From: Sophia Wolf <phiawolf@google.com>
When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.
EfiMemoryAcceptProtocol is defined in MdePkg and is implementated /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Sophia Wolf <phiawolf@google.com>
---
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 34 ++++++++++++++++++
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++++++++
.../Ia32/MemEncryptSevLib.c | 17 +++++++++
.../X64/DxeSnpSystemRamValidate.c | 35 +++++++++++++++++++
.../X64/PeiSnpSystemRamValidate.c | 17 +++++++++
.../X64/SecSnpSystemRamValidate.c | 18 ++++++++++
7 files changed, 138 insertions(+)
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..6e3a1fc7d7 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
#include <Library/UefiBootServicesTableLib.h>
#include <Guid/ConfidentialComputingSevSnpBlob.h>
#include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>
STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
SIGNATURE_32 ('A', 'M', 'D', 'E'),
@@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
FixedPcdGet32 (PcdOvmfCpuidSize),
};
+STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+ IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+ IN EFI_PHYSICAL_ADDRESS StartAddress,
+ IN UINTN Size
+)
+{
+ MemEncryptSnpAcceptPages (
+ StartAddress,
+ EFI_SIZE_TO_PAGES (Size)
+ );
+
+ return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
+ AmdSevMemoryAccept
+};
+
EFI_STATUS
EFIAPI
AmdSevDxeEntryPoint (
@@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
}
}
+ Status = gBS->InstallProtocolInterface (
+ &mAmdSevDxeHandle,
+ &gEfiMemoryAcceptProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mMemoryAcceptProtocol
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
+ }
+
//
// If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
// It contains the location for both the Secrets and CPUID page.
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
+[Protocols]
+ gEfiMemoryAcceptProtocolGuid
+
[Guids]
gConfidentialComputingSevSnpBlobGuid
diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 4fa9c0d700..05ec10471d 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -228,4 +228,18 @@ MemEncryptSevSnpPreValidateSystemRam (
IN UINTN NumPages
);
+/**
+ Accept pages system RAM when SEV-SNP is enabled in the guest VM.
+
+ @param[in] BaseAddress Base address
+ @param[in] NumPages Number of pages starting from the base address
+
+**/
+VOID
+EFIAPI
+MemEncryptSnpAcceptPages (
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINTN NumPages
+ );
+
#endif // _MEM_ENCRYPT_SEV_LIB_H_
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
index f92299fc77..f0747d792e 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
@@ -153,3 +153,20 @@ MemEncryptSevSnpPreValidateSystemRam (
{
ASSERT (FALSE);
}
+
+/**
+ Accept pages system RAM when SEV-SNP is enabled in the guest VM.
+
+ @param[in] BaseAddress Base address
+ @param[in] NumPages Number of pages starting from the base address
+
+**/
+VOID
+EFIAPI
+MemEncryptSnpAcceptPages (
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINTN NumPages
+ )
+{
+ ASSERT (FALSE);
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index d3a95e4913..7693e0ca66 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
#include <Library/MemEncryptSevLib.h>
#include "SnpPageStateChange.h"
+#include "VirtualMemory.h"
/**
Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -38,3 +39,37 @@ MemEncryptSevSnpPreValidateSystemRam (
//
ASSERT (FALSE);
}
+
+/**
+ Accept pages system RAM when SEV-SNP is enabled in the guest VM.
+
+ @param[in] BaseAddress Base address
+ @param[in] NumPages Number of pages starting from the base address
+
+**/
+VOID
+EFIAPI
+MemEncryptSnpAcceptPages (
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINTN NumPages
+ )
+{
+ EFI_STATUS Status;
+
+ if (!MemEncryptSevSnpIsEnabled ()) {
+ return;
+ }
+ if (BaseAddress >= SIZE_4GB) {
+ Status = InternalMemEncryptSevCreateIdentityMap1G (
+ 0,
+ BaseAddress,
+ EFI_PAGES_TO_SIZE (NumPages)
+ );
+ if (EFI_ERROR (Status)) {
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+ }
+ }
+
+ InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
index 4970165444..1c52bfe691 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
@@ -126,3 +126,20 @@ MemEncryptSevSnpPreValidateSystemRam (
BaseAddress = EndAddress;
}
}
+
+/**
+ Accept pages system RAM when SEV-SNP is enabled in the guest VM.
+
+ @param[in] BaseAddress Base address
+ @param[in] NumPages Number of pages starting from the base address
+
+**/
+VOID
+EFIAPI
+MemEncryptSnpAcceptPages (
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINTN NumPages
+ )
+{
+ ASSERT (FALSE);
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
index 7797febb8a..edfebf6ef4 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
@@ -10,6 +10,7 @@
#include <Uefi/UefiBaseType.h>
#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
#include "SnpPageStateChange.h"
@@ -80,3 +81,20 @@ MemEncryptSevSnpPreValidateSystemRam (
InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
}
+
+/**
+ Accept pages system RAM when SEV-SNP is enabled in the guest VM.
+
+ @param[in] BaseAddress Base address
+ @param[in] NumPages Number of pages starting from the base address
+
+**/
+VOID
+EFIAPI
+MemEncryptSnpAcceptPages (
+ IN PHYSICAL_ADDRESS BaseAddress,
+ IN UINTN NumPages
+ )
+{
+ ASSERT(FALSE);
+}
--
2.37.3.998.g577e59143f-goog
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94251): https://edk2.groups.io/g/devel/message/94251
Mute This Topic: https://groups.io/mt/93879404/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-On 9/23/22 15:34, Dionna Glaze wrote:
> From: Sophia Wolf <phiawolf@google.com>
>
> When a guest OS does not support unaccepted memory, the unaccepted
> memory must be accepted before returning a memory map to the caller.
>
> EfiMemoryAcceptProtocol is defined in MdePkg and is implementated /
> Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.
>
Shouldn't this have a v2 in the subject (same goes for patch 2/4)?
I didn't see an answer as to why you couldn't use the
MemEncryptSevSnpPreValidateSystemRam() function in
OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c to
accomplish this without introducing a whole new interface to the
MemEncryptSevLib library.
Also, to better see the paths in the diffstat, I recommend using:
--diff-options "--stat=1000 --stat-graph-width=20"
Thanks,
Tom
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>
> Signed-off-by: Sophia Wolf <phiawolf@google.com>
> ---
> OvmfPkg/AmdSevDxe/AmdSevDxe.c | 34 ++++++++++++++++++
> OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
> OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++++++++
> .../Ia32/MemEncryptSevLib.c | 17 +++++++++
> .../X64/DxeSnpSystemRamValidate.c | 35 +++++++++++++++++++
> .../X64/PeiSnpSystemRamValidate.c | 17 +++++++++
> .../X64/SecSnpSystemRamValidate.c | 18 ++++++++++
> 7 files changed, 138 insertions(+)
>
> diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> index 662d3c4ccb..6e3a1fc7d7 100644
> --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> @@ -20,6 +20,7 @@
> #include <Library/UefiBootServicesTableLib.h>
> #include <Guid/ConfidentialComputingSevSnpBlob.h>
> #include <Library/PcdLib.h>
> +#include <Protocol/MemoryAccept.h>
>
> STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
> SIGNATURE_32 ('A', 'M', 'D', 'E'),
> @@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
> FixedPcdGet32 (PcdOvmfCpuidSize),
> };
>
> +STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
> +
> +STATIC
> +EFI_STATUS
> +EFIAPI
> +AmdSevMemoryAccept (
> + IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
> + IN EFI_PHYSICAL_ADDRESS StartAddress,
> + IN UINTN Size
> +)
> +{
> + MemEncryptSnpAcceptPages (
> + StartAddress,
> + EFI_SIZE_TO_PAGES (Size)
> + );
> +
> + return EFI_SUCCESS;
> +}
> +
> +STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
> + AmdSevMemoryAccept
> +};
> +
> EFI_STATUS
> EFIAPI
> AmdSevDxeEntryPoint (
> @@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
> }
> }
>
> + Status = gBS->InstallProtocolInterface (
> + &mAmdSevDxeHandle,
> + &gEfiMemoryAcceptProtocolGuid,
> + EFI_NATIVE_INTERFACE,
> + &mMemoryAcceptProtocol
> + );
> + if (EFI_ERROR (Status)) {
> + DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
> + }
> +
> //
> // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
> // It contains the location for both the Secrets and CPUID page.
> diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> index 9acf860cf2..5ddddabc32 100644
> --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> @@ -47,6 +47,9 @@
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
>
> +[Protocols]
> + gEfiMemoryAcceptProtocolGuid
> +
> [Guids]
> gConfidentialComputingSevSnpBlobGuid
>
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 4fa9c0d700..05ec10471d 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -228,4 +228,18 @@ MemEncryptSevSnpPreValidateSystemRam (
> IN UINTN NumPages
> );
>
> +/**
> + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> +
> + @param[in] BaseAddress Base address
> + @param[in] NumPages Number of pages starting from the base address
> +
> +**/
> +VOID
> +EFIAPI
> +MemEncryptSnpAcceptPages (
> + IN PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + );
> +
> #endif // _MEM_ENCRYPT_SEV_LIB_H_
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> index f92299fc77..f0747d792e 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> @@ -153,3 +153,20 @@ MemEncryptSevSnpPreValidateSystemRam (
> {
> ASSERT (FALSE);
> }
> +
> +/**
> + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> +
> + @param[in] BaseAddress Base address
> + @param[in] NumPages Number of pages starting from the base address
> +
> +**/
> +VOID
> +EFIAPI
> +MemEncryptSnpAcceptPages (
> + IN PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + )
> +{
> + ASSERT (FALSE);
> +}
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> index d3a95e4913..7693e0ca66 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> @@ -14,6 +14,7 @@
> #include <Library/MemEncryptSevLib.h>
>
> #include "SnpPageStateChange.h"
> +#include "VirtualMemory.h"
>
> /**
> Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
> @@ -38,3 +39,37 @@ MemEncryptSevSnpPreValidateSystemRam (
> //
> ASSERT (FALSE);
> }
> +
> +/**
> + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> +
> + @param[in] BaseAddress Base address
> + @param[in] NumPages Number of pages starting from the base address
> +
> +**/
> +VOID
> +EFIAPI
> +MemEncryptSnpAcceptPages (
> + IN PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + )
> +{
> + EFI_STATUS Status;
> +
> + if (!MemEncryptSevSnpIsEnabled ()) {
> + return;
> + }
> + if (BaseAddress >= SIZE_4GB) {
> + Status = InternalMemEncryptSevCreateIdentityMap1G (
> + 0,
> + BaseAddress,
> + EFI_PAGES_TO_SIZE (NumPages)
> + );
> + if (EFI_ERROR (Status)) {
> + ASSERT (FALSE);
> + CpuDeadLoop ();
> + }
> + }
> +
> + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
> +}
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> index 4970165444..1c52bfe691 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> @@ -126,3 +126,20 @@ MemEncryptSevSnpPreValidateSystemRam (
> BaseAddress = EndAddress;
> }
> }
> +
> +/**
> + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> +
> + @param[in] BaseAddress Base address
> + @param[in] NumPages Number of pages starting from the base address
> +
> +**/
> +VOID
> +EFIAPI
> +MemEncryptSnpAcceptPages (
> + IN PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + )
> +{
> + ASSERT (FALSE);
> +}
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> index 7797febb8a..edfebf6ef4 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> @@ -10,6 +10,7 @@
>
> #include <Uefi/UefiBaseType.h>
> #include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
> #include <Library/MemEncryptSevLib.h>
>
> #include "SnpPageStateChange.h"
> @@ -80,3 +81,20 @@ MemEncryptSevSnpPreValidateSystemRam (
>
> InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
> }
> +
> +/**
> + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> +
> + @param[in] BaseAddress Base address
> + @param[in] NumPages Number of pages starting from the base address
> +
> +**/
> +VOID
> +EFIAPI
> +MemEncryptSnpAcceptPages (
> + IN PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + )
> +{
> + ASSERT(FALSE);
> +}
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94256): https://edk2.groups.io/g/devel/message/94256
Mute This Topic: https://groups.io/mt/93879404/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
>
> Shouldn't this have a v2 in the subject (same goes for patch 2/4)?
>
Yes. I'm upset that didn't happen. I used --subject="PATCHv2" in git
send-email, and editing the cover letter showed that all the other
emails would have PATCHv2 in the subject. Then I said to send the
emails and saw "PATCH " get sent out anyway :(
> I didn't see an answer as to why you couldn't use the
> MemEncryptSevSnpPreValidateSystemRam() function in
> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c to
> accomplish this without introducing a whole new interface to the
> MemEncryptSevLib library.
>
We could do the acceptance in the DXE implementation of
MemEncryptSevSnpPreValidateSystemRam.
I wasn't 100% on whether the same name function name should be used in
two very different roles.
I'll change it for v3.
> Also, to better see the paths in the diffstat, I recommend using:
> --diff-options "--stat=1000 --stat-graph-width=20"
>
Will do, thanks.
> Thanks,
> Tom
>
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> >
> > Signed-off-by: Sophia Wolf <phiawolf@google.com>
> > ---
> > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 34 ++++++++++++++++++
> > OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
> > OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++++++++
> > .../Ia32/MemEncryptSevLib.c | 17 +++++++++
> > .../X64/DxeSnpSystemRamValidate.c | 35 +++++++++++++++++++
> > .../X64/PeiSnpSystemRamValidate.c | 17 +++++++++
> > .../X64/SecSnpSystemRamValidate.c | 18 ++++++++++
> > 7 files changed, 138 insertions(+)
> >
> > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> > index 662d3c4ccb..6e3a1fc7d7 100644
> > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
> > @@ -20,6 +20,7 @@
> > #include <Library/UefiBootServicesTableLib.h>
> > #include <Guid/ConfidentialComputingSevSnpBlob.h>
> > #include <Library/PcdLib.h>
> > +#include <Protocol/MemoryAccept.h>
> >
> > STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
> > SIGNATURE_32 ('A', 'M', 'D', 'E'),
> > @@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
> > FixedPcdGet32 (PcdOvmfCpuidSize),
> > };
> >
> > +STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
> > +
> > +STATIC
> > +EFI_STATUS
> > +EFIAPI
> > +AmdSevMemoryAccept (
> > + IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
> > + IN EFI_PHYSICAL_ADDRESS StartAddress,
> > + IN UINTN Size
> > +)
> > +{
> > + MemEncryptSnpAcceptPages (
> > + StartAddress,
> > + EFI_SIZE_TO_PAGES (Size)
> > + );
> > +
> > + return EFI_SUCCESS;
> > +}
> > +
> > +STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
> > + AmdSevMemoryAccept
> > +};
> > +
> > EFI_STATUS
> > EFIAPI
> > AmdSevDxeEntryPoint (
> > @@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
> > }
> > }
> >
> > + Status = gBS->InstallProtocolInterface (
> > + &mAmdSevDxeHandle,
> > + &gEfiMemoryAcceptProtocolGuid,
> > + EFI_NATIVE_INTERFACE,
> > + &mMemoryAcceptProtocol
> > + );
> > + if (EFI_ERROR (Status)) {
> > + DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
> > + }
> > +
> > //
> > // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
> > // It contains the location for both the Secrets and CPUID page.
> > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> > index 9acf860cf2..5ddddabc32 100644
> > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> > @@ -47,6 +47,9 @@
> > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
> > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
> >
> > +[Protocols]
> > + gEfiMemoryAcceptProtocolGuid
> > +
> > [Guids]
> > gConfidentialComputingSevSnpBlobGuid
> >
> > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> > index 4fa9c0d700..05ec10471d 100644
> > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> > @@ -228,4 +228,18 @@ MemEncryptSevSnpPreValidateSystemRam (
> > IN UINTN NumPages
> > );
> >
> > +/**
> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> > +
> > + @param[in] BaseAddress Base address
> > + @param[in] NumPages Number of pages starting from the base address
> > +
> > +**/
> > +VOID
> > +EFIAPI
> > +MemEncryptSnpAcceptPages (
> > + IN PHYSICAL_ADDRESS BaseAddress,
> > + IN UINTN NumPages
> > + );
> > +
> > #endif // _MEM_ENCRYPT_SEV_LIB_H_
> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> > index f92299fc77..f0747d792e 100644
> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
> > @@ -153,3 +153,20 @@ MemEncryptSevSnpPreValidateSystemRam (
> > {
> > ASSERT (FALSE);
> > }
> > +
> > +/**
> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> > +
> > + @param[in] BaseAddress Base address
> > + @param[in] NumPages Number of pages starting from the base address
> > +
> > +**/
> > +VOID
> > +EFIAPI
> > +MemEncryptSnpAcceptPages (
> > + IN PHYSICAL_ADDRESS BaseAddress,
> > + IN UINTN NumPages
> > + )
> > +{
> > + ASSERT (FALSE);
> > +}
> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> > index d3a95e4913..7693e0ca66 100644
> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
> > @@ -14,6 +14,7 @@
> > #include <Library/MemEncryptSevLib.h>
> >
> > #include "SnpPageStateChange.h"
> > +#include "VirtualMemory.h"
> >
> > /**
> > Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
> > @@ -38,3 +39,37 @@ MemEncryptSevSnpPreValidateSystemRam (
> > //
> > ASSERT (FALSE);
> > }
> > +
> > +/**
> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> > +
> > + @param[in] BaseAddress Base address
> > + @param[in] NumPages Number of pages starting from the base address
> > +
> > +**/
> > +VOID
> > +EFIAPI
> > +MemEncryptSnpAcceptPages (
> > + IN PHYSICAL_ADDRESS BaseAddress,
> > + IN UINTN NumPages
> > + )
> > +{
> > + EFI_STATUS Status;
> > +
> > + if (!MemEncryptSevSnpIsEnabled ()) {
> > + return;
> > + }
> > + if (BaseAddress >= SIZE_4GB) {
> > + Status = InternalMemEncryptSevCreateIdentityMap1G (
> > + 0,
> > + BaseAddress,
> > + EFI_PAGES_TO_SIZE (NumPages)
> > + );
> > + if (EFI_ERROR (Status)) {
> > + ASSERT (FALSE);
> > + CpuDeadLoop ();
> > + }
> > + }
> > +
> > + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
> > +}
> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> > index 4970165444..1c52bfe691 100644
> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
> > @@ -126,3 +126,20 @@ MemEncryptSevSnpPreValidateSystemRam (
> > BaseAddress = EndAddress;
> > }
> > }
> > +
> > +/**
> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> > +
> > + @param[in] BaseAddress Base address
> > + @param[in] NumPages Number of pages starting from the base address
> > +
> > +**/
> > +VOID
> > +EFIAPI
> > +MemEncryptSnpAcceptPages (
> > + IN PHYSICAL_ADDRESS BaseAddress,
> > + IN UINTN NumPages
> > + )
> > +{
> > + ASSERT (FALSE);
> > +}
> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> > index 7797febb8a..edfebf6ef4 100644
> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
> > @@ -10,6 +10,7 @@
> >
> > #include <Uefi/UefiBaseType.h>
> > #include <Library/BaseLib.h>
> > +#include <Library/DebugLib.h>
> > #include <Library/MemEncryptSevLib.h>
> >
> > #include "SnpPageStateChange.h"
> > @@ -80,3 +81,20 @@ MemEncryptSevSnpPreValidateSystemRam (
> >
> > InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
> > }
> > +
> > +/**
> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
> > +
> > + @param[in] BaseAddress Base address
> > + @param[in] NumPages Number of pages starting from the base address
> > +
> > +**/
> > +VOID
> > +EFIAPI
> > +MemEncryptSnpAcceptPages (
> > + IN PHYSICAL_ADDRESS BaseAddress,
> > + IN UINTN NumPages
> > + )
> > +{
> > + ASSERT(FALSE);
> > +}
--
-Dionna Glaze, PhD (she/her)
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94346): https://edk2.groups.io/g/devel/message/94346
Mute This Topic: https://groups.io/mt/93879404/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
You should use -v2 -v3 -v4 etc. to specify the patch version.
On Mon, Sep 26, 2022, at 8:56 AM, Dionna Glaze via groups.io wrote:
>>
>> Shouldn't this have a v2 in the subject (same goes for patch 2/4)?
>>
>
> Yes. I'm upset that didn't happen. I used --subject="PATCHv2" in git
> send-email, and editing the cover letter showed that all the other
> emails would have PATCHv2 in the subject. Then I said to send the
> emails and saw "PATCH " get sent out anyway :(
>
>> I didn't see an answer as to why you couldn't use the
>> MemEncryptSevSnpPreValidateSystemRam() function in
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c to
>> accomplish this without introducing a whole new interface to the
>> MemEncryptSevLib library.
>>
>
> We could do the acceptance in the DXE implementation of
> MemEncryptSevSnpPreValidateSystemRam.
> I wasn't 100% on whether the same name function name should be used in
> two very different roles.
> I'll change it for v3.
>
>> Also, to better see the paths in the diffstat, I recommend using:
>> --diff-options "--stat=1000 --stat-graph-width=20"
>>
>
> Will do, thanks.
>
>> Thanks,
>> Tom
>>
>> > Cc: Gerd Hoffmann <kraxel@redhat.com>
>> > Cc: James Bottomley <jejb@linux.ibm.com>
>> > Cc: Jiewen Yao <jiewen.yao@intel.com>
>> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> >
>> > Signed-off-by: Sophia Wolf <phiawolf@google.com>
>> > ---
>> > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 34 ++++++++++++++++++
>> > OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
>> > OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++++++++
>> > .../Ia32/MemEncryptSevLib.c | 17 +++++++++
>> > .../X64/DxeSnpSystemRamValidate.c | 35 +++++++++++++++++++
>> > .../X64/PeiSnpSystemRamValidate.c | 17 +++++++++
>> > .../X64/SecSnpSystemRamValidate.c | 18 ++++++++++
>> > 7 files changed, 138 insertions(+)
>> >
>> > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
>> > index 662d3c4ccb..6e3a1fc7d7 100644
>> > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
>> > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
>> > @@ -20,6 +20,7 @@
>> > #include <Library/UefiBootServicesTableLib.h>
>> > #include <Guid/ConfidentialComputingSevSnpBlob.h>
>> > #include <Library/PcdLib.h>
>> > +#include <Protocol/MemoryAccept.h>
>> >
>> > STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
>> > SIGNATURE_32 ('A', 'M', 'D', 'E'),
>> > @@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
>> > FixedPcdGet32 (PcdOvmfCpuidSize),
>> > };
>> >
>> > +STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
>> > +
>> > +STATIC
>> > +EFI_STATUS
>> > +EFIAPI
>> > +AmdSevMemoryAccept (
>> > + IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
>> > + IN EFI_PHYSICAL_ADDRESS StartAddress,
>> > + IN UINTN Size
>> > +)
>> > +{
>> > + MemEncryptSnpAcceptPages (
>> > + StartAddress,
>> > + EFI_SIZE_TO_PAGES (Size)
>> > + );
>> > +
>> > + return EFI_SUCCESS;
>> > +}
>> > +
>> > +STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
>> > + AmdSevMemoryAccept
>> > +};
>> > +
>> > EFI_STATUS
>> > EFIAPI
>> > AmdSevDxeEntryPoint (
>> > @@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
>> > }
>> > }
>> >
>> > + Status = gBS->InstallProtocolInterface (
>> > + &mAmdSevDxeHandle,
>> > + &gEfiMemoryAcceptProtocolGuid,
>> > + EFI_NATIVE_INTERFACE,
>> > + &mMemoryAcceptProtocol
>> > + );
>> > + if (EFI_ERROR (Status)) {
>> > + DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
>> > + }
>> > +
>> > //
>> > // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
>> > // It contains the location for both the Secrets and CPUID page.
>> > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>> > index 9acf860cf2..5ddddabc32 100644
>> > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>> > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>> > @@ -47,6 +47,9 @@
>> > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
>> > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
>> >
>> > +[Protocols]
>> > + gEfiMemoryAcceptProtocolGuid
>> > +
>> > [Guids]
>> > gConfidentialComputingSevSnpBlobGuid
>> >
>> > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> > index 4fa9c0d700..05ec10471d 100644
>> > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> > @@ -228,4 +228,18 @@ MemEncryptSevSnpPreValidateSystemRam (
>> > IN UINTN NumPages
>> > );
>> >
>> > +/**
>> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
>> > +
>> > + @param[in] BaseAddress Base address
>> > + @param[in] NumPages Number of pages starting from the base address
>> > +
>> > +**/
>> > +VOID
>> > +EFIAPI
>> > +MemEncryptSnpAcceptPages (
>> > + IN PHYSICAL_ADDRESS BaseAddress,
>> > + IN UINTN NumPages
>> > + );
>> > +
>> > #endif // _MEM_ENCRYPT_SEV_LIB_H_
>> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
>> > index f92299fc77..f0747d792e 100644
>> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
>> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
>> > @@ -153,3 +153,20 @@ MemEncryptSevSnpPreValidateSystemRam (
>> > {
>> > ASSERT (FALSE);
>> > }
>> > +
>> > +/**
>> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
>> > +
>> > + @param[in] BaseAddress Base address
>> > + @param[in] NumPages Number of pages starting from the base address
>> > +
>> > +**/
>> > +VOID
>> > +EFIAPI
>> > +MemEncryptSnpAcceptPages (
>> > + IN PHYSICAL_ADDRESS BaseAddress,
>> > + IN UINTN NumPages
>> > + )
>> > +{
>> > + ASSERT (FALSE);
>> > +}
>> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
>> > index d3a95e4913..7693e0ca66 100644
>> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
>> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
>> > @@ -14,6 +14,7 @@
>> > #include <Library/MemEncryptSevLib.h>
>> >
>> > #include "SnpPageStateChange.h"
>> > +#include "VirtualMemory.h"
>> >
>> > /**
>> > Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
>> > @@ -38,3 +39,37 @@ MemEncryptSevSnpPreValidateSystemRam (
>> > //
>> > ASSERT (FALSE);
>> > }
>> > +
>> > +/**
>> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
>> > +
>> > + @param[in] BaseAddress Base address
>> > + @param[in] NumPages Number of pages starting from the base address
>> > +
>> > +**/
>> > +VOID
>> > +EFIAPI
>> > +MemEncryptSnpAcceptPages (
>> > + IN PHYSICAL_ADDRESS BaseAddress,
>> > + IN UINTN NumPages
>> > + )
>> > +{
>> > + EFI_STATUS Status;
>> > +
>> > + if (!MemEncryptSevSnpIsEnabled ()) {
>> > + return;
>> > + }
>> > + if (BaseAddress >= SIZE_4GB) {
>> > + Status = InternalMemEncryptSevCreateIdentityMap1G (
>> > + 0,
>> > + BaseAddress,
>> > + EFI_PAGES_TO_SIZE (NumPages)
>> > + );
>> > + if (EFI_ERROR (Status)) {
>> > + ASSERT (FALSE);
>> > + CpuDeadLoop ();
>> > + }
>> > + }
>> > +
>> > + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
>> > +}
>> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
>> > index 4970165444..1c52bfe691 100644
>> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
>> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
>> > @@ -126,3 +126,20 @@ MemEncryptSevSnpPreValidateSystemRam (
>> > BaseAddress = EndAddress;
>> > }
>> > }
>> > +
>> > +/**
>> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
>> > +
>> > + @param[in] BaseAddress Base address
>> > + @param[in] NumPages Number of pages starting from the base address
>> > +
>> > +**/
>> > +VOID
>> > +EFIAPI
>> > +MemEncryptSnpAcceptPages (
>> > + IN PHYSICAL_ADDRESS BaseAddress,
>> > + IN UINTN NumPages
>> > + )
>> > +{
>> > + ASSERT (FALSE);
>> > +}
>> > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> > index 7797febb8a..edfebf6ef4 100644
>> > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> > @@ -10,6 +10,7 @@
>> >
>> > #include <Uefi/UefiBaseType.h>
>> > #include <Library/BaseLib.h>
>> > +#include <Library/DebugLib.h>
>> > #include <Library/MemEncryptSevLib.h>
>> >
>> > #include "SnpPageStateChange.h"
>> > @@ -80,3 +81,20 @@ MemEncryptSevSnpPreValidateSystemRam (
>> >
>> > InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
>> > }
>> > +
>> > +/**
>> > + Accept pages system RAM when SEV-SNP is enabled in the guest VM.
>> > +
>> > + @param[in] BaseAddress Base address
>> > + @param[in] NumPages Number of pages starting from the base address
>> > +
>> > +**/
>> > +VOID
>> > +EFIAPI
>> > +MemEncryptSnpAcceptPages (
>> > + IN PHYSICAL_ADDRESS BaseAddress,
>> > + IN UINTN NumPages
>> > + )
>> > +{
>> > + ASSERT(FALSE);
>> > +}
>
>
>
> --
> -Dionna Glaze, PhD (she/her)
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94355): https://edk2.groups.io/g/devel/message/94355
Mute This Topic: https://groups.io/mt/93879404/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2026 Red Hat, Inc.