[edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

Dionna Glaze via groups.io posted 3 patches 5 days, 5 hours ago
Failed in applying to current master (apply log)
There is a newer version of this series
MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
MdeModulePkg/Core/Dxe/Mem/Page.c              | 122 ++++++++++++++++++
MdeModulePkg/MdeModulePkg.dec                 |   9 ++
MdeModulePkg/MdeModulePkg.uni                 |   6 +
OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
.../Ia32/MemEncryptSevLib.c                   |  17 +++
.../X64/DxeSnpSystemRamValidate.c             |  35 +++++
.../X64/PeiSnpSystemRamValidate.c             |  17 +++
.../X64/SecSnpSystemRamValidate.c             |  18 +++
OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
OvmfPkg/OvmfPkgX64.dsc                        |   2 +
OvmfPkg/OvmfXen.dsc                           |   2 +
20 files changed, 334 insertions(+), 1 deletion(-)
[edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior
Posted by Dionna Glaze via groups.io 5 days, 5 hours ago
These three patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

For unaccepted memory to be enabled, we must know that the booted image
supports the unaccepted memory type. We add a trivial protocol that sets
a dynamic Pcd to true when called in order for the booted image to
signal its support for unaccepted memory. This does not need to be an
OsIndications bit because it does not need to be persisted.

We use the Pcd to disable a new ExitBootServices notification that
accepts all unaccepted memory, removes the unaccepted memory entries in
the memory space map, and then add the same memory ranges back as
conventional memory.

All images that support unaccepted memory must now locate and call this
new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

Cc: Ard Biescheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>

Dionna Glaze (3):
  OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
  DxeMain accepts all memory at EBS if needed
  MdeModulePkg: add EnableUnacceptedMemoryProtocol

 MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
 MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
 MdeModulePkg/Core/Dxe/Mem/Page.c              | 122 ++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                 |   9 ++
 MdeModulePkg/MdeModulePkg.uni                 |   6 +
 OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
 OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
 OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
 OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
 OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
 .../Ia32/MemEncryptSevLib.c                   |  17 +++
 .../X64/DxeSnpSystemRamValidate.c             |  35 +++++
 .../X64/PeiSnpSystemRamValidate.c             |  17 +++
 .../X64/SecSnpSystemRamValidate.c             |  18 +++
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
 OvmfPkg/OvmfPkgX64.dsc                        |   2 +
 OvmfPkg/OvmfXen.dsc                           |   2 +
 20 files changed, 334 insertions(+), 1 deletion(-)

-- 
2.37.3.998.g577e59143f-goog



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94134): https://edk2.groups.io/g/devel/message/94134
Mute This Topic: https://groups.io/mt/93857638/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior
Posted by Lendacky, Thomas via groups.io 4 days, 9 hours ago
On 9/22/22 15:50, Dionna Glaze wrote:
> These three patches build on the lazy-accept patch series
> 
> "Introduce Lazy-accept for Tdx guest"
> 
> by adding SEV-SNP support for the MemoryAccept protocol, and
> importantly making eager memory acceptance the default behavior.
> 
> For unaccepted memory to be enabled, we must know that the booted image
> supports the unaccepted memory type. We add a trivial protocol that sets
> a dynamic Pcd to true when called in order for the booted image to
> signal its support for unaccepted memory. This does not need to be an
> OsIndications bit because it does not need to be persisted.
> 
> We use the Pcd to disable a new ExitBootServices notification that
> accepts all unaccepted memory, removes the unaccepted memory entries in
> the memory space map, and then add the same memory ranges back as
> conventional memory.
> 
> All images that support unaccepted memory must now locate and call this
> new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

This seems to be missing the creation of unaccepted memory under SEV-SNP. 
Is that going to be part of a separate patch (to update 
PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)?

Thanks,
Tom

> 
> Cc: Ard Biescheuvel <ardb@kernel.org>
> Cc: "Min M. Xu" <min.m.xu@intel.org>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> 
> Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
> 
> Dionna Glaze (3):
>    OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
>    DxeMain accepts all memory at EBS if needed
>    MdeModulePkg: add EnableUnacceptedMemoryProtocol
> 
>   MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
>   MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
>   MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
>   MdeModulePkg/Core/Dxe/Mem/Page.c              | 122 ++++++++++++++++++
>   MdeModulePkg/MdeModulePkg.dec                 |   9 ++
>   MdeModulePkg/MdeModulePkg.uni                 |   6 +
>   OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
>   OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
>   OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
>   OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
>   OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
>   OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
>   OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
>   .../Ia32/MemEncryptSevLib.c                   |  17 +++
>   .../X64/DxeSnpSystemRamValidate.c             |  35 +++++
>   .../X64/PeiSnpSystemRamValidate.c             |  17 +++
>   .../X64/SecSnpSystemRamValidate.c             |  18 +++
>   OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
>   OvmfPkg/OvmfPkgX64.dsc                        |   2 +
>   OvmfPkg/OvmfXen.dsc                           |   2 +
>   20 files changed, 334 insertions(+), 1 deletion(-)
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94243): https://edk2.groups.io/g/devel/message/94243
Mute This Topic: https://groups.io/mt/93857638/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior
Posted by Dionna Glaze via groups.io 4 days, 6 hours ago
Ah yes, I did forget to include that patch. Will add to v2. I was just
setting the ResourceType to unaccepted and skipping the Prevalidate call in
PlatformPei if the start address is greater or equal to SIZE_4GB. That
seemed more self-contained than messing with PlatformInitLib. Would you
prefer that I add SevSnp logic to PlatformInitLib?

On Fri, Sep 23, 2022 at 10:19 AM Tom Lendacky <thomas.lendacky@amd.com>
wrote:

> On 9/22/22 15:50, Dionna Glaze wrote:
> > These three patches build on the lazy-accept patch series
> >
> > "Introduce Lazy-accept for Tdx guest"
> >
> > by adding SEV-SNP support for the MemoryAccept protocol, and
> > importantly making eager memory acceptance the default behavior.
> >
> > For unaccepted memory to be enabled, we must know that the booted image
> > supports the unaccepted memory type. We add a trivial protocol that sets
> > a dynamic Pcd to true when called in order for the booted image to
> > signal its support for unaccepted memory. This does not need to be an
> > OsIndications bit because it does not need to be persisted.
> >
> > We use the Pcd to disable a new ExitBootServices notification that
> > accepts all unaccepted memory, removes the unaccepted memory entries in
> > the memory space map, and then add the same memory ranges back as
> > conventional memory.
> >
> > All images that support unaccepted memory must now locate and call this
> > new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.
>
> This seems to be missing the creation of unaccepted memory under SEV-SNP.
> Is that going to be part of a separate patch (to update
> PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)?
>
> Thanks,
> Tom
>
> >
> > Cc: Ard Biescheuvel <ardb@kernel.org>
> > Cc: "Min M. Xu" <min.m.xu@intel.org>
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Erdem Aktas <erdemaktas@google.com>
> >
> > Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
> >
> > Dionna Glaze (3):
> >    OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
> >    DxeMain accepts all memory at EBS if needed
> >    MdeModulePkg: add EnableUnacceptedMemoryProtocol
> >
> >   MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
> >   MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
> >   MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
> >   MdeModulePkg/Core/Dxe/Mem/Page.c              | 122 ++++++++++++++++++
> >   MdeModulePkg/MdeModulePkg.dec                 |   9 ++
> >   MdeModulePkg/MdeModulePkg.uni                 |   6 +
> >   OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
> >   OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
> >   OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
> >   OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
> >   OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
> >   OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
> >   OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
> >   .../Ia32/MemEncryptSevLib.c                   |  17 +++
> >   .../X64/DxeSnpSystemRamValidate.c             |  35 +++++
> >   .../X64/PeiSnpSystemRamValidate.c             |  17 +++
> >   .../X64/SecSnpSystemRamValidate.c             |  18 +++
> >   OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
> >   OvmfPkg/OvmfPkgX64.dsc                        |   2 +
> >   OvmfPkg/OvmfXen.dsc                           |   2 +
> >   20 files changed, 334 insertions(+), 1 deletion(-)
> >
>


-- 
-Dionna Glaze, PhD (she/her)


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94248): https://edk2.groups.io/g/devel/message/94248
Mute This Topic: https://groups.io/mt/93857638/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-


Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior
Posted by Lendacky, Thomas via groups.io 4 days, 6 hours ago
On 9/23/22 14:34, Dionna Amalie Glaze wrote:
> Ah yes, I did forget to include that patch. Will add to v2. I was just 
> setting the ResourceType to unaccepted and skipping the Prevalidate call 
> in PlatformPei if the start address is greater or equal to SIZE_4GB. That 
> seemed more self-contained than messing with PlatformInitLib. Would you 
> prefer that I add SevSnp logic to PlatformInitLib?

No, if it works and is easier / more concise, then please keep it the way 
you have it.

Thanks,
Tom

> 
> On Fri, Sep 23, 2022 at 10:19 AM Tom Lendacky <thomas.lendacky@amd.com 
> <mailto:thomas.lendacky@amd.com>> wrote:
> 
>     On 9/22/22 15:50, Dionna Glaze wrote:
>      > These three patches build on the lazy-accept patch series
>      >
>      > "Introduce Lazy-accept for Tdx guest"
>      >
>      > by adding SEV-SNP support for the MemoryAccept protocol, and
>      > importantly making eager memory acceptance the default behavior.
>      >
>      > For unaccepted memory to be enabled, we must know that the booted image
>      > supports the unaccepted memory type. We add a trivial protocol that
>     sets
>      > a dynamic Pcd to true when called in order for the booted image to
>      > signal its support for unaccepted memory. This does not need to be an
>      > OsIndications bit because it does not need to be persisted.
>      >
>      > We use the Pcd to disable a new ExitBootServices notification that
>      > accepts all unaccepted memory, removes the unaccepted memory entries in
>      > the memory space map, and then add the same memory ranges back as
>      > conventional memory.
>      >
>      > All images that support unaccepted memory must now locate and call this
>      > new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.
> 
>     This seems to be missing the creation of unaccepted memory under SEV-SNP.
>     Is that going to be part of a separate patch (to update
>     PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as
>     unaccepted)?
> 
>     Thanks,
>     Tom
> 
>      >
>      > Cc: Ard Biescheuvel <ardb@kernel.org <mailto:ardb@kernel.org>>
>      > Cc: "Min M. Xu" <min.m.xu@intel.org <mailto:min.m.xu@intel.org>>
>      > Cc: Gerd Hoffmann <kraxel@redhat.com <mailto:kraxel@redhat.com>>
>      > Cc: James Bottomley <jejb@linux.ibm.com <mailto:jejb@linux.ibm.com>>
>      > Cc: Tom Lendacky <Thomas.Lendacky@amd.com
>     <mailto:Thomas.Lendacky@amd.com>>
>      > Cc: Jiewen Yao <jiewen.yao@intel.com <mailto:jiewen.yao@intel.com>>
>      > Cc: Erdem Aktas <erdemaktas@google.com <mailto:erdemaktas@google.com>>
>      >
>      > Signed-off-by: Dionna Glaze <dionnaglaze@google.com
>     <mailto:dionnaglaze@google.com>>
>      >
>      > Dionna Glaze (3):
>      >    OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
>      >    DxeMain accepts all memory at EBS if needed
>      >    MdeModulePkg: add EnableUnacceptedMemoryProtocol
>      >
>      >   MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
>      >   MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
>      >   MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
>      >   MdeModulePkg/Core/Dxe/Mem/Page.c              | 122
>     ++++++++++++++++++
>      >   MdeModulePkg/MdeModulePkg.dec                 |   9 ++
>      >   MdeModulePkg/MdeModulePkg.uni                 |   6 +
>      >   OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
>      >   OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
>      >   OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
>      >   OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
>      >   OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
>      >   OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
>      >   OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
>      >   .../Ia32/MemEncryptSevLib.c                   |  17 +++
>      >   .../X64/DxeSnpSystemRamValidate.c             |  35 +++++
>      >   .../X64/PeiSnpSystemRamValidate.c             |  17 +++
>      >   .../X64/SecSnpSystemRamValidate.c             |  18 +++
>      >   OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
>      >   OvmfPkg/OvmfPkgX64.dsc                        |   2 +
>      >   OvmfPkg/OvmfXen.dsc                           |   2 +
>      >   20 files changed, 334 insertions(+), 1 deletion(-)
>      >
> 
> 
> 
> -- 
> -Dionna Glaze, PhD (she/her)


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94249): https://edk2.groups.io/g/devel/message/94249
Mute This Topic: https://groups.io/mt/93857638/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior
Posted by Gerd Hoffmann 1 day, 16 hours ago
On Fri, Sep 23, 2022 at 02:42:57PM -0500, Tom Lendacky wrote:
> On 9/23/22 14:34, Dionna Amalie Glaze wrote:
> > Ah yes, I did forget to include that patch. Will add to v2. I was just
> > setting the ResourceType to unaccepted and skipping the Prevalidate call
> > in PlatformPei if the start address is greater or equal to SIZE_4GB.
> > That seemed more self-contained than messing with PlatformInitLib. Would
> > you prefer that I add SevSnp logic to PlatformInitLib?
> 
> No, if it works and is easier / more concise, then please keep it the way
> you have it.

Well, moving over the SEV code over to PlatformInitLib makes sense.

That should allow the AmdSev use pei-less boot, simliar to IntelTdx,
and further down the road allow unify AmdSev + IntelTdx variants into
a single firmware binary supporting both SevSnp and Tdx.

I don't think that should be part of the "unaccepted memory" patch
series though.

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94341): https://edk2.groups.io/g/devel/message/94341
Mute This Topic: https://groups.io/mt/93857638/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-