1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH v11 0/4] Add safe unaccepted memory behavior
  4. View patch

[edk2-devel] [PATCH v11 2/4] MdePkg: Introduce the SevMemoryAcceptance protocol

Dionna Glaze via groups.io posted 4 patches 1 year, 9 months ago
[edk2-devel] [PATCH v11 2/4] MdePkg: Introduce the SevMemoryAcceptance protocol
Posted by Dionna Glaze via groups.io 1 year, 9 months ago 
The default behavior for unaccepted memory in SEV-SNP is to accept all
memory when ExitBootServices is called. An OS loader can use this
protocol to disable this behavior to assume responsibility for memory
acceptance and to affirm that the OS can handle the unaccepted memory
type.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 OvmfPkg/Include/Protocol/SevMemoryAcceptance.h | 42 ++++++++++++++++++++
 OvmfPkg/OvmfPkg.dec                            |  1 +
 2 files changed, 43 insertions(+)

diff --git a/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
new file mode 100644
index 0000000000..c45b499006
--- /dev/null
+++ b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
@@ -0,0 +1,42 @@
+/** @file
+  The file provides the protocol that disables the behavior that all memory
+  gets accepted at ExitBootServices(). This protocol is only meant to be called
+  by the OS loader, and not EDK2 itself. The SEV naming is due to the coincidence
+  that only SEV-SNP needs this protocol, since SEV-SNP kernel support released
+  before kernel support for unaccepted memory. The technology enablement thus
+  does not strictly imply support for the unaccepted memory type.
+
+  Copyright (c) 2023, Google LLC. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef SEV_MEMORY_ACCEPTANCE_H_
+#define SEV_MEMORY_ACCEPTANCE_H_
+
+#define OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID \
+  {0xc5a010fe, \
+   0x38a7, \
+   0x4531, \
+   {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
+
+typedef struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
+    OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL;
+
+/**
+  @param This A pointer to a OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL.
+**/
+typedef
+  EFI_STATUS
+(EFIAPI *OVMF_SEV_ALLOW_UNACCEPTED_MEMORY)(
+  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
+  );
+
+///
+/// The OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader to
+/// indicate to EDK2 that ExitBootServices should not accept all memory.
+///
+struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL {
+  OVMF_SEV_ALLOW_UNACCEPTED_MEMORY    AllowUnacceptedMemory;
+};
+
+#endif
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 1b521f2604..a22eb246c6 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -184,6 +184,7 @@
   gEfiLegacyInterruptProtocolGuid       = {0x31ce593d, 0x108a, 0x485d, {0xad, 0xb2, 0x78, 0xf2, 0x1f, 0x29, 0x66, 0xbe}}
   gEfiVgaMiniPortProtocolGuid           = {0xc7735a2f, 0x88f5, 0x4882, {0xae, 0x63, 0xfa, 0xac, 0x8c, 0x8b, 0x86, 0xb3}}
   gOvmfLoadedX86LinuxKernelProtocolGuid = {0xa3edc05d, 0xb618, 0x4ff6, {0x95, 0x52, 0x76, 0xd7, 0x88, 0x63, 0x43, 0xc8}}
+  gOvmfSevMemoryAcceptanceProtocolGuid  = {0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
   gQemuAcpiTableNotifyProtocolGuid      = {0x928939b2, 0x4235, 0x462f, {0x95, 0x80, 0xf6, 0xa2, 0xb2, 0xc2, 0x1a, 0x4f}}
   gEfiMpInitLibMpDepProtocolGuid        = {0xbb00a5ca, 0x8ce,  0x462f, {0xa5, 0x37, 0x43, 0xc7, 0x4a, 0x82, 0x5c, 0xa4}}
   gEfiMpInitLibUpDepProtocolGuid        = {0xa9e7cef1, 0x5682, 0x42cc, {0xb1, 0x23, 0x99, 0x30, 0x97, 0x3f, 0x4a, 0x9f}}
-- 
2.39.1.456.gfc5497dd1b-goog



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99100): https://edk2.groups.io/g/devel/message/99100
Mute This Topic: https://groups.io/mt/96553083/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v11 2/4] MdePkg: Introduce the SevMemoryAcceptance protocol
Posted by Lendacky, Thomas via groups.io 1 year, 9 months ago 
Might want to fix up the commit title from MdePkg to OvmfPkg before 
committing.

Thanks,
Tom

On 1/26/23 15:17, Dionna Glaze wrote:
> The default behavior for unaccepted memory in SEV-SNP is to accept all
> memory when ExitBootServices is called. An OS loader can use this
> protocol to disable this behavior to assume responsibility for memory
> acceptance and to affirm that the OS can handle the unaccepted memory
> type.
> 
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Ard Biesheuvel <ardb@kernel.org>
> Cc: "Min M. Xu" <min.m.xu@intel.com>
> Cc: Andrew Fish <afish@apple.com>
> Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>
> 
> Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
> ---
>   OvmfPkg/Include/Protocol/SevMemoryAcceptance.h | 42 ++++++++++++++++++++
>   OvmfPkg/OvmfPkg.dec                            |  1 +
>   2 files changed, 43 insertions(+)
> 
> diff --git a/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
> new file mode 100644
> index 0000000000..c45b499006
> --- /dev/null
> +++ b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
> @@ -0,0 +1,42 @@
> +/** @file
> +  The file provides the protocol that disables the behavior that all memory
> +  gets accepted at ExitBootServices(). This protocol is only meant to be called
> +  by the OS loader, and not EDK2 itself. The SEV naming is due to the coincidence
> +  that only SEV-SNP needs this protocol, since SEV-SNP kernel support released
> +  before kernel support for unaccepted memory. The technology enablement thus
> +  does not strictly imply support for the unaccepted memory type.
> +
> +  Copyright (c) 2023, Google LLC. All rights reserved.<BR>
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +
> +#ifndef SEV_MEMORY_ACCEPTANCE_H_
> +#define SEV_MEMORY_ACCEPTANCE_H_
> +
> +#define OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID \
> +  {0xc5a010fe, \
> +   0x38a7, \
> +   0x4531, \
> +   {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
> +
> +typedef struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
> +    OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL;
> +
> +/**
> +  @param This A pointer to a OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL.
> +**/
> +typedef
> +  EFI_STATUS
> +(EFIAPI *OVMF_SEV_ALLOW_UNACCEPTED_MEMORY)(
> +  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
> +  );
> +
> +///
> +/// The OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader to
> +/// indicate to EDK2 that ExitBootServices should not accept all memory.
> +///
> +struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL {
> +  OVMF_SEV_ALLOW_UNACCEPTED_MEMORY    AllowUnacceptedMemory;
> +};
> +
> +#endif
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 1b521f2604..a22eb246c6 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -184,6 +184,7 @@
>     gEfiLegacyInterruptProtocolGuid       = {0x31ce593d, 0x108a, 0x485d, {0xad, 0xb2, 0x78, 0xf2, 0x1f, 0x29, 0x66, 0xbe}}
>     gEfiVgaMiniPortProtocolGuid           = {0xc7735a2f, 0x88f5, 0x4882, {0xae, 0x63, 0xfa, 0xac, 0x8c, 0x8b, 0x86, 0xb3}}
>     gOvmfLoadedX86LinuxKernelProtocolGuid = {0xa3edc05d, 0xb618, 0x4ff6, {0x95, 0x52, 0x76, 0xd7, 0x88, 0x63, 0x43, 0xc8}}
> +  gOvmfSevMemoryAcceptanceProtocolGuid  = {0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
>     gQemuAcpiTableNotifyProtocolGuid      = {0x928939b2, 0x4235, 0x462f, {0x95, 0x80, 0xf6, 0xa2, 0xb2, 0xc2, 0x1a, 0x4f}}
>     gEfiMpInitLibMpDepProtocolGuid        = {0xbb00a5ca, 0x8ce,  0x462f, {0xa5, 0x37, 0x43, 0xc7, 0x4a, 0x82, 0x5c, 0xa4}}
>     gEfiMpInitLibUpDepProtocolGuid        = {0xa9e7cef1, 0x5682, 0x42cc, {0xb1, 0x23, 0x99, 0x30, 0x97, 0x3f, 0x4a, 0x9f}}


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99106): https://edk2.groups.io/g/devel/message/99106
Mute This Topic: https://groups.io/mt/96553083/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v11 2/4] MdePkg: Introduce the SevMemoryAcceptance protocol
Posted by Ard Biesheuvel 1 year, 9 months ago 
On Fri, 27 Jan 2023 at 00:11, Tom Lendacky <thomas.lendacky@amd.com> wrote:
>
> Might want to fix up the commit title from MdePkg to OvmfPkg before
> committing.
>

I've fixed that up - thanks.


> On 1/26/23 15:17, Dionna Glaze wrote:
> > The default behavior for unaccepted memory in SEV-SNP is to accept all
> > memory when ExitBootServices is called. An OS loader can use this
> > protocol to disable this behavior to assume responsibility for memory
> > acceptance and to affirm that the OS can handle the unaccepted memory
> > type.
> >
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > Cc: Ard Biesheuvel <ardb@kernel.org>
> > Cc: "Min M. Xu" <min.m.xu@intel.com>
> > Cc: Andrew Fish <afish@apple.com>
> > Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>
> >
> > Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
> > ---
> >   OvmfPkg/Include/Protocol/SevMemoryAcceptance.h | 42 ++++++++++++++++++++
> >   OvmfPkg/OvmfPkg.dec                            |  1 +
> >   2 files changed, 43 insertions(+)
> >
> > diff --git a/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
> > new file mode 100644
> > index 0000000000..c45b499006
> > --- /dev/null
> > +++ b/OvmfPkg/Include/Protocol/SevMemoryAcceptance.h
> > @@ -0,0 +1,42 @@
> > +/** @file
> > +  The file provides the protocol that disables the behavior that all memory
> > +  gets accepted at ExitBootServices(). This protocol is only meant to be called
> > +  by the OS loader, and not EDK2 itself. The SEV naming is due to the coincidence
> > +  that only SEV-SNP needs this protocol, since SEV-SNP kernel support released
> > +  before kernel support for unaccepted memory. The technology enablement thus
> > +  does not strictly imply support for the unaccepted memory type.
> > +
> > +  Copyright (c) 2023, Google LLC. All rights reserved.<BR>
> > +  SPDX-License-Identifier: BSD-2-Clause-Patent
> > +**/
> > +
> > +#ifndef SEV_MEMORY_ACCEPTANCE_H_
> > +#define SEV_MEMORY_ACCEPTANCE_H_
> > +
> > +#define OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL_GUID \
> > +  {0xc5a010fe, \
> > +   0x38a7, \
> > +   0x4531, \
> > +   {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
> > +
> > +typedef struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
> > +    OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL;
> > +
> > +/**
> > +  @param This A pointer to a OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL.
> > +**/
> > +typedef
> > +  EFI_STATUS
> > +(EFIAPI *OVMF_SEV_ALLOW_UNACCEPTED_MEMORY)(
> > +  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
> > +  );
> > +
> > +///
> > +/// The OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL allows the OS loader to
> > +/// indicate to EDK2 that ExitBootServices should not accept all memory.
> > +///
> > +struct _OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL {
> > +  OVMF_SEV_ALLOW_UNACCEPTED_MEMORY    AllowUnacceptedMemory;
> > +};
> > +
> > +#endif
> > diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> > index 1b521f2604..a22eb246c6 100644
> > --- a/OvmfPkg/OvmfPkg.dec
> > +++ b/OvmfPkg/OvmfPkg.dec
> > @@ -184,6 +184,7 @@
> >     gEfiLegacyInterruptProtocolGuid       = {0x31ce593d, 0x108a, 0x485d, {0xad, 0xb2, 0x78, 0xf2, 0x1f, 0x29, 0x66, 0xbe}}
> >     gEfiVgaMiniPortProtocolGuid           = {0xc7735a2f, 0x88f5, 0x4882, {0xae, 0x63, 0xfa, 0xac, 0x8c, 0x8b, 0x86, 0xb3}}
> >     gOvmfLoadedX86LinuxKernelProtocolGuid = {0xa3edc05d, 0xb618, 0x4ff6, {0x95, 0x52, 0x76, 0xd7, 0x88, 0x63, 0x43, 0xc8}}
> > +  gOvmfSevMemoryAcceptanceProtocolGuid  = {0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
> >     gQemuAcpiTableNotifyProtocolGuid      = {0x928939b2, 0x4235, 0x462f, {0x95, 0x80, 0xf6, 0xa2, 0xb2, 0xc2, 0x1a, 0x4f}}
> >     gEfiMpInitLibMpDepProtocolGuid        = {0xbb00a5ca, 0x8ce,  0x462f, {0xa5, 0x37, 0x43, 0xc7, 0x4a, 0x82, 0x5c, 0xa4}}
> >     gEfiMpInitLibUpDepProtocolGuid        = {0xa9e7cef1, 0x5682, 0x42cc, {0xb1, 0x23, 0x99, 0x30, 0x97, 0x3f, 0x4a, 0x9f}}


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99124): https://edk2.groups.io/g/devel/message/99124
Mute This Topic: https://groups.io/mt/96553083/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.