[edk2-devel] [PATCH v3 0/4] Add safe unaccepted memory behavior

Dionna Glaze via groups.io dionnaglaze=google.com at groups.io
Mon Sep 26 19:32:38 UTC 2022 

These three patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

For unaccepted memory to be enabled, we must know that the booted image
supports the unaccepted memory type. We add a trivial protocol that sets
a dynamic Pcd to true when called in order for the booted image to
signal its support for unaccepted memory. This does not need to be an
OsIndications bit because it does not need to be persisted.

We use the Pcd to disable a new ExitBootServices notification that
accepts all unaccepted memory, removes the unaccepted memory entries in
the memory space map, and then add the same memory ranges back as
conventional memory.

All images that support unaccepted memory must now locate and call this
new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

Changes since v2:
 - Removed the redundant memory accept interface and added the accept
   behavior to the DXE implementation of
   MemEncryptSevSnpPreValidateSystemRam.
 - Fixed missing #include in >=4GB patch.

Changes since v1:
 - Added a patch to classify SEV-SNP memory above 4GB unaccepted.
 - Fixed style problems in EfiMemoryAcceptProtocol implementation.

Cc: Ard Biescheuvel <ardb at kernel.org>
Cc: "Min M. Xu" <min.m.xu at intel.com>
Cc: Gerd Hoffmann <kraxel at redhat.com>
Cc: James Bottomley <jejb at linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky at amd.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Erdem Aktas <erdemaktas at google.com>

Signed-off-by: Dionna Glaze <dionnaglaze at google.com>

Dionna Glaze (4):
  OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
  DxeMain accepts all memory at EBS if needed
  MdeModulePkg: add EnableUnacceptedMemoryProtocol
  OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

 MdeModulePkg/Core/Dxe/DxeMain.h                                    |  32 +++++
 MdeModulePkg/Core/Dxe/DxeMain.inf                                  |   3 +
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c                            |  19 ++-
 MdeModulePkg/Core/Dxe/Mem/Page.c                                   | 122 ++++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                                      |   9 ++
 MdeModulePkg/MdeModulePkg.uni                                      |   6 +
 OvmfPkg/AmdSev/AmdSevX64.dsc                                       |   1 +
 OvmfPkg/AmdSevDxe/AmdSevDxe.c                                      |  34 ++++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf                                    |   3 +
 OvmfPkg/Bhyve/BhyveX64.dsc                                         |   2 +
 OvmfPkg/CloudHv/CloudHvX64.dsc                                     |   2 +
 OvmfPkg/IntelTdx/IntelTdxX64.dsc                                   |   2 +
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c |  24 +++-
 OvmfPkg/OvmfPkgIa32X64.dsc                                         |   2 +
 OvmfPkg/OvmfPkgX64.dsc                                             |   2 +
 OvmfPkg/OvmfXen.dsc                                                |   2 +
 OvmfPkg/PlatformPei/AmdSev.c                                       |   5 +
 17 files changed, 265 insertions(+), 5 deletions(-)

-- 
2.37.3.998.g577e59143f-goog



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94357): https://edk2.groups.io/g/devel/message/94357
Mute This Topic: https://groups.io/mt/93934989/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list