From nobody Thu Nov 14 17:49:21 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+99101+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+99101+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1674767873; cv=none;
	d=zohomail.com; s=zohoarc;
	b=UbD6abijWO1zhg8ErfTwge4/WkBkN9WkmB6BF/Q0Ki3fT2t++puQLSYczM2+peYBIqAnPZ+HsSohQE9K7KtOCR4zcabvEZBMrD+1Qx222iH82X/gokKP87juuEMdjhYkbCgrwBeD4wfLdl40aYaJDELvPwwNRCgjqAuYoFfn5j8=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1674767873;
 h=Content-Type:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=y87Q+Bo7N9pUDoudAXSMn3rXTGHDrbK4lmb3KchVtmg=;
	b=OX5MO1MNeEjpBGDSvHQr169ISol7WPWgZUfhSzG9DMkE75Je6M/Q2ZlbFBOGylEH9w7qux8Acn/o9sclsZbp0YyqSMMSgleycBT9PQ3cYYuGKkUQDJ6IGpFK4e6exVmuhAGErUTe9Oq9htQGbYuRX0+o/UxMptw7a+n9ZSiYw9s=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+99101+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1674767873068789.1038848880321;
 Thu, 26 Jan 2023 13:17:53 -0800 (PST)
Return-Path: <bounce+27952+99101+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id daLyYY1788612xP2u2X1iADL;
 Thu, 26 Jan 2023 13:17:52 -0800
X-Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com
 [209.85.219.201])
 by mx.groups.io with SMTP id smtpd.web11.86799.1674767872294590513
 for <devel@edk2.groups.io>;
 Thu, 26 Jan 2023 13:17:52 -0800
X-Received: by mail-yb1-f201.google.com with SMTP id
 r8-20020a252b08000000b007b989d5e105so3243667ybr.11
        for <devel@edk2.groups.io>; Thu, 26 Jan 2023 13:17:52 -0800 (PST)
X-Gm-Message-State: tq3hHH4JTuaZittXX4BtbgtLx1787277AA=
X-Google-Smtp-Source: 
 AK7set/4rfWtyMIP2fPQ6b81XAmMYdHVnMQ//3Qs8KfIJmeUAKFnq2mKpH6rLF3O4h2v1d/C5Oy4An++mOczi+N9kw==
X-Received: from dionnaglaze.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a25:594:0:b0:80b:92d0:d31b with SMTP
 id 142-20020a250594000000b0080b92d0d31bmr986774ybf.436.1674767871400; Thu, 26
 Jan 2023 13:17:51 -0800 (PST)
Date: Thu, 26 Jan 2023 21:17:39 +0000
In-Reply-To: <20230126211740.3235408-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20230126211740.3235408-1-dionnaglaze@google.com>
Message-ID: <20230126211740.3235408-4-dionnaglaze@google.com>
Subject: [edk2-devel] [PATCH v11 3/4] OvmfPkg: Implement
 AcceptAllUnacceptedMemory in AmdSevDxe
From: "Dionna Glaze via groups.io" <dionnaglaze=google.com@groups.io>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, Ard Biesheuvel <ardb@kernel.org>,
	"Min M. Xu" <min.m.xu@intel.com>, Andrew Fish <afish@apple.com>,
	"Michael D. Kinney" <michael.d.kinney@intel.com>
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dionnaglaze@google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1674767872;
 bh=JZGIyWCefgp1HP1u0wmD6P6C02tPRBdgBgrc5fslNHQ=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=DhOY0jVeTSfgSYgGRPoNAAWxZIMsBfi4XikAyBND3zSVBY5aqdzuOjUAKRG/pDn7N94
 WmjH4hIsjgOsE937hmGIoUW2R2bv7Z8osYd2Razni9oLpywhvS7316M4DEhw44ESCG3g4
 tmFBvoDdL8Izb1GfgafHrjoWyeILmjGtLh0=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1674767873421100014
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

This protocol implementation disables the accept-all-memory behavior
of the BeforeExitBootServices event this driver adds.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 OvmfPkg/AmdSevDxe/AmdSevDxe.c   | 26 ++++++++++++++++++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf |  1 +
 2 files changed, 27 insertions(+)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 37d1a3ff55..9d05a16c6e 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -21,6 +21,7 @@
 #include <Guid/ConfidentialComputingSevSnpBlob.h>
 #include <Library/PcdLib.h>
 #include <Pi/PrePiDxeCis.h>
+#include <Protocol/SevMemoryAcceptance.h>
 #include <Protocol/MemoryAccept.h>
=20
 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable =3D {
@@ -143,6 +144,21 @@ ResolveUnacceptedMemory (
   ASSERT_EFI_ERROR (Status);
 }
=20
+STATIC
+EFI_STATUS
+EFIAPI
+AllowUnacceptedMemory (
+  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
+  )
+{
+  mAcceptAllMemoryAtEBS =3D FALSE;
+  return EFI_SUCCESS;
+}
+
+STATIC
+OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
+  mMemoryAcceptanceProtocol =3D { AllowUnacceptedMemory };
+
 STATIC EDKII_MEMORY_ACCEPT_PROTOCOL  mMemoryAcceptProtocol =3D {
   AmdSevMemoryAccept
 };
@@ -292,6 +308,16 @@ AmdSevDxeEntryPoint (
       DEBUG ((DEBUG_ERROR, "AllowUnacceptedMemory event creation for Event=
BeforeExitBootServices failed.\n"));
     }
=20
+    Status =3D gBS->InstallProtocolInterface (
+                    &mAmdSevDxeHandle,
+                    &gOvmfSevMemoryAcceptanceProtocolGuid,
+                    EFI_NATIVE_INTERFACE,
+                    &mMemoryAcceptanceProtocol
+                    );
+    if (EFI_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "Install OvmfSevMemoryAcceptanceProtocol failed=
.\n"));
+    }
+
     //
     // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING=
_SEV_SNP_BLOB.
     // It contains the location for both the Secrets and CPUID page.
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.=
inf
index 5b443d45bc..e7c7d526c9 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -49,6 +49,7 @@
=20
 [Protocols]
   gEdkiiMemoryAcceptProtocolGuid
+  gOvmfSevMemoryAcceptanceProtocolGuid
=20
 [Guids]
   gConfidentialComputingSevSnpBlobGuid
--=20
2.39.1.456.gfc5497dd1b-goog



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99101): https://edk2.groups.io/g/devel/message/99101
Mute This Topic: https://groups.io/mt/96553085/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-