From nobody Wed Apr 24 20:58:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94137+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94137+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1663879888; cv=none; d=zohomail.com; s=zohoarc; b=Z7AEIhlywyaANiEle3WYJGS+jTYFqFEtAqQAohfKlbyUKYHNj0tupXK5bTxmHuiOnmeLbFEfgJALaVhcfQO/RkYhmCpwLy+oY+C+Itdi8bJZWQ3LyE5GUMgoxumdzFAok17hNCGs5QP7s9ZdN7G36Nhc1gCTznEOj9VR+LN6j0g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663879888; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=FX828bhC05HXCCOlfQAZilzKP7IGDoFVy+13WruCxKg=; b=U9OeIEqg610A4Wypq5mkQDzNlTmzxc43P6kSW0jVIBXFDe5NohX/yMFYuQ2fE48YOSLMS0anr5EwIKE7eJtFgNZ9/rDB0mEm9xnEL8zyoZ9lOjNqSSoSETACJjV6+cQPPg4gISPRuWe5GvfM3Z/nWjPvDfMQlXbqE+AQIBZah3Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94137+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663879888407470.4945065342806; Thu, 22 Sep 2022 13:51:28 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id IuuvYY1788612xwNipCEHdBA; Thu, 22 Sep 2022 13:51:27 -0700 X-Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) by mx.groups.io with SMTP id smtpd.web08.455.1663879886163120483 for ; Thu, 22 Sep 2022 13:51:26 -0700 X-Received: by mail-pg1-f202.google.com with SMTP id r126-20020a632b84000000b004393806c06eso5888542pgr.4 for ; Thu, 22 Sep 2022 13:51:26 -0700 (PDT) X-Gm-Message-State: ZXhz5YhPJD7bNjZH6JipQ4Vbx1787277AA= X-Google-Smtp-Source: AMsMyM4LuP1qKdYT9ThJ03mXwlLrnx5srtjp34UreNoWKFHgdRUiUN9eaEBqxsPrhmhDc/ZRsrJuWZKz3tpLS0n3TA== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90b:10a:b0:200:2849:235f with SMTP id p10-20020a17090b010a00b002002849235fmr385468pjz.1.1663879884138; Thu, 22 Sep 2022 13:51:24 -0700 (PDT) Date: Thu, 22 Sep 2022 20:50:51 +0000 In-Reply-To: <20220922205052.1198237-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20220922205052.1198237-1-dionnaglaze@google.com> Message-ID: <20220922205052.1198237-3-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH 2/3] DxeMain accepts all memory at EBS if needed From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663879887; bh=DCw6/rWZSwyYrFY0KwM8C8yYk3pfWoOCFkl5DiX0kis=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=bR3dPOnNM7Oi1SpdQqCqrnIynyYrFANEVAD5F5xcVMTFOvkAOHyBZi9FfkO+oiUG+8C MvWyCS/ztqpL4Wu/8bLYyJSjsVKT8fqNMv6N2pkDh04QOinx5GfRdvozjxFB22+Ds+xoc eqVfi0/gT33F9cEwrAgf7aFxuA05340GmI0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663879889805100007 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With the addition of the EfiUnacceptedMemory memory type, it is possible the EFI-enlightened guests do not themselves support the new memory type. This commit adds a dynamic Pcd that can be set to enable unaccepted memory support before ExitBootServices is called. The expected usage is to set the new Pcd with a protocol that is usable by bootloaders and directly-booted OSes when they can determine that the OS does indeed support unaccepted memory. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Signed-off-by: Dionna Glaze --- MdeModulePkg/Core/Dxe/DxeMain.h | 10 +++ MdeModulePkg/Core/Dxe/DxeMain.inf | 2 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 14 +++- MdeModulePkg/Core/Dxe/Mem/Page.c | 87 +++++++++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 6 ++ MdeModulePkg/MdeModulePkg.uni | 6 ++ OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/Bhyve/BhyveX64.dsc | 2 + OvmfPkg/CloudHv/CloudHvX64.dsc | 2 + OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 + OvmfPkg/OvmfPkgX64.dsc | 2 + OvmfPkg/OvmfXen.dsc | 2 + 13 files changed, 137 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMai= n.h index 815a6b4bd8..ac943c87a3 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -2698,6 +2698,16 @@ CoreInitializeMemoryProtection ( VOID ); =20 +/** + Accept and convert unaccepted memory to conventional memory if unaccept= ed + memory is not enabled and there is an implementation of MemoryAcceptPro= tocol + installed. + **/ +EFI_STATUS +CoreResolveUnacceptedMemory ( + VOID + ); + /** Install MemoryAttributesTable on memory allocation. =20 diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index e4bca89577..deb8bb2ba8 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -153,6 +153,7 @@ gEfiHiiPackageListProtocolGuid ## SOMETIMES_PRODUCES gEfiSmmBase2ProtocolGuid ## SOMETIMES_CONSUMES gEdkiiPeCoffImageEmulatorProtocolGuid ## SOMETIMES_CONSUMES + gEfiMemoryAcceptProtocolGuid ## SOMETIMES_CONSUMES =20 # Arch Protocols gEfiBdsArchProtocolGuid ## CONSUMES @@ -186,6 +187,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard = ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth = ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory = ## CONSUMES =20 # [Hob] # RESOURCE_DESCRIPTOR ## CONSUMES diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 5733f0c8ec..8d1de32fe7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -768,13 +768,25 @@ CoreExitBootServices ( // gTimer->SetTimerPeriod (gTimer, 0); =20 + // + // Accept all memory if unaccepted memory isn't enabled. + // + Status =3D CoreResolveUnacceptedMemory(); + if (EFI_ERROR (Status)) { + // + // Notify other drivers that ExitBootServices failed + // + CoreNotifySignalList (&gEventExitBootServicesFailedGuid); + return Status; + } + // // Terminate memory services if the MapKey matches // Status =3D CoreTerminateMemoryMap (MapKey); if (EFI_ERROR (Status)) { // - // Notify other drivers that ExitBootServices fail + // Notify other drivers that ExitBootServices failed // CoreNotifySignalList (&gEventExitBootServicesFailedGuid); return Status; diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/P= age.c index ffe79dcca9..cbebe62a28 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "DxeMain.h" #include "Imem.h" #include "HeapGuard.h" +#include +#include =20 // // Entry for tracking the memory regions for each memory type to coalesce = similar memory types @@ -2118,6 +2120,91 @@ CoreFreePoolPages ( CoreConvertPages (Memory, NumberOfPages, EfiConventionalMemory); } =20 +EFI_EVENT gExitBootServiceEvent =3D NULL; + +STATIC +EFI_STATUS +AcceptAllUnacceptedMemory ( + IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory + ) +{ + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + EFI_STATUS Status; + + /* + * Get a copy of the memory space map to iterate over while + * changing the map. + */ + Status =3D CoreGetMemorySpaceMap (&NumEntries, &AllDescMap); + if (EFI_ERROR (Status)) { + return Status; + } + for (Index =3D 0; Index < NumEntries; Index++) { + CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc; + + Desc =3D &AllDescMap[Index]; + if (Desc->GcdMemoryType !=3D EfiGcdMemoryTypeUnaccepted) { + continue; + } + + Status =3D AcceptMemory->AcceptMemory ( + AcceptMemory, + Desc->BaseAddress, + Desc->Length + ); + if (EFI_ERROR(Status)) { + goto done; + } + + Status =3D CoreRemoveMemorySpace(Desc->BaseAddress, Desc->Length); + if (EFI_ERROR(Status)) { + goto done; + } + + Status =3D CoreAddMemorySpace ( + EfiGcdMemoryTypeSystemMemory, + Desc->BaseAddress, + Desc->Length, + EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP + ); + if (EFI_ERROR(Status)) { + goto done; + } + } + +done: + FreePool (AllDescMap); + return Status; +} + +EFI_STATUS +CoreResolveUnacceptedMemory ( + VOID + ) +{ + EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory; + EFI_STATUS Status; + + // No need to accept anything. Unaccepted memory is enabled. + if (PcdGetBool(PcdEnableUnacceptedMemory)) { + return EFI_SUCCESS; + } + + Status =3D gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL, + (VOID **)&AcceptMemory); + if (Status =3D=3D EFI_NOT_FOUND) { + return EFI_SUCCESS; + } + if (Status !=3D EFI_SUCCESS) { + DEBUG ((DEBUG_ERROR, "Error locating MemoryAcceptProtocol: %d\n", Stat= us)); + return Status; + } + + return AcceptAllUnacceptedMemory(AcceptMemory); +} + /** Make sure the memory map is following all the construction rules, it is the last time to check memory map error before exit boot services. diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 58e6ab0048..dd07b3725a 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -2102,6 +2102,12 @@ # @Prompt The shared bit mask when Intel Tdx is enabled. gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025 =20 + ## Indicates if the memory map may include unaccepted memory after ExitB= ootServices().

+ # TRUE - The memory map may include unaccepted memory after ExitBootS= ervices().
+ # FALSE - The memory map may not include unaccepted memory after ExitB= ootServices().
+ # @Prompt Support unaccepted memory type. + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE|BOOLEAN|0= x10000026 + [PcdsPatchableInModule] ## Specify memory size with page number for PEI code when # Loading Module at Fixed Address feature is enabled. diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index 33ce9f6198..fde57da123 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -1338,3 +1338,9 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPcieResizableBarSupport_HELP= #language en-US "Indicates if the PCIe Resizable BAR Capability Supported.=

\n" = "TRUE - PCIe Resizable BAR Capability is supported.
\= n" = "FALSE - PCIe Resizable BAR Capability is not supported.<= BR>" + +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_PROMP= T #language en-US "Support unaccepted memory type" +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_HELP = #language en-US "Indicates if the memory map may include unaccepted memory " + = "after ExitBootServices().

\n" + = "TRUE - The memory map may include unaccepted memory after= ExitBootServices().
\n" + = "FALSE - The memory map may not include unaccepted memory a= fter ExitBootServices().
\n" diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 90e8a213ef..23086748c5 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -526,6 +526,7 @@ =20 # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE =20 !include OvmfPkg/OvmfTpmPcds.dsc.inc =20 diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc index 475b88b21a..004be8b019 100644 --- a/OvmfPkg/Bhyve/BhyveX64.dsc +++ b/OvmfPkg/Bhyve/BhyveX64.dsc @@ -559,6 +559,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 # MdeModulePkg resolution sets up the system display resolution diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 10b16104ac..41f43a2631 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -618,6 +618,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index c0c1a15b09..55b6a2a845 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -514,6 +514,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index af566b953f..aebe1c3192 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -655,6 +655,8 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f39d9cd117..6e4418388e 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -679,6 +679,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 58a7c97cdd..0f57e22a2b 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -505,6 +505,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 =20 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 =20 ##########################################################################= ###### --=20 2.37.3.998.g577e59143f-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94137): https://edk2.groups.io/g/devel/message/94137 Mute This Topic: https://groups.io/mt/93857645/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-