From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95526+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95526+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644089; cv=none; d=zohomail.com; s=zohoarc; b=fKzF6Q9ugx/tcysRDYc9zQPDBTNLI00Rj2ootKiWcRtIKzPs5LZ3d/Ax+HlzoqXS/w/JiyxSgkGxwb/bSkqQcl5jVKzzVjToZ9/V28KKXImc7wJudDtxXrLbr4WfD+E5SL4QSHuD2Ga7nEOFcC1OC4I6SWx+rUj2Xd/fqm9nc5s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644089; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ERC9uUcioS60W7ZBsWHoMTNAq1EYAiwI1EFUJhCW+TQ=; b=mABXOfquhIYzd5dmjO9jguT1VR7H+AYRi6vJ1ak+zRZ/creMG8LWSnsGvsMSgckLep8v3tDygbhDeKxNY9siWu5d6X/2YRqx6ftixj8il93+dlcMem/wlTzAfeyAfe5nnHip8nYC+7N1SbfPrlQr/KyWVUaCizGWLWUkKgGchoM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95526+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666644089412920.6865650426056; Mon, 24 Oct 2022 13:41:29 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id DzVFYY1788612x4wA88HHf4C; Mon, 24 Oct 2022 13:41:29 -0700 X-Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) by mx.groups.io with SMTP id smtpd.web12.1417.1666644088248921201 for ; Mon, 24 Oct 2022 13:41:28 -0700 X-Received: by mail-pf1-f201.google.com with SMTP id f13-20020a62380d000000b0056a7486d9a1so4761032pfa.4 for ; Mon, 24 Oct 2022 13:41:28 -0700 (PDT) X-Gm-Message-State: tnu0iCrg7Rx465kqbILoFr8qx1787277AA= X-Google-Smtp-Source: AMsMyM71SEw2PhWYtn4cuO7QqxpAYOC8+zUldBXzTHyt7vNdkXyVy5BL3Pz0TUNF2R0R79cZdzPvSC0omv5g09VkWA== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a05:6a00:4396:b0:563:6fd7:9c98 with SMTP id bt22-20020a056a00439600b005636fd79c98mr35840501pfb.13.1666644087695; Mon, 24 Oct 2022 13:41:27 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:08 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-2-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 1/7] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644089; bh=pOUsYiP6jUCl9AOkO2uypEwtJYd4t+M+TpuJprzxZm8=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=ADfwusLBL0HdpBtQJBO4lbN9A+BczksbwyZPsw6tvZtHFJ4tc8OaUYFzrkRUIfHWiQ0 CiMetUWNczUA7VBVi7+1aZxXl00b1syPIJOEtxRAVe3EbtrV1RoL5lmx3Q5gcV2hEBAxg Pl8mrJ2XN69kpIo5Ziz86quqZpuuFOfXqN0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644089804100007 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sophia Wolf When a guest OS does not support unaccepted memory, the unaccepted memory must be accepted before returning a memory map to the caller. EfiMemoryAcceptProtocol is defined in MdePkg and is implemented / Installed in AmdSevDxe for AMD SEV-SNP memory acceptance. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Signed-off-by: Dionna Glaze Acked-by: Jiewen Yao Reviewed-by: Tom Lendacky --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++= ++++++++++++++++-- OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++= +++++-- 3 files changed, 74 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 662d3c4ccb..f7600c3c81 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -20,6 +20,7 @@ #include #include #include +#include =20 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable =3D { SIGNATURE_32 ('A', 'M', 'D', 'E'), @@ -31,6 +32,40 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBoo= tDxeTable =3D { FixedPcdGet32 (PcdOvmfCpuidSize), }; =20 +STATIC EFI_HANDLE mAmdSevDxeHandle =3D NULL; + +#define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) =3D=3D 0)) + +STATIC +EFI_STATUS +EFIAPI +AmdSevMemoryAccept ( + IN EDKII_MEMORY_ACCEPT_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS StartAddress, + IN UINTN Size + ) +{ + // + // The StartAddress must be page-aligned, and the Size must be a positive + // multiple of SIZE_4KB. Use an assert instead of returning an erros sin= ce + // this is an EDK2-internal protocol. + // + ASSERT (IS_ALIGNED (StartAddress, SIZE_4KB)); + ASSERT (IS_ALIGNED (Size, SIZE_4KB)); + ASSERT (Size !=3D 0); + + MemEncryptSevSnpPreValidateSystemRam ( + StartAddress, + EFI_SIZE_TO_PAGES (Size) + ); + + return EFI_SUCCESS; +} + +STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol =3D { + AmdSevMemoryAccept +}; + EFI_STATUS EFIAPI AmdSevDxeEntryPoint ( @@ -147,11 +182,23 @@ AmdSevDxeEntryPoint ( } } =20 - // - // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_S= EV_SNP_BLOB. - // It contains the location for both the Secrets and CPUID page. - // if (MemEncryptSevSnpIsEnabled ()) { + // + // Memory acceptance began being required in SEV-SNP, so install the + // memory accept protocol implementation for a SEV-SNP active guest. + // + Status =3D gBS->InstallProtocolInterface ( + &mAmdSevDxeHandle, + &gEdkiiMemoryAcceptProtocolGuid, + EFI_NATIVE_INTERFACE, + &mMemoryAcceptProtocol + ); + ASSERT_EFI_ERROR (Status); + + // + // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING= _SEV_SNP_BLOB. + // It contains the location for both the Secrets and CPUID page. + // return gBS->InstallConfigurationTable ( &gConfidentialComputingSevSnpBlobGuid, &mSnpBootDxeTable diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.= inf index 9acf860cf2..cd1b686c53 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf @@ -47,6 +47,9 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize =20 +[Protocols] + gEdkiiMemoryAcceptProtocolGuid + [Guids] gConfidentialComputingSevSnpBlobGuid =20 diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c index d3a95e4913..cbcdd46f52 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c @@ -14,6 +14,7 @@ #include =20 #include "SnpPageStateChange.h" +#include "VirtualMemory.h" =20 /** Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. @@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam ( IN UINTN NumPages ) { + EFI_STATUS Status; + if (!MemEncryptSevSnpIsEnabled ()) { return; } =20 - // - // All the pre-validation must be completed in the PEI phase. - // - ASSERT (FALSE); + // DXE pre-validation may happen with the memory accept protocol. + // The protocol should only be called outside the prevalidated ranges + // that the PEI stage code explicitly skips. Specifically, only memory + // ranges that are classified as unaccepted. + if (BaseAddress >=3D SIZE_4GB) { + Status =3D InternalMemEncryptSevCreateIdentityMap1G ( + 0, + BaseAddress, + EFI_PAGES_TO_SIZE (NumPages) + ); + if (EFI_ERROR (Status)) { + ASSERT (FALSE); + CpuDeadLoop (); + } + } + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); } --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95526): https://edk2.groups.io/g/devel/message/95526 Mute This Topic: https://groups.io/mt/94544530/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95527+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95527+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644090; cv=none; d=zohomail.com; s=zohoarc; b=eJFjwyxGJGmJISPDpdXYUDgiWAkrVJ6Go6ToMf8d1iFb/DVFaBgwj7G51sV2ktpkvDLHy8WFqOJ06CfaDRAVffLQwHgo0980B4rpZEuxRZ3pUb2ge1rOVtG9M7k7LADd0a85I5Zw5hat4IeYGAQLcGyoQVLeOStRiGkNJs2M1bM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644090; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=S7uS+qelGPWVvLhD4k2d17o//j+ukiDVsTRw+m5BU+c=; b=FfdwYIlAR90oSogGdwv3NHceXsDdAZuP6HqCKJTyE/AWiNmkSStTnaDBYMXW32ye9xU2uLZA2SPSguGb2J3eFqdEJ3+5F+uofaftLVrweeFEw+CxgO/L4VoYWeXr+N2I+ixe0SaBVMa633hnr2o0nEeE2saScfekEyg5kEKrASw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95527+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666644090859880.5449714008635; Mon, 24 Oct 2022 13:41:30 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id vtUGYY1788612xJdIuhNAd9D; Mon, 24 Oct 2022 13:41:30 -0700 X-Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) by mx.groups.io with SMTP id smtpd.web10.1413.1666644089893109683 for ; Mon, 24 Oct 2022 13:41:30 -0700 X-Received: by mail-yb1-f201.google.com with SMTP id h4-20020a5b02c4000000b006bc192d672bso10242664ybp.22 for ; Mon, 24 Oct 2022 13:41:29 -0700 (PDT) X-Gm-Message-State: 4W0Jh8Vx723EtewIejQUO134x1787277AA= X-Google-Smtp-Source: AMsMyM4zxWQ/JwvDvjWWipQs4dcJUy5ruXDRXXKuuA1Z5it9w84fKRx3dWkJAnkHcKis58Kd8wn932tJPhYDhQCUHg== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a25:d8e:0:b0:6c9:ab53:4852 with SMTP id 136-20020a250d8e000000b006c9ab534852mr26213985ybn.390.1666644089079; Mon, 24 Oct 2022 13:41:29 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:09 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-3-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 2/7] MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644090; bh=hlIovq/Vc7y+PG+TW2hmvDaH4ss0DR2N7qYXvuOFBPw=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=cDVfsRliJf2ZXqtFr4BG1tzs7jP/JnQVZa68Lvja1SgZAxjoV1wcIqO2NbXxz8tp+AZ KtjyaXYQYpx4mJvLVOVwgxD5U1jFCoPoDqtjnFgUZduTZ12Nsqq6+1V2Ee8pwmWYDykks BUlp4fjKo1fU9/J78c4hTs8gQ1aBq6sVFyQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644091588100009 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Event group as defined in UEFI standard v2.9. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Signed-off-by: Dionna Glaze Acked-by: Jiewen Yao --- MdePkg/Include/Guid/EventGroup.h | 5 +++++ MdePkg/MdePkg.dec | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/MdePkg/Include/Guid/EventGroup.h b/MdePkg/Include/Guid/EventGr= oup.h index 063d1f7157..64bfd4bab9 100644 --- a/MdePkg/Include/Guid/EventGroup.h +++ b/MdePkg/Include/Guid/EventGroup.h @@ -14,6 +14,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =20 extern EFI_GUID gEfiEventExitBootServicesGuid; =20 +#define EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES \ + { 0x8be0e274, 0x3970, 0x4b44, { 0x80, 0xc5, 0x1a, 0xb9, 0x50, 0x2f, 0x3b= , 0xfc } } + +extern EFI_GUID gEfiEventBeforeExitBootServicesGuid; + #define EFI_EVENT_GROUP_VIRTUAL_ADDRESS_CHANGE \ { 0x13fa7698, 0xc831, 0x49c7, { 0x87, 0xea, 0x8f, 0x43, 0xfc, 0xc2, 0x51= , 0x96 } } =20 diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 6b6bfbec29..359a85ea10 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -408,7 +408,10 @@ gEfiEventMemoryMapChangeGuid =3D { 0x78BEE926, 0x692F, 0x48FD, { 0x9E,= 0xDB, 0x01, 0x42, 0x2E, 0xF0, 0xD7, 0xAB }} =20 ## Include/Guid/EventGroup.h - gEfiEventVirtualAddressChangeGuid =3D { 0x13FA7698, 0xC831, 0x49C7, { 0x= 87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }} + gEfiEventVirtualAddressChangeGuid =3D { 0x13FA7698, 0xC831, 0x49C7, { = 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }} + + ## Include/Guid/EventGroup.h + gEfiEventBeforeExitBootServicesGuid =3D { 0x8BE0E274, 0x3970, 0x4B44, { = 0x80, 0xC5, 0x1A, 0xB9, 0x50, 0x2F, 0x3B, 0xFC }} =20 ## Include/Guid/EventGroup.h gEfiEventExitBootServicesGuid =3D { 0x27ABF055, 0xB1B8, 0x4C26, { 0x80,= 0x48, 0x74, 0x8F, 0x37, 0xBA, 0xA2, 0xDF }} --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95527): https://edk2.groups.io/g/devel/message/95527 Mute This Topic: https://groups.io/mt/94544532/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95532+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95532+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644103; cv=none; d=zohomail.com; s=zohoarc; b=mEwAKxzJxEJK+geRTnW1r0mJ2j/U1dladHXEP7P73Zx6xmmX1oY6XRVGU4bp50xbjMcWYhxs+d9HmdKjHWMLHgG75hs7xma06eOZWF1bIiMzm5PFat8RqzAX3f+S4r6oFltqT8kMustck0+TL1YvDZo4JFVWJ+GwYHyEWz8mHmg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644103; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=UJOiIrBWH+hzxFoZGnr1w7bgKurudUXae7PJQ+DL3c4=; b=lF9bP5wo+61WgUATWyu05jPz17kx5sEvuJD1TKeey706mJeSKs9quvmqFh9+k7YRJbAPC8X6AZfQzfXlXAVrDd7eFHQMFt7eymP+TjiPqVUMg7bjomPh74piwm8X7djvvIpnDRqpFOscJLVZYew6WFe6eVL2KeJUTekEhJFDZkE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95532+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666644103376855.1269128410539; Mon, 24 Oct 2022 13:41:43 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id mkwkYY1788612xOZcs6A2eJn; Mon, 24 Oct 2022 13:41:43 -0700 X-Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) by mx.groups.io with SMTP id smtpd.web11.1419.1666644102394315271 for ; Mon, 24 Oct 2022 13:41:42 -0700 X-Received: by mail-pg1-f202.google.com with SMTP id a33-20020a630b61000000b00429d91cc649so5124460pgl.8 for ; Mon, 24 Oct 2022 13:41:42 -0700 (PDT) X-Gm-Message-State: y90GU7RMUpkjJfL5ROt1pr8kx1787277AA= X-Google-Smtp-Source: AMsMyM4lNnpr/FBRaXtBZlu/Ob62+Sh6iNmXPenXf1Kpbc23dBeJ/QzXRELMPkmYpEUaH1U3ul+/xGTejSe8/U+zLw== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a05:6a00:2446:b0:528:5da9:cc7 with SMTP id d6-20020a056a00244600b005285da90cc7mr35800930pfj.51.1666644090824; Mon, 24 Oct 2022 13:41:30 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:10 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-4-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" , Ray Ni Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644103; bh=iCHq27bNeHSrM6j9MNwsPcLw0rpzpYYae81TiGuP8rs=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=Z71UXgikyjihtZSodeaOaT8hRs3/6UMeXZV9mJySi2ANzQU40K089KOlgNeXMQJZ97G WuWkKZAEMPqZPXwAe6shlnD88vpHIWlmmzP58iw0iX0VimN51mez6dpVm8P/XSK1yJ2/2 PCX+H/22DV6hjtFPK+/i+1/lNTm/1Zjxaow= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644103715100015 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Location of notification is has been specified in UEFI v2.9. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Cc: Ray Ni Signed-off-by: Dionna Glaze Acked-by: Jiewen Yao --- MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeM= ain.inf index e4bca89577..35d5bf0dee 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -100,6 +100,7 @@ gEfiEventVirtualAddressChangeGuid ## CONSUMES ##= Event ## CONSUMES ## Event ## PRODUCES ## Event + gEfiEventBeforeExitBootServicesGuid gEfiEventExitBootServicesGuid gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ##= HOB gEfiFirmwareFileSystem2Guid ## CONSUMES ##= GUID # Used to compare with FV's file system guid and get the FV's file sy= stem format diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dx= e/DxeMain/DxeMain.c index 5733f0c8ec..4683016ed7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -763,6 +763,12 @@ CoreExitBootServices ( { EFI_STATUS Status; =20 + // + // Notify other drivers of their last chance to use boot services + // before the memory map is terminated. + // + CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid); + // // Disable Timer // --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95532): https://edk2.groups.io/g/devel/message/95532 Mute This Topic: https://groups.io/mt/94544540/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95528+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95528+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644095; cv=none; d=zohomail.com; s=zohoarc; b=laB3vARbFYIdWL1xOkF0RY0lrxddNf9+CfyQ21uKzsB1m7Nqa+SPgiUDLRnwQ5JJ/quCoaqwJ35mSbnxSOIhQprqwHOcI936B63QOLsvEYucK0ddCMpgU4avtOurxU+xcNDR+dv4isG9YOO07WskWi+GHl+CGYtgK2vTHFmWP0w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644095; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=LuQ/dVNtFrMdWzquBoNkZEEULQ+nO5eB/KJFUj12iSg=; b=ZJtVd7/GCZAzWfqkK0UagLAs8kslm+8rUZl6IY/Z/aabNZxLEsW86n0lrugWhpZqWGYoLXwsVh+ckOWpQxtM+ZicjEJ3+0RgKHjIjn+QktX68O9hw5KpdEviJ/igQC7MOf+RBbZP9rqQPiLpXDwpewXdKkaNOdqPusrKMvy92Tk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95528+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 166664409565257.10087615996542; Mon, 24 Oct 2022 13:41:35 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id Wbm5YY1788612xA4Gui1p3vu; Mon, 24 Oct 2022 13:41:34 -0700 X-Received: from mail-oa1-f74.google.com (mail-oa1-f74.google.com [209.85.160.74]) by mx.groups.io with SMTP id smtpd.web11.1417.1666644093618134766 for ; Mon, 24 Oct 2022 13:41:33 -0700 X-Received: by mail-oa1-f74.google.com with SMTP id 586e51a60fabf-13b7c9ff321so2902940fac.4 for ; Mon, 24 Oct 2022 13:41:33 -0700 (PDT) X-Gm-Message-State: 5sVUZmebG3hR5iuHhic4dOLgx1787277AA= X-Google-Smtp-Source: AMsMyM4zBQ9725STaZ/mTXqmsyujeeO5lJ9bF1xPXEQwzgY0DCfCFOY6ZPeAfqWr5Y7gHH+UItxlgGpMrzSPuOeeOw== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a05:6870:e982:b0:136:78c2:e19a with SMTP id r2-20020a056870e98200b0013678c2e19amr38181797oao.1.1666644092786; Mon, 24 Oct 2022 13:41:32 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:11 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-5-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 4/7] OvmfPkg: Introduce CocoDxe driver From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644094; bh=ELZENunhFkM5CHGs3Xx4ouqQrBiIK9tGBVm0PFjHwho=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=Kx3sOJ59+cIOLdxwXsAbFbYDsAes1naGI0obx/frUEQE9IMQ4x5zyvzhYbx2mAKGFiP T/nvKgMC4HYv/OLFx1jqCB2penjirYqwys/4ioQXOJkvEHr4qA/0/EYHygOapC+zynXJ1 nsl4546bAJ/G42Yg9Vsi1t8jXi+fJkSF+sM= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644097867100001 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This driver is meant as a join point for all Confidential Compute technologies to put shared behavior that doesn't belong anywhere else. The first behavior added here is to accept all unaccepted memory at ExitBootServices if the behavior is not disabled. This allows safe upgrades for OS loaders to affirm their support for the unaccepted memory type. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/CocoDxe/CocoDxe.c | 146 ++++++++++++++++++++ OvmfPkg/CocoDxe/CocoDxe.inf | 45 ++++++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/OvmfPkgX64.fdf | 1 + 10 files changed, 199 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 90e8a213ef..ad6b73ca4a 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -747,6 +747,7 @@ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf } + OvmfPkg/CocoDxe/CocoDxe.inf OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 # diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 4658e1d30e..3717ec9094 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -302,6 +302,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 =20 diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c new file mode 100644 index 0000000000..98874e6cfc --- /dev/null +++ b/OvmfPkg/CocoDxe/CocoDxe.c @@ -0,0 +1,146 @@ +/** @file + + Confidential Compute Dxe driver. This driver installs protocols that are + generic over confidential compute techonology. + + Copyright (c) 2022, Google LLC. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +STATIC BOOLEAN mAcceptAllMemoryAtEBS =3D TRUE; + +STATIC EFI_EVENT mAcceptAllMemoryEvent =3D NULL; + +STATIC +EFI_STATUS +AcceptAllMemory ( + IN EDKII_MEMORY_ACCEPT_PROTOCOL *AcceptMemory + ) +{ + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + EFI_STATUS Status; + + DEBUG ((DEBUG_INFO, "Accepting all memory\n")); + + /* + * Get a copy of the memory space map to iterate over while + * changing the map. + */ + Status =3D gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap); + if (EFI_ERROR (Status)) { + return Status; + } + + for (Index =3D 0; Index < NumEntries; Index++) { + CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc; + + Desc =3D &AllDescMap[Index]; + if (Desc->GcdMemoryType !=3D EfiGcdMemoryTypeUnaccepted) { + continue; + } + + Status =3D AcceptMemory->AcceptMemory ( + AcceptMemory, + Desc->BaseAddress, + Desc->Length + ); + if (EFI_ERROR (Status)) { + break; + } + + Status =3D gDS->RemoveMemorySpace (Desc->BaseAddress, Desc->Length); + if (EFI_ERROR (Status)) { + break; + } + + Status =3D gDS->AddMemorySpace ( + EfiGcdMemoryTypeSystemMemory, + Desc->BaseAddress, + Desc->Length, + EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO = | EFI_MEMORY_RP + ); + if (EFI_ERROR (Status)) { + break; + } + } + + gBS->FreePool (AllDescMap); + return Status; +} + +VOID +EFIAPI +ResolveUnacceptedMemory ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EDKII_MEMORY_ACCEPT_PROTOCOL *AcceptMemory; + EFI_STATUS Status; + + if (!mAcceptAllMemoryAtEBS) { + return; + } + + Status =3D gBS->LocateProtocol ( + &gEdkiiMemoryAcceptProtocolGuid, + NULL, + (VOID **)&AcceptMemory + ); + if (Status =3D=3D EFI_NOT_FOUND) { + return; + } + + ASSERT_EFI_ERROR (Status); + + Status =3D AcceptAllMemory (AcceptMemory); + ASSERT_EFI_ERROR (Status); +} + +EFI_STATUS +EFIAPI +CocoDxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + // + // Do nothing when confidential compute technologies that require memory + // acceptance are not enabled. + // + if (!MemEncryptSevSnpIsEnabled () && + !MemEncryptTdxIsEnabled ()) + { + return EFI_UNSUPPORTED; + } + + Status =3D gBS->CreateEventEx ( + EVT_NOTIFY_SIGNAL, + TPL_CALLBACK, + ResolveUnacceptedMemory, + NULL, + &gEfiEventBeforeExitBootServicesGuid, + &mAcceptAllMemoryEvent + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "AllowUnacceptedMemory event creation for EventBe= foreExitBootServices failed.\n")); + } + + return EFI_SUCCESS; +} diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf new file mode 100644 index 0000000000..8d4452e94d --- /dev/null +++ b/OvmfPkg/CocoDxe/CocoDxe.inf @@ -0,0 +1,45 @@ +#/** @file +# +# Driver installs shared protocols needed for confidential compute +# technologies. +# +# Copyright (c) 2022, Google LLC. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +#**/ + +[Defines] + INF_VERSION =3D 1.25 + BASE_NAME =3D CocoDxe + FILE_GUID =3D 08162f1e-5147-4d3e-b5a9-fa48c9808419 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + ENTRY_POINT =3D CocoDxeEntryPoint + +[Sources] + CocoDxe.c + +[Packages] + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + DxeServicesTableLib + MemEncryptSevLib + MemEncryptTdxLib + MemoryAllocationLib + UefiDriverEntryPoint + +[Depex] + TRUE + +[Guids] + gEfiEventBeforeExitBootServicesGuid + +[Protocols] + gEdkiiMemoryAcceptProtocolGuid diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index c0c1a15b09..8136d50eb2 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -753,6 +753,7 @@ OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 OvmfPkg/TdxDxe/TdxDxe.inf + OvmfPkg/CocoDxe/CocoDxe.inf =20 # # Variable driver stack (non-SMM) diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX6= 4.fdf index 6923eb8831..e612608c0c 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf +++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf @@ -269,6 +269,7 @@ INF ShellPkg/Application/Shell/Shell.inf INF MdeModulePkg/Logo/LogoDxe.inf =20 INF OvmfPkg/TdxDxe/TdxDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf =20 # # Usb Support diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index af566b953f..2cfb3fbc6b 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -965,6 +965,7 @@ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf } + OvmfPkg/CocoDxe/CocoDxe.inf OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf index 80de4fa2c0..2ab7f3b95b 100644 --- a/OvmfPkg/OvmfPkgIa32X64.fdf +++ b/OvmfPkg/OvmfPkgIa32X64.fdf @@ -343,6 +343,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f39d9cd117..3ead476b61 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -1036,6 +1036,7 @@ OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 OvmfPkg/TdxDxe/TdxDxe.inf + OvmfPkg/CocoDxe/CocoDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE OvmfPkg/SmmAccess/SmmAccess2Dxe.inf diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index c0f5a1ef3c..5dd452f42b 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -370,6 +370,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf +INF OvmfPkg/CocoDxe/CocoDxe.inf INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf =20 !if $(SMM_REQUIRE) =3D=3D TRUE --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95528): https://edk2.groups.io/g/devel/message/95528 Mute This Topic: https://groups.io/mt/94544534/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95529+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95529+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644097; cv=none; d=zohomail.com; s=zohoarc; b=NGXoQ7RHE/yPAlRBV8Y2B0d4Ym++P6xIg6MJ9lJLWDjvPE+dke0EnGGAU3An4gu82g6WOhy5FRtJtlgWfL1qoFveFDmveufOwHviCIG1tFR7WK+QOdrcJ7KZhmA1w7QFbBvUbZZ9Z6PzQ8AHfvU3t1loFRAcQ0WZAb6zNtqpC58= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644097; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=F4GoNR07NgwN/HCTha4murqeF1YZSub5oJoI2BucTLw=; b=eFqhgA52mIPne43pkBtSnHKo/xsnaqhPDVcMARIHPm6DFGlPGhl3gDux8D/W9PKiXlG5jtvaVRftebgbPrdCdK2Jy0dgLz92haZAhn69YfsCgz/IVacFzC66O2yNIAfMO9qPkEP+b1UPRfFx2/8l1AtoiGr5MeGNWHCPg9oK95E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95529+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 166664409794240.12891304801951; Mon, 24 Oct 2022 13:41:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id wb7LYY1788612xxEZr33jm4O; Mon, 24 Oct 2022 13:41:36 -0700 X-Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) by mx.groups.io with SMTP id smtpd.web09.1381.1666644095305006215 for ; Mon, 24 Oct 2022 13:41:35 -0700 X-Received: by mail-yb1-f201.google.com with SMTP id w190-20020a257bc7000000b006c0d1b19526so10211890ybc.12 for ; Mon, 24 Oct 2022 13:41:35 -0700 (PDT) X-Gm-Message-State: ZqcQ5OWR3muEylXsyZYSRcwPx1787277AA= X-Google-Smtp-Source: AMsMyM6Uah5LOwrkH7kX824tXRz7sxioXz9qvpmFcHJG6rdKW1Fq5VZdcmunpUaOHXcguSrc7YuQC50A3wZWIG5lbA== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a5b:f01:0:b0:6b7:b30f:54b4 with SMTP id x1-20020a5b0f01000000b006b7b30f54b4mr30816235ybr.149.1666644094526; Mon, 24 Oct 2022 13:41:34 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:12 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-6-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 5/7] MdePkg: Introduce the MemoryAcceptance protocol From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644096; bh=acfNpylJPDl6WHNK8TK+nK8qdsp9z21XjcsHb+Gvqlk=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=UJ1EEp47YOW17qPdYdbsARLPndtxu10MPnJmQJdoAhrKOiiCsja3Mc5duGQT+8Z9QGf sYw+PyyzEF60rjc3jdFn+RvWAvsu6YQIVTzDPd3LD3qhJZFxrb9eZ6t69xjz4qeAxw6tB nMM0SPK3oT2wP58SW1cNzC9XBGdg6L8/Ghc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644099671100003 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The default behavior for unaccepted memory is to accept all memory when ExitBootServices is called. An OS loader can use this protocol to disable this behavior to assume responsibility for memory acceptance and to affirm that the OS can handle the unaccepted memory type. This is a candidate for standardization. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- MdePkg/Include/Protocol/MemoryAcceptance.h | 40 ++++++++++++++++++++ MdePkg/MdePkg.dec | 3 ++ 2 files changed, 43 insertions(+) diff --git a/MdePkg/Include/Protocol/MemoryAcceptance.h b/MdePkg/Include/Pr= otocol/MemoryAcceptance.h new file mode 100644 index 0000000000..0b305b016f --- /dev/null +++ b/MdePkg/Include/Protocol/MemoryAcceptance.h @@ -0,0 +1,40 @@ +/** @file + The file provides the protocol that disables the behavior that all memory + gets accepted at ExitBootServices(). This protocol is only meant to be c= alled + by the OS loader, and not EDK2 itself. + + Copyright (c) 2022, Google LLC. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#ifndef MEMORY_ACCEPTANCE_H_ +#define MEMORY_ACCEPTANCE_H_ + +#define BZ3987_MEMORY_ACCEPTANCE_PROTOCOL_GUID \ + {0xc5a010fe, \ + 0x38a7, \ + 0x4531, \ + {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}} + +typedef struct _BZ3987_MEMORY_ACCEPTANCE_PROTOCOL BZ3987_MEMORY_ACCEPTANCE= _PROTOCOL; + +/** + @param This A pointer to a BZ3987_MEMORY_ACCEPTANCE_PROTOCOL. +**/ +typedef + EFI_STATUS +(EFIAPI *BZ3987_ALLOW_UNACCEPTED_MEMORY)( + IN BZ3987_MEMORY_ACCEPTANCE_PROTOCOL *This + ); + +/// +/// The BZ3987_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader to +/// indicate to EDK2 that ExitBootServices should not accept all memory. +/// +struct _BZ3987_MEMORY_ACCEPTANCE_PROTOCOL { + BZ3987_ALLOW_UNACCEPTED_MEMORY AllowUnacceptedMemory; +}; + +extern EFI_GUID gBz3987MemoryAcceptanceProtocolGuid; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 359a85ea10..5c639c1b98 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -1022,6 +1022,9 @@ gEfiPeiDelayedDispatchPpiGuid =3D { 0x869c711d, 0x649c, 0x44fe, { 0x8b,= 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }} =20 [Protocols] + ## Include/Protocol/Bz3987MemoryAcceptance.h + gBz3987MemoryAcceptanceProtocolGuid =3D { 0xc5a010fe, 0x38a7, 0x4531, {0= x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }} + ## Include/Protocol/MemoryAccept.h gEdkiiMemoryAcceptProtocolGuid =3D { 0x38c74800, 0x5590, 0x4db4, { 0xa0,= 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }} =20 --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95529): https://edk2.groups.io/g/devel/message/95529 Mute This Topic: https://groups.io/mt/94544535/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95530+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95530+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644098; cv=none; d=zohomail.com; s=zohoarc; b=FNROiR6kJ5GG/YFbu0T062FbxrSUTtHO9F3kLoI5/9Dd3BxiKgAuPFAyVBfCotF8qaGiNdTixM93ODWYbj+kpHJXUfoPEcGFalTocxaO178z0bL4trW9zowS+OTQTo2xQlbigaFp3URAQ5WynDhco4bydcfYml1JzEq9bxwMZoY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644098; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=G9DS0LTll1G8T1epF2oYVhcd/pqXkf678HLOeoT7qSA=; b=Qj08Jom8LOwmL3Zrj3+JH+ZYUTJMmiQLhEN7yrxOpe0EDXkCQWdxg8yLzkq7uE41iA8UboIxBEMsUfyGnbsoj/1jPxF7JnRJhpIPXlXdKao0Te3tCJ5XgREkTGpc8lVCV1M/Rz1rKzJF8SSeMlpGtConCtKhnWqRZfme3msa/5Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95530+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666644098298793.3157261081411; Mon, 24 Oct 2022 13:41:38 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id MARmYY1788612xWA8RImEEOJ; Mon, 24 Oct 2022 13:41:38 -0700 X-Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) by mx.groups.io with SMTP id smtpd.web10.1415.1666644096638138152 for ; Mon, 24 Oct 2022 13:41:36 -0700 X-Received: by mail-pl1-f202.google.com with SMTP id c12-20020a170903234c00b0017f695bf8f0so6944114plh.6 for ; Mon, 24 Oct 2022 13:41:36 -0700 (PDT) X-Gm-Message-State: taovYgB7Wj9evNdPHT0BI9Akx1787277AA= X-Google-Smtp-Source: AMsMyM7CVgyPjUXhEeaViPfXZda+f7yW79KxlTP3zmVI2+ybIEDfcx56vSlr/Q2xLxg/Co/4YZp3E2AeDOK/w55DRA== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a63:d202:0:b0:46f:930:ea56 with SMTP id a2-20020a63d202000000b0046f0930ea56mr6235815pgg.275.1666644095999; Mon, 24 Oct 2022 13:41:35 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:13 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-7-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 6/7] OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel , "Min M. Xu" , Andrew Fish , "Michael D. Kinney" Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644098; bh=7g1TSJVlRaXocGW4XOyGfYYChk7QqC2AO7wxtbVU0fM=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=c8Oo/oithYPQV659JsRGjyzR/d9eJzkKmSftEhFVCVy3bnaJhalI0u4ChGmE/Q1aGCj f9ygVqdO+3fRGFjdn7sYaabz8ZWAuSM5C16a7bDwgjh3D/P9qLoP9MyWQmgpr7ieo692j K4Y/wUk0cR+zOgyju/bbNLzz44wPGA2a084= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644099678100005 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This protocol implementation disables the accept-all-memory behavior of the BeforeExitBootServices event this driver adds. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Cc: "Min M. Xu" Cc: Andrew Fish Cc: "Michael D. Kinney" Signed-off-by: Dionna Glaze --- OvmfPkg/CocoDxe/CocoDxe.c | 28 ++++++++++++++++++++ OvmfPkg/CocoDxe/CocoDxe.inf | 1 + 2 files changed, 29 insertions(+) diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c index 98874e6cfc..14fbcf60d7 100644 --- a/OvmfPkg/CocoDxe/CocoDxe.c +++ b/OvmfPkg/CocoDxe/CocoDxe.c @@ -17,11 +17,14 @@ #include #include #include +#include =20 STATIC BOOLEAN mAcceptAllMemoryAtEBS =3D TRUE; =20 STATIC EFI_EVENT mAcceptAllMemoryEvent =3D NULL; =20 +STATIC EFI_HANDLE mCocoDxeHandle =3D NULL; + STATIC EFI_STATUS AcceptAllMemory ( @@ -110,6 +113,21 @@ ResolveUnacceptedMemory ( ASSERT_EFI_ERROR (Status); } =20 +STATIC +EFI_STATUS +EFIAPI +AllowUnacceptedMemory ( + IN BZ3987_MEMORY_ACCEPTANCE_PROTOCOL *This + ) +{ + mAcceptAllMemoryAtEBS =3D FALSE; + return EFI_SUCCESS; +} + +STATIC +BZ3987_MEMORY_ACCEPTANCE_PROTOCOL + mMemoryAcceptanceProtocol =3D { AllowUnacceptedMemory }; + EFI_STATUS EFIAPI CocoDxeEntryPoint ( @@ -142,5 +160,15 @@ CocoDxeEntryPoint ( DEBUG ((DEBUG_ERROR, "AllowUnacceptedMemory event creation for EventBe= foreExitBootServices failed.\n")); } =20 + Status =3D gBS->InstallProtocolInterface ( + &mCocoDxeHandle, + &gBz3987MemoryAcceptanceProtocolGuid, + EFI_NATIVE_INTERFACE, + &mMemoryAcceptanceProtocol + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "Install Bz3987MemoryAcceptanceProtocol failed.\n= ")); + } + return EFI_SUCCESS; } diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf index 8d4452e94d..05c2651a89 100644 --- a/OvmfPkg/CocoDxe/CocoDxe.inf +++ b/OvmfPkg/CocoDxe/CocoDxe.inf @@ -42,4 +42,5 @@ gEfiEventBeforeExitBootServicesGuid =20 [Protocols] + gBz3987MemoryAcceptanceProtocolGuid gEdkiiMemoryAcceptProtocolGuid --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95530): https://edk2.groups.io/g/devel/message/95530 Mute This Topic: https://groups.io/mt/94544537/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri Apr 19 20:54:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95531+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95531+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1666644099; cv=none; d=zohomail.com; s=zohoarc; b=RZxwO9GdQw9X/RZv4nUXlC7em9+mxQnxJjIZ9+rArELpVKxFqsPmVfDixfc9YlizOWCfGReXPuKicZ8fuuT75gEFIAUADnxoTEKyFnYz4YnyV5ja277ShpIt3qOIQE66LaQVF28jwOpDSI13k2ZAKBxghpVFj8N+NiFqTBLCcAM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666644099; h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=VWJBmJ1XTb0v5Ow7oIjiAq46HFCV0iF5UH+18aNayRM=; b=kWpkK8wncGCwKGdAu+cbz3tkeuGYfT5qQdEnJRksoAmfPQGLtS5Rl5S7VkVtU77MWZxqN9a6W/tLgC+kgE6M9yoQAfGjcR0EjNXq+0BqCkH4PfPAjeuGdEFoXXn1OA+uFq+r4lG87E7HGtrA7l95nLRR8fS3oXmrvl6EVzEJkR4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95531+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666644099649668.3302795439266; Mon, 24 Oct 2022 13:41:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id zApKYY1788612xAVvTqSUDBq; Mon, 24 Oct 2022 13:41:39 -0700 X-Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by mx.groups.io with SMTP id smtpd.web09.1382.1666644098781640537 for ; Mon, 24 Oct 2022 13:41:38 -0700 X-Received: by mail-pf1-f202.google.com with SMTP id o14-20020a056a00214e00b0056238ef46ebso5139757pfk.2 for ; Mon, 24 Oct 2022 13:41:38 -0700 (PDT) X-Gm-Message-State: moPWwYrMyETzH9ON7ewHSBCXx1787277AA= X-Google-Smtp-Source: AMsMyM7L/kifoMl8z0TanScQ0gzR1daf93pbdnjjwLtuBuVJ7xs++iFZsFLxGz+HMFINOSmYjJ2fAQehDru/As+ZUQ== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:903:289:b0:186:a8a8:e99a with SMTP id j9-20020a170903028900b00186a8a8e99amr7032712plr.104.1666644097887; Mon, 24 Oct 2022 13:41:37 -0700 (PDT) Date: Mon, 24 Oct 2022 20:41:14 +0000 In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221024204114.2772064-1-dionnaglaze@google.com> Message-ID: <20221024204114.2772064-8-dionnaglaze@google.com> Subject: [edk2-devel] [PATCH v8 7/7] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted From: "Dionna Glaze via groups.io" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,dionnaglaze@google.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666644099; bh=2fjR451OFmoHVATlAjWxDqQrh3kTecJVmyKejMrbegY=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=IiIEkva04iZlogJoemIcOGGjrAQoR0UWf1rinFyewThjVRCd8B+WIBdmRkN/cOXjowL zBSJ6mgyfzDy5GTYMcH0XFpxatAxCEJfhBbFBt8k7eOGPaQ0LMmCosq82YA+dAOtkn+Ax xf4gKnpT+DHSh1dfO7Y35HOK0x1ztmd1XcQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666644101659100012 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Instead of eagerly accepting all memory in PEI, only accept memory under the 4GB address. This allows a loaded image to use the MEMORY_ACCEPTANCE_PROTOCOL to disable the accept behavior and indicate that it can interpret the memory type accordingly. This classification is safe since ExitBootServices will accept and reclassify the memory as conventional if the disable protocol is not used. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Signed-off-by: Dionna Glaze --- OvmfPkg/PlatformPei/AmdSev.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 385562b44c..4cb6da4437 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -63,6 +64,10 @@ AmdSevSnpInitialize ( for (Hob.Raw =3D GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw =3D GET_= NEXT_HOB (Hob)) { if ((Hob.Raw !=3D NULL) && (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_RES= OURCE_DESCRIPTOR)) { ResourceHob =3D Hob.ResourceDescriptor; + if (ResourceHob->PhysicalStart >=3D SIZE_4GB) { + ResourceHob->ResourceType =3D BZ3937_RESOURCE_MEMORY_UNACCEPTED; + continue; + } =20 if (ResourceHob->ResourceType =3D=3D EFI_RESOURCE_SYSTEM_MEMORY) { MemEncryptSevSnpPreValidateSystemRam ( --=20 2.38.0.135.g90850a2211-goog -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95531): https://edk2.groups.io/g/devel/message/95531 Mute This Topic: https://groups.io/mt/94544539/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-