)emulatable Data Abort [D

CYRMT

, D

MTZMC

] (FENIMORE-673)

Defects

• RMI_RTT_INIT_RIPAS: take account of “top” IPA value when calculating RIM contribution (FENIMORE-662)

• RttSkipEntriesWithRipas: ﬁx inverted logic (FENIMORE-663)

• RMI_RTT_SET_RIPAS: on success, modify IPA range [base, walk_top) (FENIMORE-669)

• RMI_RTT_{INIT,SET}_RIPAS: remove redundant failure conditions (FENIMORE-670)

• Clarify HIPAS=DESTROYED implies RIPAS=UNDEFINED [R

JYDRL

] (FENIMORE-672)

Relaxations

• RSI_HOST_CALL: relax alignment requirement from 4KB to 256B

1.0-eac0 (31-01-2023)

Clariﬁcations

None

Defects

• RmiRealmParams: reduce width of integer attributes (FENIMORE-647)

• RSI_IPA_STATE_SET: replace (base, size) with (base, top) (FENIMORE-656)

•

RMI_RTT_INIT_RIPAS, RMI_RTT_SET_RIPAS: allow single command to modify multiple RTT entries

(FENIMORE-656)

Relaxations

• RMI_RTT_SET_RIPAS: remove “ripas” input value (FENIMORE-659)

1.0-bet2 (16-12-2022)

Clariﬁcations

• Flows: update RMI_REC_ENTRY to take a single ‘run’ input value

• Clarify meaning of “TTD” [I

YMNSR

] (FENIMORE-641)

• Fix typo in reference to “CCA platform token claim map” [I

FJKFY

] (FENIMORE-647)

• Fix reference to “RME system architecture spec” (FENIMORE-648)

• Flows: remove stale reference to parameters passed to RMI_DATA_CREATE (FENIMORE-649)

• Improve deﬁnition and constistency of usage of the term “REC” (FENIMORE-650)

– Where referring to the RMM data structure “REC object” is now used

• Clarify description of properties of Realm IPA space [I

TPGKW

] (FENIMORE-639)

– Replace “permitted, under control of host” with statements which refer to particular HIPAS values.

– Add “Protected IPA, HIPAS=DESTROYED” row, thereby removing contradictory statements regarding SEA taken

to Realm, previously in “Protected IPA, RIPAS=EMPTY”.

• On assertion of an EL1 timer, the RMM guarantees a REC exit, not only a Realm exit (FENIMORE-651)

DEN0137

1.0-eac5

Non-conﬁdential

• RMI_RTT_FOLD: preserve RIPAS value if IPA is Protected (FENIMORE-638)

Defects

• Attestation: wrap sub-tokens in byte stream (FENIMORE-643)

• RMI_DATA_DESTROY, RMI_RTT_{DESTROY,FOLD}: return PA of destroyed object (FENIMORE-563)

•

RMI_REALM_DESTROY, RMI_REC_DESTROY, RMI_REC_ENTER, RMI_RTT_DESTROY, RMI_RTT_FOLD,

RMI_RTT_SET_RIPAS: Remove RMI_ERROR_IN_USE (FENIMORE-588)

•

RMI_DATA_CREATE, RMI_DATA_CREATE_UNKNOWN, RMI_REC_CREATE, RMI_RTT_CREATE: pass RD

pointer in X1 (FENIMORE-655)

• Replace RmiRealmParams::features_0 with discrete ﬁelds (FENIMORE-655)

• RMI_DATA_CREATE(_UNKNOWN): require RIPAS=RAM (FENIMORE-645)

• Apply “must / should be zero” consistently (FENIMORE-619)

– In command inputs, unused bits are SBZ

– In command outputs, unused bits are MBZ

Relaxations

• RSI_HOST_CALL: expand set of GPRs to X0-X30 (FENIMORE-607)

– This enables the RMM to support any calling convention.

•

RMI_DATA_DESTROY, RMI_RTT_DESTROY, RMI_RTT_UNMAP_UNPROTECTED: return IPA of next live RTT

entry (FENIMORE-563)

1.0-bet1 (31-10-2022)

Clariﬁcations

• Rename HIPAS VALID_NS -> UNASSIGNED (FENIMORE-631)

• SEA injection is independent of whether Host emulates MMIO (FENIMORE-632)

•

In RIPAS change ﬂow, permit Host to apply the change to zero or more pages of the target IPA region (FENIMORE-633)

• Flows: replace HVC with Host call (FENIMORE-611)

• Clarify behavior of VmidIsValid() function (FENIMORE-630)

• Qualify “all other exit ﬁelds are zero” statements [R

GTJRP

, R

LRCFP

] (FENIMORE-634)

– GIC, timer and PMU ﬁelds are valid on every REC exit.

Defects

• Change size of RsiHostCall type to 256 bytes (FENIMORE-629)

• Correct the set of ESR_EL2 ﬁelds which are returned to the Host on REC exit due to Data abort [R

RYVFL

]

– On all Data Aborts, add FnV.

– On Emulatable Data Aborts, add SF.

– On Non-emulatable Data Abort at an Unprotected IPA, add IL.

Relaxations

None

DEN0137

1.0-eac5

Non-conﬁdential

剩余306页未读，继续阅读

评论收藏

内容反馈

solomon1530

粉丝: 1
资源: 12

Realm Management Monitor 手册

最新资源

Realm Management Monitor 手册

Realm Building Modern Swift Apps with Realm Database

realm-java-0.86.0

android数据库Realm版本更新

Realm_Building_Modern_Swift_Apps_with_Realm_Database_v1.0

realm的使用总结

Android的Realm数据库增删改查实例

Apache_Shiro_使用手册（四）Realm_实现

widows版Realm Studio Setup 3.5.0.exe

shiro-realm案例

ReactNative简单仓库realm数据库组件实现

Realm Browser For Windows

Android Realm数据库逻辑封装

Realm安卓eclipse0.87.5版本

Android Realm数据库demo

Realm + aspectj aop数据库封装

RealmDemo简单测试使用

Android-一个用于Stetho的Realm模块可以通过Stetho在Chrome浏览器上查看Realm数据库

shiro web中自定义Realm

realm-sync-cocoa

realm-android-0.87.4.jar

操作系统学习与考试系统(XOSCATS)

SquareLine-Studio 1.3.0安装包

王道操作系统课件 2024

C语言规范标准-C99(中文版)

ELF解析工具 v1.7（elf格式解析工具)

计算机组成原理：最详细笔记 word格式下载

KeepOutlookRunning.7z

dell r730xd 调速工具

Sim-EKB-Install-2022-11-27.zip

贵州电信天邑TY1613-s905l3-b-rtl8822cs当贝固件刷机教程

最新资源