The default behavior for unaccepted memory in SEV-SNP is to accept all
memory when ExitBootServices is called. An OS loader can use this
protocol to disable this behavior to assume responsibility for memory
acceptance and to affirm that the OS can handle the unaccepted memory
type.
This is a candidate for standardization.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h | 44 ++++++++++++++++++++
MdePkg/MdePkg.dec | 3 ++
2 files changed, 47 insertions(+)
diff --git a/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h b/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h
new file mode 100644
index 0000000000..c3691e1c93
--- /dev/null
+++ b/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h
@@ -0,0 +1,44 @@
+/** @file
+ The file provides the protocol that disables the behavior that all memory
+ gets accepted at ExitBootServices(). This protocol is only meant to be called
+ by the OS loader, and not EDK2 itself. The SEV naming is due to the coincidence
+ that only SEV-SNP needs this protocol, since SEV-SNP kernel support released
+ before kernel support for unaccepted memory. The technology enablement thus
+ does not strictly imply support for the unaccepted memory type.
+
+ Copyright (c) 2023, Google LLC. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef SEV_MEMORY_ACCEPTANCE_H_
+#define SEV_MEMORY_ACCEPTANCE_H_
+
+#define BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID \
+ {0xc5a010fe, \
+ 0x38a7, \
+ 0x4531, \
+ {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
+
+typedef struct _BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL \
+ BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL;
+
+/**
+ @param This A pointer to a BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL.
+**/
+typedef
+ EFI_STATUS
+(EFIAPI *BZ3987_SEV_ALLOW_UNACCEPTED_MEMORY)(
+ IN BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL *This
+ );
+
+///
+/// The BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader to
+/// indicate to EDK2 that ExitBootServices should not accept all memory.
+///
+struct _BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL {
+ BZ3987_SEV_ALLOW_UNACCEPTED_MEMORY AllowUnacceptedMemory;
+};
+
+extern EFI_GUID gBz3987SevMemoryAcceptanceProtocolGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 3d08f20d15..b82d6e46a4 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -1031,6 +1031,9 @@
gEfiPeiDelayedDispatchPpiGuid = { 0x869c711d, 0x649c, 0x44fe, { 0x8b, 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}
[Protocols]
+ ## Include/Protocol/Bz3987SevMemoryAcceptance.h
+ gBz3987SevMemoryAcceptanceProtocolGuid = { 0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }}
+
## Include/Protocol/MemoryAccept.h
gEdkiiMemoryAcceptProtocolGuid = { 0x38c74800, 0x5590, 0x4db4, { 0xa0, 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}
--
2.39.1.456.gfc5497dd1b-goog
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99051): https://edk2.groups.io/g/devel/message/99051
Mute This Topic: https://groups.io/mt/96534753/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-I don’t think MdePkg is the right place. MdePkg only includes the approved industry standard.
As Gerd and I discussed before, this protocol should be in OvmfPkg.
Please move to https://github.com/tianocore/edk2/tree/master/OvmfPkg/Include/Protocol
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Dionna Glaze <dionnaglaze@google.com>
> Sent: Thursday, January 26, 2023 8:57 AM
> To: devel@edk2.groups.io
> Cc: Dionna Glaze <dionnaglaze@google.com>; Gerd Hoffmann
> <kraxel@redhat.com>; James Bottomley <jejb@linux.ibm.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Ard
> Biesheuvel <ardb@kernel.org>; Xu, Min M <min.m.xu@intel.com>; Andrew Fish
> <afish@apple.com>; Kinney, Michael D <michael.d.kinney@intel.com>
> Subject: [PATCH v10 2/4] MdePkg: Introduce the SevMemoryAcceptance
> protocol
>
> The default behavior for unaccepted memory in SEV-SNP is to accept all
> memory when ExitBootServices is called. An OS loader can use this
> protocol to disable this behavior to assume responsibility for memory
> acceptance and to affirm that the OS can handle the unaccepted memory
> type.
>
> This is a candidate for standardization.
>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Ard Biesheuvel <ardb@kernel.org>
> Cc: "Min M. Xu" <min.m.xu@intel.com>
> Cc: Andrew Fish <afish@apple.com>
> Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>
>
> Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
> ---
> MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h | 44
> ++++++++++++++++++++
> MdePkg/MdePkg.dec | 3 ++
> 2 files changed, 47 insertions(+)
>
> diff --git a/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h
> b/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h
> new file mode 100644
> index 0000000000..c3691e1c93
> --- /dev/null
> +++ b/MdePkg/Include/Protocol/Bz3987SevMemoryAcceptance.h
> @@ -0,0 +1,44 @@
> +/** @file
> + The file provides the protocol that disables the behavior that all memory
> + gets accepted at ExitBootServices(). This protocol is only meant to be called
> + by the OS loader, and not EDK2 itself. The SEV naming is due to the
> coincidence
> + that only SEV-SNP needs this protocol, since SEV-SNP kernel support released
> + before kernel support for unaccepted memory. The technology enablement
> thus
> + does not strictly imply support for the unaccepted memory type.
> +
> + Copyright (c) 2023, Google LLC. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +
> +#ifndef SEV_MEMORY_ACCEPTANCE_H_
> +#define SEV_MEMORY_ACCEPTANCE_H_
> +
> +#define BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID \
> + {0xc5a010fe, \
> + 0x38a7, \
> + 0x4531, \
> + {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
> +
> +typedef struct _BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL \
> + BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL;
> +
> +/**
> + @param This A pointer to a BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL.
> +**/
> +typedef
> + EFI_STATUS
> +(EFIAPI *BZ3987_SEV_ALLOW_UNACCEPTED_MEMORY)(
> + IN BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL *This
> + );
> +
> +///
> +/// The BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader
> to
> +/// indicate to EDK2 that ExitBootServices should not accept all memory.
> +///
> +struct _BZ3987_SEV_MEMORY_ACCEPTANCE_PROTOCOL {
> + BZ3987_SEV_ALLOW_UNACCEPTED_MEMORY AllowUnacceptedMemory;
> +};
> +
> +extern EFI_GUID gBz3987SevMemoryAcceptanceProtocolGuid;
> +
> +#endif
> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
> index 3d08f20d15..b82d6e46a4 100644
> --- a/MdePkg/MdePkg.dec
> +++ b/MdePkg/MdePkg.dec
> @@ -1031,6 +1031,9 @@
> gEfiPeiDelayedDispatchPpiGuid = { 0x869c711d, 0x649c, 0x44fe, { 0x8b, 0x9e,
> 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}
>
> [Protocols]
> + ## Include/Protocol/Bz3987SevMemoryAcceptance.h
> + gBz3987SevMemoryAcceptanceProtocolGuid = { 0xc5a010fe, 0x38a7, 0x4531,
> {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }}
> +
> ## Include/Protocol/MemoryAccept.h
> gEdkiiMemoryAcceptProtocolGuid = { 0x38c74800, 0x5590, 0x4db4, { 0xa0,
> 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}
>
> --
> 2.39.1.456.gfc5497dd1b-goog
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99054): https://edk2.groups.io/g/devel/message/99054
Mute This Topic: https://groups.io/mt/96534753/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
> As Gerd and I discussed before, this protocol should be in OvmfPkg. > Please move to https://github.com/tianocore/edk2/tree/master/OvmfPkg/Include/Protocol > Ah, I misinterpreted your response to Gerd's message. v11 will have it moved. The CI seems to think I've redefined the protocol struct type or failed to use the typedef for declarations, but I don't see how that would be. Is this a false positive that I can ignore for the next iteration? https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=78271&view=results -- -Dionna Glaze, PhD (she/her) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99086): https://edk2.groups.io/g/devel/message/99086 Mute This Topic: https://groups.io/mt/96534753/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
On Thu, 26 Jan 2023 at 18:04, Dionna Amalie Glaze <dionnaglaze@google.com> wrote: > > > As Gerd and I discussed before, this protocol should be in OvmfPkg. > > Please move to https://github.com/tianocore/edk2/tree/master/OvmfPkg/Include/Protocol > > > > Ah, I misinterpreted your response to Gerd's message. v11 will have it > moved. The CI seems to think I've redefined the protocol struct type > or failed to use the typedef for declarations, but I don't see how > that would be. Is this a false positive that I can ignore for the next > iteration? https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=78271&view=results > That looks very odd to me, and I don't see anything wrong with the .h file. However, since we are moving this to OvmfPkg and you are spinning a v11, can we drop the bizarre prefix please? Also, the 'extern EFI_GUID xxx' should be unnecessary these days - these are generated by the build tools based on the [Protocols] section in the INF. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#99087): https://edk2.groups.io/g/devel/message/99087 Mute This Topic: https://groups.io/mt/96534753/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2026 Red Hat, Inc.