From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94764+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94764+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002021; cv=none; d=zohomail.com; s=zohoarc; b=WKmmxm3MBORxDqLSK4qc17GfhOAhCHKue+pPZCKiwMzfuYmmPdAX/+Iju95fnrpIdX/XdvkngZe9EeTfOOVk2E58qRWBEgZnvcS+RwtmATvgwoGfF+m9/ss+mcsSb0vnrqhq+oyIj6q2wmcU7sOXAC3REizE+aL9erSLYvHQ2s4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002021; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=CIi0NkqR24WCyLbyFGomr7Ehbgbtt0slVde07OIG7o0=; b=Slt4BjcIq3P+NGcqaDiHHDm6icEXidtkhdQkG10OmZuDYbo1CtZSdwk8NCLRNZ+MncmydeBDpJV7PC52XOBlbc91Nyav+XbzS1kbZ2qWA9x8moaO+CiawrJVFKIRYuUZD4ym/AloEhzEnNCNcx62XgLU6qHw44TCBzFy2tTfcOE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94764+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 166500202160236.14245481292289; Wed, 5 Oct 2022 13:33:41 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id vOUFYY1788612xuWRtXtOegH; Wed, 05 Oct 2022 13:33:41 -0700 X-Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) by mx.groups.io with SMTP id smtpd.web10.439.1665002020401493103 for ; Wed, 05 Oct 2022 13:33:40 -0700 X-Received: by mail-pg1-f201.google.com with SMTP id j12-20020a63594c000000b004468ff8fc78so7653862pgm.10 for ; Wed, 05 Oct 2022 13:33:40 -0700 (PDT) X-Gm-Message-State: 6KaBOPBg3ZimySjosf1ZBs2ax1787277AA= X-Google-Smtp-Source: AMsMyM4/xl6jkDE2ma4BOFi+i7Y+AVSsm1fBdU9Vw7cKfp81CIIyKCXizxyZ0bqu+ZkvDujy7Ht5KwDVbMt+49qUCQ== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:903:1cb:b0:178:4689:8f8b with SMTP id e11-20020a17090301cb00b0017846898f8bmr1301621plh.44.1665002019751; Wed, 05 Oct 2022 13:33:39 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:23 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-2-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 1/7] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002021; bh=CWoZvmEfA6M8Qi1EburMO0dQ3Brs9LCfrIp2CuQOLX8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=oW/FMQrUrbu7ey1Vn6gtdN33gQUVPtgdoR6wFwjval9n8h/IttoJjc466tKQkIEFsnR rZ/ph7qdZV2ruB0gaaR8nueUo+lhUS6Zd/pSlx7aJ5sbuc5h4Hhw5xWhIcSRHUFYlrt/5 dfOMUZ8OXyBn/Jb4jF96wRoZKceACORoAD0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002023811100006 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sophia Wolf When a guest OS does not support unaccepted memory, the unaccepted memory must be accepted before returning a memory map to the caller. EfiMemoryAcceptProtocol is defined in MdePkg and is implemented / Installed in AmdSevDxe for AMD SEV-SNP memory acceptance. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Signed-off-by: Dionna Glaze Reviewed-by: Tom Lendacky --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++= ++++++++++++++++-- OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++= +++++-- 3 files changed, 74 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 662d3c4ccb..5f68a56315 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -20,6 +20,7 @@ #include #include #include +#include =20 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable =3D { SIGNATURE_32 ('A', 'M', 'D', 'E'), @@ -31,6 +32,40 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBoo= tDxeTable =3D { FixedPcdGet32 (PcdOvmfCpuidSize), }; =20 +STATIC EFI_HANDLE mAmdSevDxeHandle =3D NULL; + +#define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) =3D=3D 0)) + +STATIC +EFI_STATUS +EFIAPI +AmdSevMemoryAccept ( + IN EFI_MEMORY_ACCEPT_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS StartAddress, + IN UINTN Size +) +{ + // + // The StartAddress must be page-aligned, and the Size must be a positive + // multiple of SIZE_4KB. Use an assert instead of returning an erros sin= ce + // this is an EDK2-internal protocol. + // + ASSERT (IS_ALIGNED (StartAddress, SIZE_4KB)); + ASSERT (IS_ALIGNED (Size, SIZE_4KB)); + ASSERT (Size !=3D 0); + + MemEncryptSevSnpPreValidateSystemRam ( + StartAddress, + EFI_SIZE_TO_PAGES (Size) + ); + + return EFI_SUCCESS; +} + +STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol =3D { + AmdSevMemoryAccept +}; + EFI_STATUS EFIAPI AmdSevDxeEntryPoint ( @@ -147,11 +182,23 @@ AmdSevDxeEntryPoint ( } } =20 - // - // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_S= EV_SNP_BLOB. - // It contains the location for both the Secrets and CPUID page. - // if (MemEncryptSevSnpIsEnabled ()) { + // + // Memory acceptance began being required in SEV-SNP, so install the + // memory accept protocol implementation for a SEV-SNP active guest. + // + Status =3D gBS->InstallProtocolInterface ( + &mAmdSevDxeHandle, + &gEfiMemoryAcceptProtocolGuid, + EFI_NATIVE_INTERFACE, + &mMemoryAcceptProtocol + ); + ASSERT_EFI_ERROR (Status); + + // + // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING= _SEV_SNP_BLOB. + // It contains the location for both the Secrets and CPUID page. + // return gBS->InstallConfigurationTable ( &gConfidentialComputingSevSnpBlobGuid, &mSnpBootDxeTable diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.= inf index 9acf860cf2..5ddddabc32 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf @@ -47,6 +47,9 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize =20 +[Protocols] + gEfiMemoryAcceptProtocolGuid + [Guids] gConfidentialComputingSevSnpBlobGuid =20 diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c index d3a95e4913..ee3710f7b3 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c @@ -14,6 +14,7 @@ #include =20 #include "SnpPageStateChange.h" +#include "VirtualMemory.h" =20 /** Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. @@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam ( IN UINTN NumPages ) { + EFI_STATUS Status; + if (!MemEncryptSevSnpIsEnabled ()) { return; } =20 - // - // All the pre-validation must be completed in the PEI phase. - // - ASSERT (FALSE); + // DXE pre-validation may happen with the memory accept protocol. + // The protocol should only be called outside the prevalidated ranges + // that the PEI stage code explicitly skips. Specifically, only memory + // ranges that are classified as unaccepted. + if (BaseAddress >=3D SIZE_4GB) { + Status =3D InternalMemEncryptSevCreateIdentityMap1G ( + 0, + BaseAddress, + EFI_PAGES_TO_SIZE (NumPages) + ); + if (EFI_ERROR (Status)) { + ASSERT (FALSE); + CpuDeadLoop (); + } + } + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); } --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94764): https://edk2.groups.io/g/devel/message/94764 Mute This Topic: https://groups.io/mt/94144525/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94765+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94765+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002023; cv=none; d=zohomail.com; s=zohoarc; b=IXoGbfwx0Mt0zc8wBqrvmDkPFOMAtThPS8gSq2/w53hBFBqGdIBKSQW/IHHOfP2tg+HOkSts5hd6nvT0LqCcyh4ZGH3n10/h/esLPXfgL/OKN+6r440w+V28tzSmiic0X6DCFtn6ciBQypa5my5CRfXH3clh8MFWXwuqZV4GM8A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002023; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=i6dygsEgYW/flTtbsXx/G8a3Tn6enyFckjqzoz0yLqg=; b=mzTKmX4K1ndyJgZB1W/b8hWeehxn64TauM0VxF9rUWhOddedbwmCzyQpX3cNHz3/cd+JS0KxvDuOfoqiCvmoLpgky5t2TJgBLYeWQ50extlUTWQcs4MZwP0WQxFe3mRh99ncP7iM1NKpuTe6rgrHVfGmf16ipDLKeOLow1YM80A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94765+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002023606148.20023777498147; Wed, 5 Oct 2022 13:33:43 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Q0GuYY1788612x77rP5MpcUm; Wed, 05 Oct 2022 13:33:43 -0700 X-Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) by mx.groups.io with SMTP id smtpd.web08.426.1665002022563696061 for ; Wed, 05 Oct 2022 13:33:42 -0700 X-Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-3521c1a01b5so178838187b3.23 for ; Wed, 05 Oct 2022 13:33:42 -0700 (PDT) X-Gm-Message-State: wTHU0qGaTrg6BTZwOUehOultx1787277AA= X-Google-Smtp-Source: AMsMyM4ur3Xhm2NvpkXmY30K9BpLQ5A1Bx8RPEP2b8nf1Lmtu98OSOp7UnOSogQUADOf46fCSXyjejEIjGxNKjZ3kw== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a25:3c03:0:b0:6bd:7113:8dd7 with SMTP id j3-20020a253c03000000b006bd71138dd7mr1618260yba.263.1665002021770; Wed, 05 Oct 2022 13:33:41 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:24 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-3-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 2/7] MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002023; bh=xSeRo1SexxC8BxvuQ5fkloVJ8XDJdXc1wSUNA7Hc9VI=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=vdy1zdt2M+/2c0HX1k0Z0XFr8kVKDnDfEKKsEoROqgp3FFJ4xDWNIfyHY+g5yNqo0z2 l3iCQbjsgTLLgI11zh6P0l5QFj1fytIptBM/tR/jYzBiur3Y9ELjiyrgrNN0asLXqzyDi VZlnoWd6C9M41TRx/JqVIpRS0j8zXc0VHpc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002025724100009 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Event group as defined in UEFI standard v2.9. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Signed-off-by: Dionna Glaze Reviewed-by: Ard Biesheuvel Reviewed-by: Liming Gao --- MdePkg/Include/Guid/EventGroup.h | 5 +++++ MdePkg/MdePkg.dec | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Guid/EventGroup.h b/MdePkg/Include/Guid/EventGr= oup.h index 063d1f7157..64bfd4bab9 100644 --- a/MdePkg/Include/Guid/EventGroup.h +++ b/MdePkg/Include/Guid/EventGroup.h @@ -14,6 +14,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =20 extern EFI_GUID gEfiEventExitBootServicesGuid; =20 +#define EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES \ + { 0x8be0e274, 0x3970, 0x4b44, { 0x80, 0xc5, 0x1a, 0xb9, 0x50, 0x2f, 0x3b= , 0xfc } } + +extern EFI_GUID gEfiEventBeforeExitBootServicesGuid; + #define EFI_EVENT_GROUP_VIRTUAL_ADDRESS_CHANGE \ { 0x13fa7698, 0xc831, 0x49c7, { 0x87, 0xea, 0x8f, 0x43, 0xfc, 0xc2, 0x51= , 0x96 } } =20 diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index de3c56758b..32c3501e66 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -408,7 +408,10 @@ gEfiEventMemoryMapChangeGuid =3D { 0x78BEE926, 0x692F, 0x48FD, { 0x9E,= 0xDB, 0x01, 0x42, 0x2E, 0xF0, 0xD7, 0xAB }} =20 ## Include/Guid/EventGroup.h - gEfiEventVirtualAddressChangeGuid =3D { 0x13FA7698, 0xC831, 0x49C7, { 0x= 87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }} + gEfiEventVirtualAddressChangeGuid =3D { 0x13FA7698, 0xC831, 0x49C7, { = 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }} + + ## Include/Guid/EventGroup.h + gEfiEventBeforeExitBootServicesGuid =3D { 0x8BE0E274, 0x3970, 0x4B44, { = 0x80, 0xC5, 0x1A, 0xB9, 0x50, 0x2F, 0x3B, 0xFC }} =20 ## Include/Guid/EventGroup.h gEfiEventExitBootServicesGuid =3D { 0x27ABF055, 0xB1B8, 0x4C26, { 0x80,= 0x48, 0x74, 0x8F, 0x37, 0xBA, 0xA2, 0xDF }} --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94765): https://edk2.groups.io/g/devel/message/94765 Mute This Topic: https://groups.io/mt/94144526/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94766+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94766+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002025; cv=none; d=zohomail.com; s=zohoarc; b=bn1yqPrsr+2PQP18YTRUzemC+WpVysAvioF4dTlmfiiB0ovNaNWHYg5IMlVD+njJjNEL/pNFyot254LQrH5SfvXrp15787LGDLRlA0ogR+hxw2lYzcsGKqaBzaDUcLdkZbssWtaITYdj30UoCBh7jvPrIwThp/5VP/SbP1QuX1M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002025; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=VlyXUxbWhyAp4KZLMz+QywqALPLDbBePAJtYf/09IVA=; b=bOiohgA1IstGIA89Z8NFp6U5d3YyyA3l2LGULVB3mvEVyN+qXpeZYAnq59X8nMYCbWY/sbINnzy0UBTuFgKpXwcYTwnKz9kdquf9XAH0c6i+ofSXhtofj72hIT3m9LJvVFIi5CKtoj9AbjNtBkOM6PZ6/OQV+XTXTTpCIZZ3v2w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94766+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002025605630.7494922165232; Wed, 5 Oct 2022 13:33:45 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ULGMYY1788612xiIJzaddK12; Wed, 05 Oct 2022 13:33:45 -0700 X-Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by mx.groups.io with SMTP id smtpd.web09.468.1665002024464927323 for ; Wed, 05 Oct 2022 13:33:44 -0700 X-Received: by mail-pj1-f74.google.com with SMTP id w9-20020a17090a780900b002093deb1701so1427598pjk.0 for ; Wed, 05 Oct 2022 13:33:44 -0700 (PDT) X-Gm-Message-State: 7IEoPslBjJYqkLAn9hpMATcjx1787277AA= X-Google-Smtp-Source: AMsMyM48ft7S89lV8d9P2vGOOGIbavsUOzxr/YyPdbZpMZVXv5V0uf0DzGOgZnegh1udTyE1nvuPT3PV6UxR3d62Dg== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:902:b18e:b0:178:3484:f45e with SMTP id s14-20020a170902b18e00b001783484f45emr1228254plr.166.1665002023881; Wed, 05 Oct 2022 13:33:43 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:25 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-4-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" , Ray Ni Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002025; bh=TecusaY2AwvUuxUMZJNwC/uZ4xmvtYTIshn7t3lIDoI=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=SLDIh2qVlCXWh6jniZIA67aueCE1UWqtefGCRZ68I7e1b9dmreia+A4yyQ0z/nGMwcT G6VUkvoQvhn1Mbisr6ojCD+jRl+6Xk1jGbPm1LaLpuUPMoSOI67yxhVdcCgBzi4Zs4Xd7 R3sgVLgwnaK/I4Rvb4aTp/vnjFqPAJw+nhI= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002027753100014 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Location of notification is has been specified in UEFI v2.9. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Cc: Ray Ni Signed-off-by: Dionna Glaze Reviewed-by: Ard Biesheuvel Reviewed-by: Liming Gao --- MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index e4bca89577..35d5bf0dee 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -100,6 +100,7 @@ gEfiEventVirtualAddressChangeGuid ## CONSUMES ##= Event ## CONSUMES ## Event ## PRODUCES ## Event + gEfiEventBeforeExitBootServicesGuid gEfiEventExitBootServicesGuid gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ##= HOB gEfiFirmwareFileSystem2Guid ## CONSUMES ##= GUID # Used to compare with FV's file system guid and get the FV's file sy= stem format diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 5733f0c8ec..4683016ed7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -763,6 +763,12 @@ CoreExitBootServices ( { EFI_STATUS Status; =20 + // + // Notify other drivers of their last chance to use boot services + // before the memory map is terminated. + // + CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid); + // // Disable Timer // --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94766): https://edk2.groups.io/g/devel/message/94766 Mute This Topic: https://groups.io/mt/94144530/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94767+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94767+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002027; cv=none; d=zohomail.com; s=zohoarc; b=ThzwEduYsu6tI4nvRSNd3FfmfPw6066FfAhw9RWoTpyRaqvA1paSwwBdJwJ6/pNSg7V2Lbvpjt7FFc3SBDmbH7iqCTC4wf/sl7sA6PXZaiQDlFmCCGDQVR2HID+jQ4n7LShyXUi6c/+6tnilU1MC2e4UCYs1CJbdhMaQdvtfD3M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002027; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=9Q6hXzzPJxNqMpxnbHrySIBjjvbDra3aDAVJEhPx28k=; b=RWqYmcJUzfveyLxJbhXN7NfWqrDniyI//WHbHp4/b2kvHY4oXN5o948KJH8v9klhdw6rdCWJa9mqkHCIalJIevwXOqkgARBLXDhzr+I2OwqXBwgSuGwgBmpamC0Sjg0O4XN0vvUD+BJvw9b5VrxpjhClb/vQ9MwldEiyViXL8D8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94767+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002027636408.180505088464; Wed, 5 Oct 2022 13:33:47 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id wYI2YY1788612xS1V7ZzA80I; Wed, 05 Oct 2022 13:33:47 -0700 X-Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by mx.groups.io with SMTP id smtpd.web08.428.1665002026684814369 for ; Wed, 05 Oct 2022 13:33:46 -0700 X-Received: by mail-pf1-f202.google.com with SMTP id cq15-20020a056a00330f00b005438e527f24so11443248pfb.23 for ; Wed, 05 Oct 2022 13:33:46 -0700 (PDT) X-Gm-Message-State: OT9zzkNCSgIVQtMPbrSTEyywx1787277AA= X-Google-Smtp-Source: AMsMyM5niaxZ9r2GvyM0ZiaoiGEwkSr4nREYDmZe9wd9E9F8RQC+PN6lNuUGPrMcxe32tm1Jwt+ucI2MM7gprcP1yw== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90a:cd06:b0:203:ae0e:6a21 with SMTP id d6-20020a17090acd0600b00203ae0e6a21mr99696pju.0.1665002025607; Wed, 05 Oct 2022 13:33:45 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:26 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-5-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 4/7] OvmfPkg: Introduce CocoDxe driver From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002027; bh=DRrafAznmpc7R1d1/rbY9jKth7vvrjI00jDOtPrygbk=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=FpUy1x2J8BqfpYz5zSw4YBXIiIjTD0f5N3qC6qErCaOZA7AnaDrea9aTkLrBcLSrlTZ CTSkK3KfaILW1gNWoLvb2GXmloDEMIrikOdCCqH7aNPJLlpkffneZHSdQ6MwqaZIF0ln2 JFMqQSLp7XaZb3xV3OqkISxQlB9G80Yya+E= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002029792100017 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This driver is meant as a join point for all Confidential Compute technologies to put shared behavior that doesn't belong anywhere else. The first behavior added here is to accept all unaccepted memory at ExitBootServices if the behavior is not disabled. This allows safe upgrades for OS loaders to affirm their support for the unaccepted memory type. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/CocoDxe/CocoDxe.c | 140 ++++++++++++++++++++ OvmfPkg/CocoDxe/CocoDxe.inf | 45 +++++++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/OvmfPkgX64.fdf | 1 + 10 files changed, 193 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 90e8a213ef..ad6b73ca4a 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -747,6 +747,7 @@ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf } + OvmfPkg/CocoDxe/CocoDxe.inf OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 4658e1d30e..3717ec9094 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -302,6 +302,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 =20 diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c new file mode 100644 index 0000000000..ae64fbf28e --- /dev/null +++ b/OvmfPkg/CocoDxe/CocoDxe.c @@ -0,0 +1,140 @@ +/** @file + + Confidential Compute Dxe driver. This driver installs protocols that are + generic over confidential compute techonology. + + Copyright (c) 2022, Google LLC. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +STATIC BOOLEAN mAcceptAllUnacceptedMemoryEnabled =3D TRUE; + +STATIC EFI_EVENT mAcceptAllUnacceptedMemoryEvent =3D NULL; + +STATIC +EFI_STATUS +AcceptAllUnacceptedMemory ( + IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory + ) +{ + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + EFI_STATUS Status; + + DEBUG ((DEBUG_INFO, "Accepting all memory\n")); + /* + * Get a copy of the memory space map to iterate over while + * changing the map. + */ + Status =3D gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap); + if (EFI_ERROR (Status)) { + return Status; + } + for (Index =3D 0; Index < NumEntries; Index++) { + CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc; + + Desc =3D &AllDescMap[Index]; + if (Desc->GcdMemoryType !=3D EfiGcdMemoryTypeUnaccepted) { + continue; + } + + Status =3D AcceptMemory->AcceptMemory ( + AcceptMemory, + Desc->BaseAddress, + Desc->Length + ); + if (EFI_ERROR (Status)) { + break; + } + + Status =3D gDS->RemoveMemorySpace(Desc->BaseAddress, Desc->Length); + if (EFI_ERROR (Status)) { + break; + } + + Status =3D gDS->AddMemorySpace ( + EfiGcdMemoryTypeSystemMemory, + Desc->BaseAddress, + Desc->Length, + EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP + ); + if (EFI_ERROR (Status)) { + break; + } + } + + gBS->FreePool (AllDescMap); + return Status; +} + +VOID +EFIAPI +ResolveUnacceptedMemory ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory; + EFI_STATUS Status; + + if (!mAcceptAllUnacceptedMemoryEnabled) { + return; + } + + Status =3D gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL, + (VOID **)&AcceptMemory); + if (Status =3D=3D EFI_NOT_FOUND) { + return; + } + ASSERT_EFI_ERROR (Status); + + Status =3D AcceptAllUnacceptedMemory(AcceptMemory); + ASSERT_EFI_ERROR (Status); +} + +EFI_STATUS +EFIAPI +CocoDxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + // + // Do nothing when confidential compute technologies that require memory + // acceptance are not enabled. + // + if (!MemEncryptSevSnpIsEnabled () && + !MemEncryptTdxIsEnabled ()) { + return EFI_UNSUPPORTED; + } + + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_CALLBACK, + ResolveUnacceptedMemory, + NULL, + &gEfiEventBeforeExitBootServicesGuid, + &mAcceptAllUnacceptedMemoryEvent + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for Eve= ntBeforeExitBootServices failed.\n")); + } + + return EFI_SUCCESS; +} diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf new file mode 100644 index 0000000000..3bbb5fc9cc --- /dev/null +++ b/OvmfPkg/CocoDxe/CocoDxe.inf @@ -0,0 +1,45 @@ +#/** @file +# +# Driver installs shared protocols needed for confidential compute +# technologies. +# +# Copyright (c) 2022, Google LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +#**/ + +[Defines] + INF_VERSION =3D 1.25 + BASE_NAME =3D CocoDxe + FILE_GUID =3D 08162f1e-5147-4d3e-b5a9-fa48c9808419 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D CocoDxeEntryPoint + +[Sources] + CocoDxe.c + +[Packages] + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + DxeServicesTableLib + MemEncryptSevLib + MemEncryptTdxLib + MemoryAllocationLib + UefiDriverEntryPoint + +[Depex] + TRUE + +[Guids] + gEfiEventBeforeExitBootServicesGuid + +[Protocols] + gEfiMemoryAcceptProtocolGuid diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index c0c1a15b09..8136d50eb2 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -753,6 +753,7 @@ OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 OvmfPkg/TdxDxe/TdxDxe.inf + OvmfPkg/CocoDxe/CocoDxe.inf =20 # # Variable driver stack (non-SMM) diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX6= 4.fdf index 6923eb8831..e612608c0c 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf +++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf @@ -269,6 +269,7 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf =20 INF OvmfPkg/TdxDxe/TdxDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf =20 # # Usb Support diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index af566b953f..2cfb3fbc6b 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -965,6 +965,7 @@ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf } + OvmfPkg/CocoDxe/CocoDxe.inf OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 80de4fa2c0..2ab7f3b95b 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -343,6 +343,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f39d9cd117..3ead476b61 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -1036,6 +1036,7 @@ OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 OvmfPkg/TdxDxe/TdxDxe.inf + OvmfPkg/CocoDxe/CocoDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE OvmfPkg/SmmAccess/SmmAccess2Dxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index c0f5a1ef3c..5dd452f42b 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -370,6 +370,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94767): https://edk2.groups.io/g/devel/message/94767 Mute This Topic: https://groups.io/mt/94144531/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94768+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94768+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002029; cv=none; d=zohomail.com; s=zohoarc; b=Ihxw2fbODt1mzpobsuZwswpV7lDQdZyIsspqMIC/pZ2j1R+LXCpy9S0vGGTyF+sz2nculRCQsHByE7Z+EzqvkzF2x22ymS2+Nt7VabOdXXcLp9Es9dS1zW3BkPbExRzsNQv92OSsmpiZWfhkimNCoCJ/gpuoJKnx8sTtN4+ZCrI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002029; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=6q/MdEVc62W7Y0IknDWOrl5AiO10jXH1GQisKz9msgY=; b=ZNwlKcT5zOjGJeSbOoEFnoLB+Y0WZJ9DHj1V4jsKmGyZFxKaEt7ZZgJcYBfFgJ6H2g188hPZHD4zATBkprjUW/mvBFAFSWQMw1IRyQHMJyWWOF5gSNe3iP813VDAfuzD5+bdhiEWbIJUeFCmY5XuA54cL8mJDq7luF5T6a4G8yc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94768+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002029659653.873994987692; Wed, 5 Oct 2022 13:33:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id pUMcYY1788612xWYV1sk6556; Wed, 05 Oct 2022 13:33:49 -0700 X-Received: from mail-oa1-f73.google.com (mail-oa1-f73.google.com [209.85.160.73]) by mx.groups.io with SMTP id smtpd.web12.443.1665002028695765467 for ; Wed, 05 Oct 2022 13:33:48 -0700 X-Received: by mail-oa1-f73.google.com with SMTP id 586e51a60fabf-132693a4072so5999221fac.4 for ; Wed, 05 Oct 2022 13:33:48 -0700 (PDT) X-Gm-Message-State: XFhNuFdkxmnnsICgXP2nk1ifx1787277AA= X-Google-Smtp-Source: AMsMyM7PvxRynJgqJ2M+zOa0pkVj0E3Vo1N37vo+RB7LL6H/xEEedpyLmr8f215ZYYKYADpPDwqxSIQB8A5i5Uzt5A== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a05:6870:34d:b0:127:cb87:a169 with SMTP id n13-20020a056870034d00b00127cb87a169mr713168oaf.87.1665002027978; Wed, 05 Oct 2022 13:33:47 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:27 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-6-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 5/7] MdePkg: Introduce the AcceptAllUnacceptedMemory protocol From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002029; bh=j6UOV08kCRp8XjEIBoxsijnAew36fhDeRUO0LzbRHB8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=J0AbDn4orhlO87hobyNdZvb6B5FmhwVsMIzkDrA5MrmTVMk2nR/+NSZR+zOUt/Vi84E L7DZAVq2u6Fhv4LkkCKaPQBQW2OZU3ZnJ7WkX6WdP2eLIL5Tsmf9tyOPSxjGpPcPPd7AU rStG4x4IfInnrOmT3h+d+ZwI5j967kfl49A= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002031763100021 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The default behavior for unaccepted memory is to accept all memory when ExitBootServices is called. An OS loader can use this protocol to Disable this behavior to assume responsibility for memory acceptance and to affirm that the OS can handle the unaccepted memory type. This is a candidate for standardization. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 +++++++++++= +++++++++ MdePkg/MdePkg.dec | 3 ++ 2 files changed, 43 insertions(+) diff --git a/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h b/Md= ePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h new file mode 100644 index 0000000000..e50831836c --- /dev/null +++ b/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h @@ -0,0 +1,40 @@ +/** @file + The file provides the protocol that disables the behavior that all memory + gets accepted at ExitBootServices(). This protocol is only meant to be c= alled + by the OS loader, and not EDK2 itself. + + Copyright (c) 2022, Google LLC. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent +**/ +#ifndef _ACCEPT_ALL_UNACCEPTED_MEMORY_H_ +#define _ACCEPT_ALL_UNACCEPTED_MEMORY_H_ + +#define BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL_GUID \ + {0xc5a010fe, \ + 0x38a7, \ + 0x4531, \ + {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}} + +typedef struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL + BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL; + +/** + @param This A pointer to a BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL. +**/ +typedef +EFI_STATUS +(EFIAPI *BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY)( + IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This + ); + +/// +/// The BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL allows the OS loader = to +/// indicate to EDK2 that ExitBootServices should not accept all memory. +/// +struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL { + BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY Disable; +}; + +extern EFI_GUID gBz3987AcceptAllUnacceptedMemoryProtocolGuid; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 32c3501e66..a453b67b7e 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -1022,6 +1022,9 @@ gEfiPeiDelayedDispatchPpiGuid =3D { 0x869c711d, 0x649c, 0x44fe, { 0x8b,= 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }} =20 [Protocols] + ## Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h + gBz3987AcceptAllUnacceptedMemoryProtocolGuid =3D { 0xc5a010fe, 0x38a7, 0= x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }} + ## Include/Protocol/MemoryAccept.h gEfiMemoryAcceptProtocolGuid =3D { 0x38c74800, 0x5590, 0x4db4, { 0xa0,= 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }} =20 --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94768): https://edk2.groups.io/g/devel/message/94768 Mute This Topic: https://groups.io/mt/94144534/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94769+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94769+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002031; cv=none; d=zohomail.com; s=zohoarc; b=f32t8xGIA04GEAnxMVgOD9bDZbQ7E6pS0AeCOAPz5OQVMnzbybygAqBDmqde5bYuPCJEnC9X4Q7eiPIjXqB7xl3woL4cU0/FbaWxaKmRFhQl6hPZ1SUs6XX4U8YBGqN3+uWRERH7RdE1sKK66z2+rJNsS9N26AsKikZg7jLwIQU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002031; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=/uoMHoIrpp3tzO2rZrUwXd7EPFJfov7Q4utRbSYBbK0=; b=Ju89qBGclOGKSaBsEaGOO+UtJSgdRo2mob+fZZjCbZJ/cNi36cR8BqHxgfIs/tsCCjrjRrX6GXAY91j8nl5UtkEdMbCJh3HnL37+4MgFHNSW5M6NlLqVdhRV1F9uAihxjH+sTA9ldyZzx1G6A+Lkc2mUa4thIBrGQnfWUw39bzY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94769+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002031487197.6109794069671; Wed, 5 Oct 2022 13:33:51 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id AktBYY1788612x7snbh5BgXm; Wed, 05 Oct 2022 13:33:51 -0700 X-Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by mx.groups.io with SMTP id smtpd.web08.432.1665002030429227143 for ; Wed, 05 Oct 2022 13:33:50 -0700 X-Received: by mail-pf1-f202.google.com with SMTP id j25-20020aa78d19000000b00561f966ae13so2301126pfe.14 for ; Wed, 05 Oct 2022 13:33:50 -0700 (PDT) X-Gm-Message-State: ggeaAcXU5pDoSkyjPNKLC5PSx1787277AA= X-Google-Smtp-Source: AMsMyM4Z5Zu9AxPax9MCMXM/cxWGgemNCKoPLDXj2SQgh14tubUeNqWWPXe0kwi+5cFxiLJZRzuC31W0Tbx8tbtOsg== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90b:1242:b0:20a:f75c:de7 with SMTP id gx2-20020a17090b124200b0020af75c0de7mr2945010pjb.70.1665002029745; Wed, 05 Oct 2022 13:33:49 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:28 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-7-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 6/7] OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002031; bh=En7mYZf6C125VZE0wYaDUIvj9rrhuZ94nqDz+JtHsxY=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=VyoiZj9kkzMmYiyvP6mE5ci+HMehrTi96KQv1daXqxI7FqTcEhYQ5/uyKMOFeNktI6l F7R/0pcQroWRw1C4vbgZNClcI9xV/A/ZDOBrgPwJTaEhGcKEKsE/7gfzPdI1ZIPve0nHm alVvMB4rUDGu+GBIixaiFISXmrF4XgFpOCQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002031795100024 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This protocol implementation disables the accept-all-memory behavior of the BeforeExitBootServices event this driver adds. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- OvmfPkg/CocoDxe/CocoDxe.c | 25 ++++++++++++++++++++ OvmfPkg/CocoDxe/CocoDxe.inf | 1 + 2 files changed, 26 insertions(+) diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c index ae64fbf28e..a7c54b36a3 100644 --- a/OvmfPkg/CocoDxe/CocoDxe.c +++ b/OvmfPkg/CocoDxe/CocoDxe.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include =20 @@ -105,6 +106,21 @@ ResolveUnacceptedMemory ( ASSERT_EFI_ERROR (Status); } =20 +STATIC +EFI_STATUS +EFIAPI +DisableAcceptAllUnacceptedMemory ( + IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This + ) +{ + mAcceptAllUnacceptedMemoryEnabled =3D FALSE; + return EFI_SUCCESS; +} + +STATIC +BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL +mAcceptAllUnacceptedMemoryProtocol =3D {DisableAcceptAllUnacceptedMemory}; + EFI_STATUS EFIAPI CocoDxeEntryPoint ( @@ -136,5 +152,14 @@ CocoDxeEntryPoint ( DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for Eve= ntBeforeExitBootServices failed.\n")); } =20 + Status =3D gBS->InstallProtocolInterface (&mCocoDxeHandle, + &gBz3987AcceptAllUnacceptedMemoryProtocolGuid, + EFI_NATIVE_INTERFACE, + &mAcceptAllUnacceptedMemoryProtocol + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Install Bz3987AcceptAllUnacceptedMemoryProtocol = failed.\n")); + } + return EFI_SUCCESS; } diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf index 3bbb5fc9cc..e24188147a 100644 --- a/OvmfPkg/CocoDxe/CocoDxe.inf +++ b/OvmfPkg/CocoDxe/CocoDxe.inf @@ -42,4 +42,5 @@ gEfiEventBeforeExitBootServicesGuid =20 [Protocols] + gBz3987AcceptAllUnacceptedMemoryProtocolGuid gEfiMemoryAcceptProtocolGuid --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94769): https://edk2.groups.io/g/devel/message/94769 Mute This Topic: https://groups.io/mt/94144537/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 9 07:25:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94770+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94770+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1665002033; cv=none; d=zohomail.com; s=zohoarc; b=D3ZfS1IWD0wF8iQg55Ccg3pTTQl6Sa8UccvI6Ryg73IhskFPVKov3r40VGL7i25nfFXdhfJiSOn07jYvbX7WNWYLdUXMGPlLLrc5P0htEFzNc1wN5nTiWOO1HJ99MTYPhKTYxTUvyT/et8j2/m/Zk0aNSHtSVcxE8Eqv2s4wwrs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1665002033; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=pzJMlDzUuH13oXouN03qaGU67EvPwjh6OkUP7erjknM=; b=k/qnX+xhNilKM+F6ezByvTeAaVIMhuKBlNMe5rvoutAvbpp5Lf++0Z22K4NzOs0ofmptkRrdn3scgXOVYzNPFlBWmpUhCsJNTxyA8AjdLWYkD0/SgavZ6wl1vAri8IHXx30AKV8lHObjfGLrMQe+OLWEVd9/YeyVL3QpmDZOh+Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94770+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1665002033477112.68054521086094; Wed, 5 Oct 2022 13:33:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id JVkkYY1788612xW5ipJzk4Vw; Wed, 05 Oct 2022 13:33:53 -0700 X-Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by mx.groups.io with SMTP id smtpd.web08.434.1665002032509529097 for ; Wed, 05 Oct 2022 13:33:52 -0700 X-Received: by mail-pf1-f202.google.com with SMTP id ay1-20020a056a00300100b0053e7e97696bso3186pfb.3 for ; Wed, 05 Oct 2022 13:33:52 -0700 (PDT) X-Gm-Message-State: gqTR3JCE6W5145QFk0uAmH1Jx1787277AA= X-Google-Smtp-Source: AMsMyM4BoUlasRAvgjMBvOchmbjTbALtR7fFGCk2w8btYYBwkvioZmi5SNJuvfeqjSZBJJJBZL+2sC6/oKrM1NiWuQ== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90a:cd06:b0:203:ae0e:6a21 with SMTP id d6-20020a17090acd0600b00203ae0e6a21mr99721pju.0.1665002031454; Wed, 05 Oct 2022 13:33:51 -0700 (PDT) Date: Wed, 5 Oct 2022 20:33:29 +0000 In-Reply-To: <20221005203329.469866-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> Message-ID: <20221005203329.469866-8-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v7 7/7] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1665002033; bh=aCGJndzLwRfuaqOILyWAtFSiRd+E/Sl5vo3J4zgN59E=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=t9ymXZ2481MmdL/ucfzXheYx/e45kcdv1nkd2UFU1BiMkSAdFYGGc1F25Rn6A50sGGv ZSU9PrGQVMm5YXPfBDsMvRTUmdZFWbJ6oc1Cz4a38Hhqxevv9pycs7cmsBqumAamjQUq5 VXNL/OVBzgqE6l+vO7o7a+TwhBh0vGHusJI= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1665002033965100002 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of eagerly accepting all memory in PEI, only accept memory under the 4GB address. This allows a loaded image to use the ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and indicate that it can interpret the memory type accordingly. This classification is safe since ExitBootServices will accept and reclassify the memory as conventional if the disable protocol is not used. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Signed-off-by: Dionna Glaze Reviewed-by: Tom Lendacky --- OvmfPkg/PlatformPei/AmdSev.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 385562b44c..2a52d6f491 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -63,6 +64,10 @@ AmdSevSnpInitialize ( for (Hob.Raw =3D GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_= NEXT_HOB (Hob)) { if ((Hob.Raw !=3D NULL) && (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_RES= OURCE_DESCRIPTOR)) { ResourceHob =3D Hob.ResourceDescriptor; + if (ResourceHob->PhysicalStart >=3D SIZE_4GB) { + ResourceHob->ResourceType =3D EFI_RESOURCE_MEMORY_UNACCEPTED; + continue; + } =20 if (ResourceHob->ResourceType =3D=3D EFI_RESOURCE_SYSTEM_MEMORY) { MemEncryptSevSnpPreValidateSystemRam ( --=20 2.38.0.rc1.362.ged0d419d3c-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94770): https://edk2.groups.io/g/devel/message/94770 Mute This Topic: https://groups.io/mt/94144539/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-