From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94601+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94601+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579194; cv=none;
	d=zohomail.com; s=zohoarc;
	b=V8KXfeA+ZDQIjx3g7oTDV8HiMaVO9BRKv7wDhUuBLaN4Ge+EyJHxWNjaq9XPFOfduqjpMPJyOKvujwlssIqLukn/EOEfHpy3pWCdv4qRG/+hStcqtVnzq4cgEh/qAoAYcCvt7l6VYEQDwLsP70gv+4MsytqDZ0XyW03vG5R5q94=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579194;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=72wMHjvob62rhH2KqIv6JfU0Kx9BZ2UiU6Uq13evcy4=;
	b=jxOopellj0cioipjiyzfvRoSmELaDJ+Xxob9eRBXXpuz9yxLqJzc1TVCucnJPSXy1tX50SRz/Y29pEnVW0PfVJXvVe35S4/GmXoetVFeolXKt+inE0l+itSJv2bOczgwZAJxhspaSfMBwyx68cTdaWK5Hr3oXhri+o8jXW/GwKg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94601+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579194892345.6074719260681;
 Fri, 30 Sep 2022 16:06:34 -0700 (PDT)
Return-Path: <bounce+27952+94601+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id ec0CYY1788612xwMhuhOjbEs;
 Fri, 30 Sep 2022 16:06:33 -0700
X-Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
 by mx.groups.io with SMTP id smtpd.web08.962.1664579192998960661
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:33 -0700
X-Received: by mail-pj1-f74.google.com with SMTP id
 ck11-20020a17090afe0b00b0020a648b8413so685551pjb.4
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:32 -0700 (PDT)
X-Gm-Message-State: ykRnNkJzynDDf82GIstSGeE0x1787277AA=
X-Google-Smtp-Source: 
 AMsMyM4+HD6IhyTLnBHEjKVZYugNo4H5IayVti+YCp4h4TTai93Zl+ni+7J9cq/ErVdNl8wab2i0dOeFsQDqZVLcgg==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:902:ce0e:b0:17d:a730:3835 with
 SMTP id k14-20020a170902ce0e00b0017da7303835mr246360plg.131.1664579192397;
 Fri, 30 Sep 2022 16:06:32 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:21 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-2-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 1/7] OvmfPkg: Realize EfiMemoryAcceptProtocol
 in AmdSevDxe
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579193;
 bh=PJ6TLnsYVB+6kL8u9Efwequ7LLXVNsjw8QpXPaYcm+k=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=ZFtTnE3vwbIs59LjDllzkxaUDr34+tcZEEL9EE06iC+2ODXQYRIPy5qelXlK+E7CPKK
 zsI5HfgR23FML8k9Sa07XrO3j84784Eou0LsDOsiWTpZzR4rUSEmbDS3k6mCZ5p7hSDDO
 TA+bgH0l80trP92vvikoc5AbEdH+LvUxQjc=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579196957100009
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Sophia Wolf <phiawolf@google.com>

When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.

EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/AmdSevDxe/AmdSevDxe.c                                      | 57 ++=
++++++++++++++++--
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf                                    |  3 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++=
+++++--
 3 files changed, 76 insertions(+), 8 deletions(-)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..77d3caa833 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Guid/ConfidentialComputingSevSnpBlob.h>
 #include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>
=20
 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable =3D {
   SIGNATURE_32 ('A',                                    'M', 'D', 'E'),
@@ -31,6 +32,38 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBoo=
tDxeTable =3D {
   FixedPcdGet32 (PcdOvmfCpuidSize),
 };
=20
+STATIC EFI_HANDLE mAmdSevDxeHandle =3D NULL;
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+  IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+  IN EFI_PHYSICAL_ADDRESS StartAddress,
+  IN UINTN Size
+)
+{
+  //
+  // The StartAddress must be page-aligned, and the Size must be a positive
+  // multiple of SIZE_4KB. Use an assert instead of returning an erros sin=
ce
+  // this is an EDK2-internal protocol.
+  //
+  ASSERT (((StartAddress & ~(SIZE_4KB - 1)) =3D=3D 0) &&
+          ((Size & ~(SIZE_4KB - 1)) =3D=3D 0) &&
+          (Size !=3D 0));
+
+  MemEncryptSevSnpPreValidateSystemRam (
+    StartAddress,
+    EFI_SIZE_TO_PAGES (Size)
+    );
+
+  return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol =3D {
+  AmdSevMemoryAccept
+};
+
 EFI_STATUS
 EFIAPI
 AmdSevDxeEntryPoint (
@@ -147,11 +180,27 @@ AmdSevDxeEntryPoint (
     }
   }
=20
-  //
-  // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_S=
EV_SNP_BLOB.
-  // It contains the location for both the Secrets and CPUID page.
-  //
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
+  }
+
   if (MemEncryptSevSnpIsEnabled ()) {
+    //
+    // Memory acceptance began being required in SEV-SNP, so install the
+    // memory accept protocol implementation for a SEV-SNP active guest.
+    //
+    Status =3D gBS->InstallProtocolInterface (
+                  &mAmdSevDxeHandle,
+                  &gEfiMemoryAcceptProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  &mMemoryAcceptProtocol
+                  );
+    ASSERT_EFI_ERROR (Status);
+
+    //
+    // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING=
_SEV_SNP_BLOB.
+    // It contains the location for both the Secrets and CPUID page.
+    //
     return gBS->InstallConfigurationTable (
                   &gConfidentialComputingSevSnpBlobGuid,
                   &mSnpBootDxeTable
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.=
inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
=20
+[Protocols]
+  gEfiMemoryAcceptProtocolGuid
+
 [Guids]
   gConfidentialComputingSevSnpBlobGuid
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValida=
te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index d3a95e4913..ee3710f7b3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
 #include <Library/MemEncryptSevLib.h>
=20
 #include "SnpPageStateChange.h"
+#include "VirtualMemory.h"
=20
 /**
   Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam (
   IN UINTN             NumPages
   )
 {
+  EFI_STATUS Status;
+
   if (!MemEncryptSevSnpIsEnabled ()) {
     return;
   }
=20
-  //
-  // All the pre-validation must be completed in the PEI phase.
-  //
-  ASSERT (FALSE);
+  // DXE pre-validation may happen with the memory accept protocol.
+  // The protocol should only be called outside the prevalidated ranges
+  // that the PEI stage code explicitly skips. Specifically, only memory
+  // ranges that are classified as unaccepted.
+  if (BaseAddress >=3D SIZE_4GB) {
+    Status =3D InternalMemEncryptSevCreateIdentityMap1G (
+               0,
+               BaseAddress,
+               EFI_PAGES_TO_SIZE (NumPages)
+               );
+    if (EFI_ERROR (Status)) {
+      ASSERT (FALSE);
+      CpuDeadLoop ();
+    }
+  }
+
+  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
 }
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94601): https://edk2.groups.io/g/devel/message/94601
Mute This Topic: https://groups.io/mt/94028458/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94602+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94602+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579195; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Uf6A1qmLcux8X6U2/UX88m8jtfin+r9tiGW5yDmO3Lxu+fdtKDfCAclcMsoZeGwO7JxyVPt96mEFWrMeIxcbYsg8+hfpLpRct7tjMonT8FaXQlQLK1/4RTICdn8JL+eGNJK3do8SpQhXrBmGayDh2hHwdnna5cxH1tyO0hm4pfk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579195;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=tvtqD93/WArjZCUYWfPDh8U3VpvUVCD+IVAEt9ppgy4=;
	b=g3jUyB5jdaW/5fxjqX/kjZyE458WuNvlGcdGWc9oyI0eu82quYe/HMfMMUMXl5tnD8swGrsWzuN20OzaDmr5WQGt1aldQMSkltDJCol5A0LrzNoCbqTrXbcB8gU6ejFS9twYUSRa5tdoe15J1qb5rx+Z2li4mKXn0OZ3PjjWgnk=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94602+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579195325695.2419355832695;
 Fri, 30 Sep 2022 16:06:35 -0700 (PDT)
Return-Path: <bounce+27952+94602+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id IxbnYY1788612x0sEA7zGfhk;
 Fri, 30 Sep 2022 16:06:35 -0700
X-Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com
 [209.85.214.201])
 by mx.groups.io with SMTP id smtpd.web08.963.1664579194388537241
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:34 -0700
X-Received: by mail-pl1-f201.google.com with SMTP id
 d7-20020a170903230700b00177f6dd8472so4089055plh.6
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:34 -0700 (PDT)
X-Gm-Message-State: dUI82OsYzL2CUBaPl0eOizM1x1787277AA=
X-Google-Smtp-Source: 
 AMsMyM4GXFiw67kuFWFpliPsYsY9yRdEUxsKI1ATkpbo2zbFRENg7zLEwLApLwMZErz/KOj7ZZ1LXAwPK1ZHAvQALQ==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a05:6a00:e8f:b0:536:c98e:8307 with
 SMTP id bo15-20020a056a000e8f00b00536c98e8307mr11424985pfb.73.1664579193795;
 Fri, 30 Sep 2022 16:06:33 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:22 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-3-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 2/7] MdePkg: Introduce
 ExitBootServicesCallbackProtocol
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	"Min M. Xu" <min.m.xu@intel.com>, James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>,
	Ard Biesheuvel <ardb@kernel.org>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579195;
 bh=Zm8NK27sziqCczJrNWL+Fio7lGBYNwoZXArm0jjiAjI=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=gG+NfUP7e7xDthAkCvr1i1ocKAHk7WzzgI2A1YKWa1kKBZpWTJeOzFG+1KoL7Hb8XZo
 3+ChjEGl35NzI+37MceR7MG2SrUWkfmabpzJAaJrSQqIuOqTsR3MWZFbDFiljMfKlsuHm
 Np4PV8KVVOiJwYwwnwoDE7v+wpw/86PDQtc=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579196943100008
Content-Type: text/plain; charset="utf-8"

This introduces a callback after the time that the timer is disabled and be=
fore
the MemoryMap is finalized.

This callback is useful to make final changes to the memory map due to prot=
ocols
initiated (or not initiated) by the OS loader.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 MdePkg/Include/Protocol/ExitBootServicesCallback.h | 38 ++++++++++++++++++=
++
 MdePkg/MdePkg.dec                                  |  3 ++
 2 files changed, 41 insertions(+)

diff --git a/MdePkg/Include/Protocol/ExitBootServicesCallback.h b/MdePkg/In=
clude/Protocol/ExitBootServicesCallback.h
new file mode 100644
index 0000000000..d21d7700f7
--- /dev/null
+++ b/MdePkg/Include/Protocol/ExitBootServicesCallback.h
@@ -0,0 +1,38 @@
+/** @file
+  The file provides the protocol that allows callbacks in ExitBootServices
+  immediately before TerminateMemoryMap.
+
+  Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#ifndef EXIT_BOOT_SERVICES_CALLBACK_H_
+#define EXIT_BOOT_SERVICES_CALLBACK_H_
+
+/* This protocol is internal to EDK2 only */
+
+#define EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL_GUID   {0xf5684799,    =
                                         0x9a33,                           =
                      0x40f7,                                              =
   {0xa1, 0x5c, 0x10, 0x8e, 0x0e, 0x6b, 0x45, 0x25}}
+
+typedef struct _EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL
+    EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL;
+
+/**
+  @param This A pointer to a EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_TERMINATE_MEMORY_MAP_PREHOOK)(
+  IN  EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL  *This
+  );
+
+///
+/// The EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL allows callbacks in
+/// ExitBootServices immediately before TerminateMemoryMap.
+///
+struct _EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL {
+  EDKII_TERMINATE_MEMORY_MAP_PREHOOK  TerminateMemoryMapPrehook;
+  BOOLEAN                             Disabled;
+};
+
+extern EFI_GUID  gEdkiiExitBootServicesCallbackProtocolGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index de3c56758b..43b099b396 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -1019,6 +1019,9 @@
   gEfiPeiDelayedDispatchPpiGuid  =3D { 0x869c711d, 0x649c, 0x44fe, { 0x8b,=
 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}
=20
 [Protocols]
+  ## Include/Protocol/ExitBootServicesCallback.h
+  gEdkiiExitBootServicesCallbackProtocolGuid =3D { 0xf5684799, 0x9a33, 0x4=
0f7, {0xa1, 0x5c, 0x10, 0x8e, 0x0e, 0x6b, 0x45, 0x25 }}
+
   ## Include/Protocol/MemoryAccept.h
   gEfiMemoryAcceptProtocolGuid   =3D { 0x38c74800, 0x5590, 0x4db4, { 0xa0,=
 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}
=20
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94602): https://edk2.groups.io/g/devel/message/94602
Mute This Topic: https://groups.io/mt/94028459/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94603+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94603+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579199; cv=none;
	d=zohomail.com; s=zohoarc;
	b=CjIegt61ssKiKD8GU5PQ+F8IEptdUXZnh9vnGH6ngyNFPNy0CqgMnQcP/Nm9+s2bXO5A1xl/VLX2ESx5YvSPB87lc+SuxneGM+TB83hYt2TREuRhp32jrt+7S1avqppBQ4yd8w8XPuw9rkMMy1FCVwG+57l9aQpPsHsa3vLewvM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579199;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=a9ij//ecsAJc4yfCiQqGrnZSdW7ypA48kXoZr15ExEI=;
	b=maeLw5yOyRRE/CClmdlSFXYFl+Ojjdpb0GHThzH59mTh0bBTcaavPML+EfKKSbOqqjqzI8nDR99qJfI6cnWjbnAhQF8pBS3VNBizQBSmIocZUjexvAQD1QGdqnlow3Mqwah73GNmKCPE+s04x+BBKpiqaS5dnQb6HhbOxMq/D+E=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94603+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579199148942.0501974745058;
 Fri, 30 Sep 2022 16:06:39 -0700 (PDT)
Return-Path: <bounce+27952+94603+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id jcb3YY1788612xYAoE400p9h;
 Fri, 30 Sep 2022 16:06:37 -0700
X-Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
 by mx.groups.io with SMTP id smtpd.web12.957.1664579197146991670
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:37 -0700
X-Received: by mail-pj1-f73.google.com with SMTP id
 o11-20020a17090aac0b00b0020625062cbaso4451567pjq.2
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:37 -0700 (PDT)
X-Gm-Message-State: QzstjQ1D0DaJU9bmxYqlaJ5Yx1787277AA=
X-Google-Smtp-Source: 
 AMsMyM54cdvr7Yk0CnLuPEwOHpGwB1N4FLZuw/T1Kz/GFALMZOm3ckKEiXl2IOFaGOXfDZQe8QgEkk4H233j37OLHQ==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:90a:c986:b0:205:f08c:a82b with
 SMTP id w6-20020a17090ac98600b00205f08ca82bmr492431pjt.1.1664579195331; Fri,
 30 Sep 2022 16:06:35 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:23 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-4-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 3/7] MdeModulePkg: Invoke all
 ExitBootServicesCallback instances at ExitBootServices
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, Ard Biesheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579197;
 bh=p7jAjATyCIZMScWlgr0vc6zmVi4o/efUW4d4R2IvBXk=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=WFLJAgePVpqIDQWPTNAZat4nOKpf2XHuP5vlxaV2de1Eq5ebOeLNdFEHFi6zjlYpqtk
 h3awIpPlu1oyGl5WL2nkgWaNyTnTj3B9CwI+bC9eX64+ZYEcfU7hGdIbXFKTZ9MPtgmRm
 zDZ5Ifw+lIpIXScc4PBFCkEhdCkQe/nqHFg=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579200961100001
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

The protocol's intent is to allow drivers to install callbacks that can
modify the memory map at ExitBootServices time, so that any changes will
lead to the EFI_INVALID_PARAMETER error. This error is specified to require
the EBS caller to call GetMemoryMap again if it already had.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 MdeModulePkg/Core/Dxe/DxeMain.inf       |  1 +
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 62 ++++++++++++++++++++
 2 files changed, 63 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM=
ain.inf
index e4bca89577..bdd9cf8222 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -153,6 +153,7 @@
   gEfiHiiPackageListProtocolGuid                ## SOMETIMES_PRODUCES
   gEfiSmmBase2ProtocolGuid                      ## SOMETIMES_CONSUMES
   gEdkiiPeCoffImageEmulatorProtocolGuid         ## SOMETIMES_CONSUMES
+  gEdkiiExitBootServicesCallbackProtocolGuid    ## CONSUMES
=20
   # Arch Protocols
   gEfiBdsArchProtocolGuid                       ## CONSUMES
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx=
e/DxeMain/DxeMain.c
index 5733f0c8ec..8cf7d6bcbf 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -6,6 +6,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
=20
+#include <Protocol/ExitBootServicesCallback.h>
 #include "DxeMain.h"
=20
 //
@@ -744,6 +745,54 @@ CalculateEfiHdrCrc (
   Hdr->CRC32 =3D Crc;
 }
=20
+/**
+  Invokes TerminateMemoryMapPrehook from every instance of the
+  EdkiiExitBootServicesProtocol.
+**/
+STATIC
+EFI_STATUS
+InvokeTerminateMemoryMapPrehooks (
+  VOID
+  )
+{
+  UINTN       NoHandles;
+  UINTN       Index;
+  EFI_HANDLE  *HandleBuffer;
+  EFI_STATUS  Status;
+  EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL *Callback;
+
+  Status =3D gBS->LocateHandleBuffer (
+                  ByProtocol,
+                  &gEdkiiExitBootServicesCallbackProtocolGuid,
+                  NULL,
+                  &NoHandles,
+                  &HandleBuffer
+                  );
+  if (EFI_ERROR (Status) && NoHandles =3D=3D 0) {
+    return Status;
+  }
+
+  for (Index =3D 0; Index < NoHandles; Index++) {
+    Status =3D gBS->HandleProtocol (
+                    HandleBuffer[Index],
+                    &gEdkiiExitBootServicesCallbackProtocolGuid,
+                    (VOID **)&Callback
+                    );
+    if (EFI_ERROR (Status)) {
+      continue;
+    }
+
+    Status =3D Callback->TerminateMemoryMapPrehook(Callback);
+    if (EFI_ERROR (Status) || Status =3D=3D EFI_WARN_STALE_DATA) {
+      goto done;
+    }
+  }
+
+done:
+  FreePool(HandleBuffer);
+  return Status;
+}
+
 /**
   Terminates all boot services.
=20
@@ -768,6 +817,19 @@ CoreExitBootServices (
   //
   gTimer->SetTimerPeriod (gTimer, 0);
=20
+  //
+  // Invoke all protocols installed for ExitBootServices prior to
+  // CoreTerminateMemoryMap.
+  //
+  Status =3D InvokeTerminateMemoryMapPrehooks();
+  if (EFI_ERROR (Status)) {
+    //
+    // Notify other drivers that ExitBootServices failed
+    //
+    CoreNotifySignalList (&gEventExitBootServicesFailedGuid);
+    return Status;
+  }
+
   //
   // Terminate memory services if the MapKey matches
   //
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94603): https://edk2.groups.io/g/devel/message/94603
Mute This Topic: https://groups.io/mt/94028462/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94604+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94604+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579199; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MAQPJagzEgyWGxzzTvLqm5fm8Q9H/vSLKZf1Pn77WXyv2H9LRYNflhD9P6bj8UII/kxdVKI1l3oZfqtMr1iv0YLNaOE2ehl5GxDrm+Tn6j+5vYYNlRZF/uS/R4sbtLBlak8LmTe6oOuhw4QogF4vbiYGoh2ZzzhT2Y5Rh0dQRwg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579199;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=ytGebV+EOplV2sUAF5DkulgdnLz3hEvKMXikmN8Pm3Q=;
	b=lyVZowpVUG6cPs4YdGaCdXFLI2wzQOGY0uPjnKytdRYUrdvVKE4ykFsyXXRiGE4JR46e3VI2b2BeHEGhDhS7qpvQPFhfzfF/OR+MpgJWiSgwq4MZX1fo6KIlilU6OLW9LElCP93lCIlN66UnpCjcFLDsct+Vn25po50MJXkHxRA=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94604+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579199827439.44475285419264;
 Fri, 30 Sep 2022 16:06:39 -0700 (PDT)
Return-Path: <bounce+27952+94604+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id lyWgYY1788612xQySUgwPMMh;
 Fri, 30 Sep 2022 16:06:38 -0700
X-Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
 by mx.groups.io with SMTP id smtpd.web10.957.1664579197810957142
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:37 -0700
X-Received: by mail-pj1-f73.google.com with SMTP id
 il18-20020a17090b165200b002038e81ee7dso6482736pjb.4
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:37 -0700 (PDT)
X-Gm-Message-State: yUg6pvuHsJ7sHNMdKMdWlEGRx1787277AA=
X-Google-Smtp-Source: 
 AMsMyM4fHG5IaRysPtv4gESB/dvRLhj8ERtoDsV7gumZEviFls7JhwotQg994QolLuHe+BIqohNBuJSC2ztvCI9Ong==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:90b:3e89:b0:202:ab9f:6ee5 with
 SMTP id rj9-20020a17090b3e8900b00202ab9f6ee5mr633293pjb.112.1664579197194;
 Fri, 30 Sep 2022 16:06:37 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:24 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-5-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 4/7] OvmfPkg: Introduce CocoDxe driver
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, Ard Biesheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579198;
 bh=Ktv1H1mQvNZQs/fiq4V8VNJ08nSejfA4QAnzOM9n7t4=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=f/eAn79RzZ56TRwSguR3cjjNy3rgljg1KEhnT/PN1r0eVNDdzHDOv39edMWxioOCVdf
 fPnESMDUwzmU2JS4FIjVAL/BmmOU6YUNVdJFm59ny1Co80oy4X/dC0ZMJl6L/VgLe0MMS
 EHTs+6iNKJHLe0g5hUm4/nqS2cnOyqAHuGk=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579200991100005
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

This driver is meant as a join point for all Confidential Compute
technologies to put shared behavior that doesn't belong anywhere else.

The first behavior added here is to accept all unaccepted memory at
ExitBootServices if the protocol is not disabled. This allows safe
upgrades for OS loaders to affirm their support for the unaccepted
memory type.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 OvmfPkg/AmdSev/AmdSevX64.dsc     |   1 +
 OvmfPkg/AmdSev/AmdSevX64.fdf     |   1 +
 OvmfPkg/CocoDxe/CocoDxe.c        | 149 ++++++++++++++++++++
 OvmfPkg/CocoDxe/CocoDxe.inf      |  43 ++++++
 OvmfPkg/IntelTdx/IntelTdxX64.dsc |   1 +
 OvmfPkg/IntelTdx/IntelTdxX64.fdf |   1 +
 OvmfPkg/OvmfPkgIa32X64.dsc       |   1 +
 OvmfPkg/OvmfPkgIa32X64.fdf       |   1 +
 OvmfPkg/OvmfPkgX64.dsc           |   1 +
 OvmfPkg/OvmfPkgX64.fdf           |   1 +
 10 files changed, 200 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 90e8a213ef..ad6b73ca4a 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -747,6 +747,7 @@
     <LibraryClasses>
     PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
   }
+  OvmfPkg/CocoDxe/CocoDxe.inf
   OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
   #
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 4658e1d30e..3717ec9094 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -302,6 +302,7 @@ INF  OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
 INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
 INF  OvmfPkg/PlatformDxe/Platform.inf
 INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF  OvmfPkg/CocoDxe/CocoDxe.inf
 INF  OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
=20
diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
new file mode 100644
index 0000000000..dc37c292f4
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -0,0 +1,149 @@
+/** @file
+
+  Confidential Compute Dxe driver. This driver installs protocols that are
+  generic over confidential compute techonology.
+
+  Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/MemEncryptSevLib.h>
+#include <Library/MemEncryptTdxLib.h>
+#include <Protocol/ExitBootServicesCallback.h>
+#include <Protocol/MemoryAccept.h>
+
+STATIC EFI_HANDLE mCocoDxeHandle =3D NULL;
+
+STATIC
+EFI_STATUS
+AcceptAllUnacceptedMemory (
+  IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory
+  )
+{
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *AllDescMap;
+  UINTN                            NumEntries;
+  UINTN                            Index;
+  EFI_STATUS                       Status;
+  BOOLEAN                          AcceptedAny;
+
+  DEBUG ((DEBUG_INFO, "Accepting all memory\n"));
+  AcceptedAny =3D FALSE;
+  /*
+   * Get a copy of the memory space map to iterate over while
+   * changing the map.
+   */
+  Status =3D gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+  for (Index =3D 0; Index < NumEntries; Index++) {
+    CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *Desc;
+
+    Desc =3D &AllDescMap[Index];
+    if (Desc->GcdMemoryType !=3D EfiGcdMemoryTypeUnaccepted) {
+      continue;
+    }
+
+    Status =3D AcceptMemory->AcceptMemory (
+      AcceptMemory,
+      Desc->BaseAddress,
+      Desc->Length
+      );
+    if (EFI_ERROR(Status)) {
+      goto done;
+    }
+
+    Status =3D gDS->RemoveMemorySpace(Desc->BaseAddress, Desc->Length);
+    if (EFI_ERROR(Status)) {
+      goto done;
+    }
+
+    Status =3D gDS->AddMemorySpace (
+      EfiGcdMemoryTypeSystemMemory,
+      Desc->BaseAddress,
+      Desc->Length,
+      EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP
+      );
+    if (EFI_ERROR(Status)) {
+      goto done;
+    }
+
+    AcceptedAny =3D TRUE;
+  }
+
+  // If any memory is accepted, cause ExitBootServices to fail with
+  // EFI_INVALID_PARAMETER in order to force the caller to refresh
+  // their view of the MemoryMap.
+  if (AcceptedAny) {
+    Status =3D EFI_INVALID_PARAMETER;
+  }
+
+done:
+  gBS->FreePool (AllDescMap);
+  return Status;
+}
+
+EFI_STATUS
+EFIAPI
+ResolveUnacceptedMemory (
+  IN EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL  *This
+  )
+{
+  EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory;
+  EFI_STATUS                 Status;
+
+  if (This->Disabled) {
+    return EFI_SUCCESS;
+  }
+
+  Status =3D gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL,
+    (VOID **)&AcceptMemory);
+  if (Status =3D=3D EFI_NOT_FOUND) {
+    return EFI_SUCCESS;
+  }
+  ASSERT_EFI_ERROR (Status);
+
+  return AcceptAllUnacceptedMemory(AcceptMemory);
+}
+
+STATIC EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL mExitBootServicesCallbac=
kProcotol =3D {
+  ResolveUnacceptedMemory,
+  FALSE,
+};
+
+EFI_STATUS
+EFIAPI
+CocoDxeEntryPoint (
+  IN EFI_HANDLE        ImageHandle,
+  IN EFI_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS Status;
+
+  //
+  // Do nothing when confidential compute technologies that require memory
+  // acceptance are not enabled.
+  //
+  if (!MemEncryptSevSnpIsEnabled () &&
+      !MemEncryptTdxIsEnabled ()) {
+    return EFI_UNSUPPORTED;
+  }
+
+  Status =3D gBS->InstallProtocolInterface (&mCocoDxeHandle,
+                  &gEdkiiExitBootServicesCallbackProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  &mExitBootServicesCallbackProcotol
+                  );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Install EdkiiExitBootServicesCallbackProtocol fa=
iled.\n"));
+  }
+
+  return EFI_SUCCESS;
+}
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
new file mode 100644
index 0000000000..3ff2a6fade
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -0,0 +1,43 @@
+#/** @file
+#
+#  Driver installs shared protocols needed for confidential compute
+#  technologies.
+#
+#  Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#**/
+
+[Defines]
+  INF_VERSION                    =3D 1.25
+  BASE_NAME                      =3D CocoDxe
+  FILE_GUID                      =3D 08162f1e-5147-4d3e-b5a9-fa48c9808419
+  MODULE_TYPE                    =3D DXE_DRIVER
+  VERSION_STRING                 =3D 1.0
+  ENTRY_POINT                    =3D CocoDxeEntryPoint
+
+[Sources]
+  CocoDxe.c
+
+[Packages]
+  MdeModulePkg/MdeModulePkg.dec
+  MdePkg/MdePkg.dec
+  OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  DxeServicesTableLib
+  MemEncryptSevLib
+  MemEncryptTdxLib
+  MemoryAllocationLib
+  UefiDriverEntryPoint
+
+[Depex]
+  TRUE
+
+[Protocols]
+  gEdkiiExitBootServicesCallbackProtocolGuid
+  gEfiMemoryAcceptProtocolGuid
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6=
4.dsc
index c0c1a15b09..8136d50eb2 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -753,6 +753,7 @@
   OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
   OvmfPkg/TdxDxe/TdxDxe.inf
+  OvmfPkg/CocoDxe/CocoDxe.inf
=20
   #
   # Variable driver stack (non-SMM)
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX6=
4.fdf
index 6923eb8831..e612608c0c 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
@@ -269,6 +269,7 @@ INF  ShellPkg/Application/Shell/Shell.inf
 INF MdeModulePkg/Logo/LogoDxe.inf
=20
 INF OvmfPkg/TdxDxe/TdxDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
=20
 #
 # Usb Support
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index af566b953f..2cfb3fbc6b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -965,6 +965,7 @@
     <LibraryClasses>
     PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
   }
+  OvmfPkg/CocoDxe/CocoDxe.inf
   OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 80de4fa2c0..2ab7f3b95b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -343,6 +343,7 @@ INF  OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
 INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
 INF  OvmfPkg/PlatformDxe/Platform.inf
 INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF  OvmfPkg/CocoDxe/CocoDxe.inf
 INF  OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f39d9cd117..3ead476b61 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1036,6 +1036,7 @@
   OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
   OvmfPkg/TdxDxe/TdxDxe.inf
+  OvmfPkg/CocoDxe/CocoDxe.inf
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
   OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index c0f5a1ef3c..5dd452f42b 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -370,6 +370,7 @@ INF  OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
 INF  OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
 INF  OvmfPkg/PlatformDxe/Platform.inf
 INF  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF  OvmfPkg/CocoDxe/CocoDxe.inf
 INF  OvmfPkg/IoMmuDxe/IoMmuDxe.inf
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94604): https://edk2.groups.io/g/devel/message/94604
Mute This Topic: https://groups.io/mt/94028463/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94605+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94605+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579200; cv=none;
	d=zohomail.com; s=zohoarc;
	b=h+02rX7HNZNo9YZOuObDjXJZbcGr2ZNckPDId/6DTEl/LWv4QzNYbQ7jYfP1GF5RLlSQ+7tD6bcOBXCnloDnbfwUbJZFq37JP02EpLVu2dWmRmqSQCZhuNwSIw2w5hJRmzQkklyzZwYuYOkowDoensck4SaSBxJTB1TK9J20XRo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579200;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=EdmQgqL6P1+LxCncH8XEDvfVu9TZoo6AH0REiQN078A=;
	b=a6iTAPL3LgLeehEMNQbJjUGZKgK18BhuBT8uRpfC3G28OHvuFYIWwzOZWgk01+S78JCdK97d4LCRIRiDdTew2oztAO4C6Zn9Engbv0MRM5+w8hpOT1AENGOXMRQIK79O0zPXLtUAUxjiHGDGLhxqHTvlKi1LH109W7Cze9LwqeI=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94605+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579200495912.1273878257654;
 Fri, 30 Sep 2022 16:06:40 -0700 (PDT)
Return-Path: <bounce+27952+94605+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id cVHIYY1788612xBzGzIsLVSO;
 Fri, 30 Sep 2022 16:06:40 -0700
X-Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
 by mx.groups.io with SMTP id smtpd.web09.903.1664579199497912173
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:39 -0700
X-Received: by mail-pg1-f201.google.com with SMTP id
 126-20020a630284000000b0043942ef3ac7so3617908pgc.11
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:39 -0700 (PDT)
X-Gm-Message-State: 2TlGMzFtYTIAk8v0GvqhR9qSx1787277AA=
X-Google-Smtp-Source: 
 AMsMyM71UQMqDiB7KkkCcT+kq/JE+p5blswd47QBijS4bx1mcRUyTvbn0e/qpfyyPFdR4yxPr+twNy4TttCCwu4EzA==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:902:ce81:b0:179:f3fe:7fef with
 SMTP id f1-20020a170902ce8100b00179f3fe7fefmr11389841plg.119.1664579198981;
 Fri, 30 Sep 2022 16:06:38 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:25 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-6-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 5/7] MdePkg: Introduce the
 AcceptAllUnacceptedMemory protocol
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, Ard Biesheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579200;
 bh=TIuV1XvsJP/XGFzoFk8+mNSRr/iiqHsiPbtAnmlRXWE=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=YORX1v7TxeVyIz+3IY48R2t29j9YnRwdu/63RCjQQt2xfQWXJ+QnOuAudlL3/ivfx8+
 1Me4YQwS3vm8qsIJEgmJ3ywHoEaqkH1euR+h3enTHuH53Z60cNXkLdrcXvwSfNEqGZJh1
 tbrvYi0BuRe5zd1Uk5LNWi7pmbVXwstWxa8=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579200971100004
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

The default behavior for unaccepted memory is to accept all memory
when ExitBootServices is called. An OS loader can use this protocol to
Disable this behavior to assume responsibility for memory acceptance and
to affirm that the OS can handle the unaccepted memory type.

This is a candidate for standardization.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 MdePkg/Include/Protocol/AcceptAllUnacceptedMemory.h | 40 +++++++++++++++++=
+++
 MdePkg/MdePkg.dec                                   |  5 ++-
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Protocol/AcceptAllUnacceptedMemory.h b/MdePkg/I=
nclude/Protocol/AcceptAllUnacceptedMemory.h
new file mode 100644
index 0000000000..e50831836c
--- /dev/null
+++ b/MdePkg/Include/Protocol/AcceptAllUnacceptedMemory.h
@@ -0,0 +1,40 @@
+/** @file
+  The file provides the protocol that disables the behavior that all memory
+  gets accepted at ExitBootServices(). This protocol is only meant to be c=
alled
+  by the OS loader, and not EDK2 itself.
+
+  Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#ifndef _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+#define _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+
+#define BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL_GUID \
+  {0xc5a010fe, \
+   0x38a7, \
+   0x4531, \
+   {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
+
+typedef struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+    BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL;
+
+/**
+  @param This A pointer to a BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY)(
+  IN  BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL  *This
+  );
+
+///
+/// The BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL allows the OS loader =
to
+/// indicate to EDK2 that ExitBootServices should not accept all memory.
+///
+struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL {
+  BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY  Disable;
+};
+
+extern EFI_GUID  gBz3987AcceptAllUnacceptedMemoryProtocolGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 43b099b396..452c40683e 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -1019,8 +1019,11 @@
   gEfiPeiDelayedDispatchPpiGuid  =3D { 0x869c711d, 0x649c, 0x44fe, { 0x8b,=
 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}
=20
 [Protocols]
+  ## Include/Protocol/AcceptAllUnacceptedMemory.h
+  gBz3987AcceptAllUnacceptedMemoryProtocolGuid =3D { 0xc5a010fe, 0x38a7, 0=
x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }}
+
   ## Include/Protocol/ExitBootServicesCallback.h
-  gEdkiiExitBootServicesCallbackProtocolGuid =3D { 0xf5684799, 0x9a33, 0x4=
0f7, {0xa1, 0x5c, 0x10, 0x8e, 0x0e, 0x6b, 0x45, 0x25 }}
+  gEdkiiExitBootServicesCallbackProtocolGuid   =3D { 0xf5684799, 0x9a33, 0=
x40f7, {0xa1, 0x5c, 0x10, 0x8e, 0x0e, 0x6b, 0x45, 0x25 }}
=20
   ## Include/Protocol/MemoryAccept.h
   gEfiMemoryAcceptProtocolGuid   =3D { 0x38c74800, 0x5590, 0x4db4, { 0xa0,=
 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94605): https://edk2.groups.io/g/devel/message/94605
Mute This Topic: https://groups.io/mt/94028465/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94606+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94606+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579203; cv=none;
	d=zohomail.com; s=zohoarc;
	b=koQ4iDJtt8TmekT7P4rElSwFY3e3f0OdRdTAuCKAa69obG4w02ru/sCYKMNMIE+NERITRLK0mXj8BtBJnlFHEz9qUwkjDssMwgvpDPaznYJp3DN7GTQS8XwtCsPh5pWO7LjSbAXaZdkl+NflyzPXWFaraoD3+hJRh0YjQ1xf8Lc=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579203;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=0MK0FoxQ2fVqTGM4Yf/Tb/VL4YsPFrwYpkXZSlLhhPE=;
	b=BRfJBdlnO5m+6BswO9h7sPga+P93XsDLCEyWP+iTs1rxMQLEkvFr+IpjhwgssJBhE2gfu76UGaKNnUOvgmvSE8HNUjeh+++gvqp8FHb2SamK8GbIEGB9TMcxtWNi7WJylKHlpdRgXEgbc75e3hMiVV6MsuZwJW8AsMbOfyr0kZo=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94606+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 166457920322287.82311886375601;
 Fri, 30 Sep 2022 16:06:43 -0700 (PDT)
Return-Path: <bounce+27952+94606+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 5bEHYY1788612xOmywgoXPvz;
 Fri, 30 Sep 2022 16:06:41 -0700
X-Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
 by mx.groups.io with SMTP id smtpd.web12.958.1664579201213145167
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:41 -0700
X-Received: by mail-pj1-f73.google.com with SMTP id
 x65-20020a17090a38c700b002076bf8dc16so3330243pjb.3
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:41 -0700 (PDT)
X-Gm-Message-State: nJgE1QnasYxW14aPnVO3KTUjx1787277AA=
X-Google-Smtp-Source: 
 AMsMyM70cl6EzulJEKXqnrvJqO7I78gdXgOtdVooaA9ia8BOLJP4cwBgNEwsdXTrx1+pUDdQXHeuFCiSvb5Q5OLg0w==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:902:ce0c:b0:179:ffc1:eb1b with
 SMTP id k12-20020a170902ce0c00b00179ffc1eb1bmr10964529plg.41.1664579200678;
 Fri, 30 Sep 2022 16:06:40 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:26 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-7-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 6/7] OvmfPkg: Implement
 AcceptAllUnacceptedMemory in CocoDxe
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, Ard Biesheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579201;
 bh=bS+uwr4bgO6jt8sjaAHVCdrqo0YYGpVS5+dVikSuvsc=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=Mt4Rwxhbo65MnOcgH58EehZ8A5jgHPyRmY6JL+qX+EKCq+tXvfPEHELked60qnfVQi6
 Ux1OK2x7+Ee6/QtdadYOi3lSWq5R6xx/RXPqrqA3SVyBN7w6AQfW1cC+fFu2QHgcnrfUd
 g6N92Cvklc0df/482DCdx2qhKGP31U3L0gI=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579204964100015
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

This protocol implementation disables the accept-all-memory behavior
of the ExitBootServicesCallback instance thise driver adds.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 OvmfPkg/CocoDxe/CocoDxe.c   | 25 ++++++++++++++++++++
 OvmfPkg/CocoDxe/CocoDxe.inf |  1 +
 2 files changed, 26 insertions(+)

diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
index dc37c292f4..d7478603f7 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.c
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -16,6 +16,7 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/MemEncryptSevLib.h>
 #include <Library/MemEncryptTdxLib.h>
+#include <Protocol/AcceptAllUnacceptedMemory.h>
 #include <Protocol/ExitBootServicesCallback.h>
 #include <Protocol/MemoryAccept.h>
=20
@@ -118,6 +119,21 @@ STATIC EDKII_EXIT_BOOT_SERVICES_CALLBACK_PROTOCOL mExi=
tBootServicesCallbackProco
   FALSE,
 };
=20
+STATIC
+EFI_STATUS
+EFIAPI
+DisableAcceptAllUnacceptedMemory (
+  IN  BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL  *This
+  )
+{
+  mExitBootServicesCallbackProcotol.Disabled =3D TRUE;
+  return EFI_SUCCESS;
+}
+
+STATIC
+BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+mAcceptAllUnacceptedMemoryProtocol =3D {DisableAcceptAllUnacceptedMemory};
+
 EFI_STATUS
 EFIAPI
 CocoDxeEntryPoint (
@@ -145,5 +161,14 @@ CocoDxeEntryPoint (
     DEBUG ((DEBUG_ERROR, "Install EdkiiExitBootServicesCallbackProtocol fa=
iled.\n"));
   }
=20
+  Status =3D gBS->InstallProtocolInterface (&mCocoDxeHandle,
+                  &gBz3987AcceptAllUnacceptedMemoryProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  &mAcceptAllUnacceptedMemoryProtocol
+                  );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Install Bz3987AcceptAllUnacceptedMemoryProtocol =
failed.\n"));
+  }
+
   return EFI_SUCCESS;
 }
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
index 3ff2a6fade..96ab3e1c68 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.inf
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -39,5 +39,6 @@
   TRUE
=20
 [Protocols]
+  gBz3987AcceptAllUnacceptedMemoryProtocolGuid
   gEdkiiExitBootServicesCallbackProtocolGuid
   gEfiMemoryAcceptProtocolGuid
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94606): https://edk2.groups.io/g/devel/message/94606
Mute This Topic: https://groups.io/mt/94028466/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
From nobody Thu May  9 00:41:43 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+94607+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94607+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1664579204; cv=none;
	d=zohomail.com; s=zohoarc;
	b=MkiL+ovc1rYC36FjNtmCBAzg6yM4SXtRfAUUYZlp+6UPOp0Q/CUmdZ9OBfxNttMe6QUkKQPwAAarGXkxhrkBNJsmd/Tr/BDFsaiJH1Dcb9HJc+ffumvgY0GhXwk3amXN79UQnm7Xm5ebeepo+vqSa/tsGqfgGHCsWPO5O+YQ9u4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1664579204;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=/yJ2tRwiBZP2p1KMOR5IzkNpnpiPYmkLBmbfqPTFWok=;
	b=SOzl1NFr+IDjhHSpHaRsx5wejmduFy5VWwxBjsrsZsduroTxWY06yr0TOd2uVewR5bSQ5AmHZeLQKPtlVhs3c3PIZ9Y8ugS3bK1StQ20sPKp1SYAfkGEsxIHSdOAWneAPWCN3dTeW/TJl7dQvyx8rn3uZWVsPKuFLi1XKCfVZ/M=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+94607+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1664579204391607.9614341082616;
 Fri, 30 Sep 2022 16:06:44 -0700 (PDT)
Return-Path: <bounce+27952+94607+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id gFT4YY1788612xcLDogPaxYT;
 Fri, 30 Sep 2022 16:06:44 -0700
X-Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
 by mx.groups.io with SMTP id smtpd.web11.982.1664579203281557524
 for <devel@edk2.groups.io>;
 Fri, 30 Sep 2022 16:06:43 -0700
X-Received: by mail-pg1-f202.google.com with SMTP id
 h13-20020a63530d000000b0043087bbf72dso3612253pgb.17
        for <devel@edk2.groups.io>; Fri, 30 Sep 2022 16:06:43 -0700 (PDT)
X-Gm-Message-State: fGUdZguzW0oqTLnYDlf4KncRx1787277AA=
X-Google-Smtp-Source: 
 AMsMyM5PObs0ASEGFogu+fsaSkFUq1cvccLpTLZG1YoYUgoqsQho3hEAGIpDvHdCDF30pbcg+gs8/UKndf6AB5UPlA==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:90a:3b4d:b0:20a:6ecb:dcd1 with
 SMTP id t13-20020a17090a3b4d00b0020a6ecbdcd1mr572127pjf.141.1664579202798;
 Fri, 30 Sep 2022 16:06:42 -0700 (PDT)
Date: Fri, 30 Sep 2022 23:06:27 +0000
In-Reply-To: <20220930230627.3371754-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220930230627.3371754-1-dionnaglaze@google.com>
Message-ID: <20220930230627.3371754-8-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v5 7/7] OvmfPkg/PlatformPei: SEV-SNP make >=4GB
 unaccepted
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Ard Biescheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Tom Lendacky <Thomas.Lendacky@amd.com>,
	Jiewen Yao <jiewen.yao@intel.com>, Erdem Aktas <erdemaktas@google.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1664579204;
 bh=loUvle5vmkU8J37puG1RbbXq/+WpwKxgrmlXZoOrTSM=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=Azy7GJiuPxbSp6cGq7a/7O7a2w6U5MO8H8plm1ggV2ZX/0zAiDA0s2FSQQQiPw5dadC
 c6c7/gfJLUNAMrM9ZRykZwnlRhL8ZsZTAc+y3ZEMqiuf35eYo0s8ofKK1rqitfmwEX5h5
 SzWowfAIsFdWfxTCCFKNDukZ6v5WOBDFonM=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1664579204976100016
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and
indicate that it can interpret the memory type accordingly.

This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.

Cc: Ard Biescheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 385562b44c..2a52d6f491 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,7 @@
 #include <Library/MemEncryptSevLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/PcdLib.h>
+#include <Pi/PrePiHob.h>
 #include <PiPei.h>
 #include <Register/Amd/Msr.h>
 #include <Register/Intel/SmramSaveStateMap.h>
@@ -63,6 +64,10 @@ AmdSevSnpInitialize (
   for (Hob.Raw =3D GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_=
NEXT_HOB (Hob)) {
     if ((Hob.Raw !=3D NULL) && (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_RES=
OURCE_DESCRIPTOR)) {
       ResourceHob =3D Hob.ResourceDescriptor;
+      if (ResourceHob->PhysicalStart >=3D SIZE_4GB) {
+        ResourceHob->ResourceType =3D EFI_RESOURCE_MEMORY_UNACCEPTED;
+        continue;
+      }
=20
       if (ResourceHob->ResourceType =3D=3D EFI_RESOURCE_SYSTEM_MEMORY) {
         MemEncryptSevSnpPreValidateSystemRam (
--=20
2.38.0.rc1.362.ged0d419d3c-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94607): https://edk2.groups.io/g/devel/message/94607
Mute This Topic: https://groups.io/mt/94028467/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-