From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.50]) by mx.groups.io with SMTP id smtpd.web08.697.1663968853180767082 for ; Fri, 23 Sep 2022 14:34:13 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=Aaq82hRy; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.50, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X1I0fDw66PhBI1Y0+HABvd9CtsUD1B4hc4NTZZumz3lVJ98i1auy+Wd2MUPLFFltUNUo0vQsChKXBf3gN2AP7XPjI1UYE5HjjucltUk52ZTeME4+J00Mtc2UMg8AVJYoLm1cOmW4C+3vJ7wl8MXSnfFodg/3P9Wk7MZK8h9u8x25kUe7yjql/BqFVLlKbI3cdVP1pjiNTCcbpw6vszcFNwQBrWnnC7QWvo8MfE2nEOyDr7Pj/Rh8mZZGhpYyEu4QXXKnysceRxcqW9tKf/LP74P7hBhuz/aXo2ILn+c8xgnrSdqsaEzDh497ITbf4GZ3ZOwIvHQ+4g4Jk/T9mzEuuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3E9vLcCbrVd+4jEFW4VdYQfKXjvX3mfNE1DUZJd8qMY=; b=Gk1Pj0reZET9SXVzgVcjwZikpznGp8l2FIVlnArYYf76kxhse2s5ZHpryzSlTBv3JQDfb9Z7Z48ZJQ9e4bTYy1U8o/r1JAIlkawLd0aV32foizSbF4VfKrXRAoLvDd/moTHxH3vLuKYxIOuJXQrbj0nHfI0x6ksMfcoRBZS2xgmKB8OoZvOLYTTcxhZ1R4IwFZZtcatqfYw5gMXqZWRKygHqxmvmHoXv7Khtyj0BHaJc9/6nfZyFtICfjRtWXnaukpBEvcPnYfHdfyw0AoViyCKlAuIVLvHev9rg3hp5WEB/SSaw53CvkQai3ZSmjCurYZqZwOFmrT1sfxKksRsWWg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3E9vLcCbrVd+4jEFW4VdYQfKXjvX3mfNE1DUZJd8qMY=; b=Aaq82hRyFfqS7cyCOwlfyWRoE4Ws8uyv9Gm87R/Iu3nx7U8fZ/cIVRSkY9taSdqjG+MWyjotswM0H1L1G9+4JI2gce76UBgZGCJhVqyz7Ku5V2+6rSx2C/CXOCrBjKMAB/II0VS7GoldbWG7GdFGPUE3p8qRA2BY22SbUMbrr0M= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by CH2PR12MB4150.namprd12.prod.outlook.com (2603:10b6:610:a6::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.20; Fri, 23 Sep 2022 21:34:10 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::c175:4c:c0d:1396]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::c175:4c:c0d:1396%4]) with mapi id 15.20.5654.020; Fri, 23 Sep 2022 21:34:10 +0000 Message-ID: <0a29f90c-fa7a-ac74-3747-aff7124cef90@amd.com> Date: Fri, 23 Sep 2022 16:34:08 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH 2/4] DxeMain accepts all memory at EBS if needed To: Dionna Glaze , devel@edk2.groups.io Cc: Gerd Hoffmann , James Bottomley , Jiewen Yao , Ard Biesheuvel References: <20220923203431.1428535-1-dionnaglaze@google.com> <20220923203431.1428535-3-dionnaglaze@google.com> From: "Lendacky, Thomas" In-Reply-To: <20220923203431.1428535-3-dionnaglaze@google.com> X-ClientProxiedBy: SN4PR0501CA0005.namprd05.prod.outlook.com (2603:10b6:803:40::18) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|CH2PR12MB4150:EE_ X-MS-Office365-Filtering-Correlation-Id: 87e72ab9-900f-4de2-07a6-08da9dab5a56 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GiiGv21sZ9veRwrmksBFcKx6BKXeu6Rq6S75mOAx2ArhE7LUP9FXzl9IEY8BpTrN+TWrLrLqk3+sSha4CNWFZCT8MpBjM5OZiv5MOHDpOL5SjCsfzgwhck7phDsIlrOOdAYwcZq/UVRqLbD32ahKKqYFaNGZaXE//4kU1RRjcQCm8yp0+juzXHEpRYpidN3cLnNprutJYNPGFr8TlRXS+ZjJ3jitnhuT5BCgpAo3jS7pzr3mR32n/SveZblmrOQr4R5grPWM7VCfwvX7zEzQmFtyF70zKyLbaBwdJ0yUz1b9eYlqw/e2PYu7WU0/IKf/LmFQfbYWTINokjDUGAalRY1M140CbFj/skTQ7Y76sxGf8HS3VHTOn0komwyBR0vLpxz8v4lt8mwmbzjc//JKt/JV0eztaJ2n3bpsCQ++Uo9P4rwP7JlbTl3RgQxExsCwYfvxORMoHSvZWfoUWmblp9V9aES8ZqLr3V3owd6omYz+pQFRBliUvCoa19gf8V/X2PiRpfHV9moNkQY1TsvmHIWpTY57UHvf+U2euLyP2VrMTM46He4nzVVIZS1DNwakEELMjkHY94/kH4AXH8k+4evC956DTbwdlUypHVh8pRLOE6zYaoH+u+uoqLBgnCqOxWV52g485M+ENMDC095Yr6I2TnOFzZ1QHSTAZsff6DTKraClBQgYfzZWz1dUp34RZ6ZzsAu+1cm7Y43TSnXd9aqXxdeKYWIY07U81LkisKaPKb72v9ZiMqrW3GB7IjYSliH0nFTYMwp8Xvxpti0MZwror9ZbrtQyObhqEYhrRoU= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(366004)(396003)(136003)(346002)(376002)(39860400002)(451199015)(316002)(19627235002)(31686004)(86362001)(31696002)(4326008)(30864003)(36756003)(5660300002)(2906002)(66476007)(8936002)(83380400001)(66946007)(38100700002)(8676002)(41300700001)(54906003)(53546011)(2616005)(186003)(26005)(6506007)(66556008)(6512007)(478600001)(6486002)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MTF5RFp0dE8vRmlQQ20wUERlcDcxQy84cy84THlsUVQxRlhqUWJwVWtVMzFw?= =?utf-8?B?aVM3WDRSYWpKYXNsaFdGeHBZdmJpWlNtQ1VvNVhJSEdseHBIeHFvUm82a0Zw?= =?utf-8?B?K1lCOW4wUzJVNzNkZVUybnpKVXp3NGlEODJpQmtQMUNBVlZzZllsR25nR1M1?= =?utf-8?B?ejdXOGp2b0RMMCtKUW9pTExYNkF4a2QxWFlYZmVqVU5wTjRSNUFxOFMvMzhO?= =?utf-8?B?Rm1jRnRsMnpISlE1amhCSGxaMzZ5b2ZCaGZIeE5KelFwWnlYeHhnb1Y5aitU?= =?utf-8?B?a0ZZUHFoRWFGa3VlREtaTWNCZjJrRDJGdnNhN2tYMmJqOXN3TWhsUFR6Q0Zt?= =?utf-8?B?QXR4UVNGZlNtT3VkZHVrVWtrSnBiRG1GUWVTdXF5OSt5aVFaSzk0aHpZQzNE?= =?utf-8?B?OGdjV2x5RnE1cWtHY3J3bFFEZ2l2V0hYRjlWR3NuaHplbDhQOFJ5VW5RUzdU?= =?utf-8?B?ZVl2OHYyQVlXd2s1bzNiaTZBcGpFNzRrL2xPcnNKRnpvK2RUc3lNdzgzM2Yy?= =?utf-8?B?T1A0UzVDMU85cXNyUTdUUjV4VFl1NEZSV0h1OWttNllCM0JrTHVVV085N2JF?= =?utf-8?B?aHUyQ1FINHE5UGo5T1lJUU43WGRRRFByWjloS0JiOGlmMDk4NHlWN3NDVC96?= =?utf-8?B?b1BtSVBhZ01rd3A3aXJIUlZKd0tJa0I2R205eFBMNUZhZExnUllVVyt6Z0dN?= =?utf-8?B?L2xraCtVTExCbFg0djBscytiRElnbDc4SFRtTnB3K3ljL0NLeUhqb3Z1cXR5?= =?utf-8?B?dDByQWpSczlLRkxvZm85VGJWTjZNV2toUUs5eHd5NS9FbHNXazFyUU02aGp3?= =?utf-8?B?Kzladk5Tcmt0MDhzNkx4MWk0bDZ3NjI0N3h2Y2UxdXI2clphdjBUYVNqOFY0?= =?utf-8?B?OW5XRmZYVnBmSS9Fejg0dDFhZi9heDIyOHkrNFBYak1PbFJnNTNnMTFldFNq?= =?utf-8?B?c2NhUzNIcGNVcTRBWDdLcXlWQ25nUHdERGpHNnRCQU00Z0cxSEZmZG1KWXB1?= =?utf-8?B?M0lVcUFsK2tRSjZaVmFyajVqSFFLUXRSRjFwcTJEb3NYTVlWV09sN0swbkhZ?= =?utf-8?B?SEh1bDdWRUo0dHhmZkpZNzdqelQrajA4YnhWWFFwenNwSzQxRHJyZmZaZFdm?= =?utf-8?B?Wm9sRHdrMWZ1QnI1WGZQMnRtUmVzYmJIS3RHUUV0MHN2Q1Q1d0lyS0NWQXM2?= =?utf-8?B?NTl6a0ZZcFVKbW82dC9Hb3VDNFpxSjVpaWdxcDF2QVNGTDhBdXRDeVArZzhv?= =?utf-8?B?Z2EraHFkNElPSGpqNi9GUnRXSXptZ3VlblJ0bWdtMSt3SnY4NXhLWEp1ZUEz?= =?utf-8?B?WFRRY211ZGNmQTRhOTVaVmNiUlJabm9qc3g4OHh4L0hKSFhoOHJQSWdGMFk4?= =?utf-8?B?MHBySGZqU1dGTnBJUGkramQvK0Nsd3c4WElqSHNLV2xTenhZNVNhbEFlLy9s?= =?utf-8?B?ZmpBcFRZVGNTMkdOTkw2ckdWa1NhVkhGVzhCTWRIbndGaVMycnlhVFpSZmRq?= =?utf-8?B?L0pLMFNMckt1UEtKMXhxcjM0Nk5MTENHTXllbGVELzZ3ZktqMFVaYzdUQWwz?= =?utf-8?B?NXpid2l0TFpqSkJwaGRuc0lyaGh3ckNjUVBQb0FtVmd0dVNSWXRwQnNrZW9v?= =?utf-8?B?TlZudTExY1dod25rSFBzZEY1bU43dHFYSFY0WVNvZHdUa1VUQ1lXL2U0T1Zr?= =?utf-8?B?cnpQNVFyRE45MEkyRlBJQmNkWnhnZ25lTGp1Kzd1MWlIS3FCM3I1VmVCM253?= =?utf-8?B?WHZ0MHluSHZwRFdJZTFYam9oRXhJZ244elFQODlLQUZtSWlrV2tqOXlhZ1pt?= =?utf-8?B?SytJVUtpditYNHhxWTlTQUNZY1N6eDdyNFdJTzhPSW5zaVhVTmJFNm1FUFB4?= =?utf-8?B?eU1HYWpSdDFGN0VmVDZoZDFBWDdIRFU3MmpXQ0xoY3VuR09mZDUxV3lSTkZN?= =?utf-8?B?SkhUYkhOeGdtQzJkZFl4VWFwaGI4M1dSMFQ0a1IzeVBnRzY0QWdLVzJESHNR?= =?utf-8?B?UlMvbTcxdE5UTFZVYkdBS0VobDFUS3k1QUFjK2UraE1vd2l0U2VQOUZyR3Jr?= =?utf-8?B?WXpIVm5RSHM5dGVpMVlrMFpFeVpGb0syZHhWZmlYVEQ2aGVYeXZxbUk0K0Jn?= =?utf-8?Q?S8IZHjti8bPjXebk38b0sc3C+?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 87e72ab9-900f-4de2-07a6-08da9dab5a56 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2022 21:34:10.7996 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: P3dPyCZHrppjrMRbVpC64eBjcJLbCOf/af30tsme3qSVqCR1PRobH1XGAKvVUlR4wn+IeMhR4ztDsfGlX+ssbQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4150 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 9/23/22 15:34, Dionna Glaze wrote: > With the addition of the EfiUnacceptedMemory memory type, it is possible > the EFI-enlightened guests do not themselves support the new memory > type. This commit adds a dynamic Pcd that can be set to enable > unaccepted memory support before ExitBootServices is called. > > The expected usage is to set the new Pcd with a protocol that is usable > by bootloaders and directly-booted OSes when they can determine that the > OS does indeed support unaccepted memory. > > Cc: Gerd Hoffmann > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Ard Biesheuvel > > Signed-off-by: Dionna Glaze > --- > MdeModulePkg/Core/Dxe/DxeMain.h | 10 +++ > MdeModulePkg/Core/Dxe/DxeMain.inf | 2 + > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 14 +++- > MdeModulePkg/Core/Dxe/Mem/Page.c | 87 +++++++++++++++++++++++++ > MdeModulePkg/MdeModulePkg.dec | 6 ++ > MdeModulePkg/MdeModulePkg.uni | 6 ++ > OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + > OvmfPkg/Bhyve/BhyveX64.dsc | 2 + > OvmfPkg/CloudHv/CloudHvX64.dsc | 2 + > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 + > OvmfPkg/OvmfPkgIa32X64.dsc | 2 + > OvmfPkg/OvmfPkgX64.dsc | 2 + > OvmfPkg/OvmfXen.dsc | 2 + > 13 files changed, 137 insertions(+), 1 deletion(-) You'll need to split this patch into the MdeModulePkg changes and then the OvmfPkg changes. That will allow you to have the proper prefix on the subject line, too (sorry I didn't notice that last time). Thanks, Tom > > diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h > index 815a6b4bd8..ac943c87a3 100644 > --- a/MdeModulePkg/Core/Dxe/DxeMain.h > +++ b/MdeModulePkg/Core/Dxe/DxeMain.h > @@ -2698,6 +2698,16 @@ CoreInitializeMemoryProtection ( > VOID > ); > > +/** > + Accept and convert unaccepted memory to conventional memory if unaccepted > + memory is not enabled and there is an implementation of MemoryAcceptProtocol > + installed. > + **/ > +EFI_STATUS > +CoreResolveUnacceptedMemory ( > + VOID > + ); > + > /** > Install MemoryAttributesTable on memory allocation. > > diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf > index e4bca89577..deb8bb2ba8 100644 > --- a/MdeModulePkg/Core/Dxe/DxeMain.inf > +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf > @@ -153,6 +153,7 @@ > gEfiHiiPackageListProtocolGuid ## SOMETIMES_PRODUCES > gEfiSmmBase2ProtocolGuid ## SOMETIMES_CONSUMES > gEdkiiPeCoffImageEmulatorProtocolGuid ## SOMETIMES_CONSUMES > + gEfiMemoryAcceptProtocolGuid ## SOMETIMES_CONSUMES > > # Arch Protocols > gEfiBdsArchProtocolGuid ## CONSUMES > @@ -186,6 +187,7 @@ > gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES > gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES > gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth ## CONSUMES > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory ## CONSUMES > > # [Hob] > # RESOURCE_DESCRIPTOR ## CONSUMES > diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c > index 5733f0c8ec..8d1de32fe7 100644 > --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c > +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c > @@ -768,13 +768,25 @@ CoreExitBootServices ( > // > gTimer->SetTimerPeriod (gTimer, 0); > > + // > + // Accept all memory if unaccepted memory isn't enabled. > + // > + Status = CoreResolveUnacceptedMemory(); > + if (EFI_ERROR (Status)) { > + // > + // Notify other drivers that ExitBootServices failed > + // > + CoreNotifySignalList (&gEventExitBootServicesFailedGuid); > + return Status; > + } > + > // > // Terminate memory services if the MapKey matches > // > Status = CoreTerminateMemoryMap (MapKey); > if (EFI_ERROR (Status)) { > // > - // Notify other drivers that ExitBootServices fail > + // Notify other drivers that ExitBootServices failed > // > CoreNotifySignalList (&gEventExitBootServicesFailedGuid); > return Status; > diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/Page.c > index ffe79dcca9..cbebe62a28 100644 > --- a/MdeModulePkg/Core/Dxe/Mem/Page.c > +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c > @@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #include "DxeMain.h" > #include "Imem.h" > #include "HeapGuard.h" > +#include > +#include > > // > // Entry for tracking the memory regions for each memory type to coalesce similar memory types > @@ -2118,6 +2120,91 @@ CoreFreePoolPages ( > CoreConvertPages (Memory, NumberOfPages, EfiConventionalMemory); > } > > +EFI_EVENT gExitBootServiceEvent = NULL; > + > +STATIC > +EFI_STATUS > +AcceptAllUnacceptedMemory ( > + IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory > + ) > +{ > + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; > + UINTN NumEntries; > + UINTN Index; > + EFI_STATUS Status; > + > + /* > + * Get a copy of the memory space map to iterate over while > + * changing the map. > + */ > + Status = CoreGetMemorySpaceMap (&NumEntries, &AllDescMap); > + if (EFI_ERROR (Status)) { > + return Status; > + } > + for (Index = 0; Index < NumEntries; Index++) { > + CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc; > + > + Desc = &AllDescMap[Index]; > + if (Desc->GcdMemoryType != EfiGcdMemoryTypeUnaccepted) { > + continue; > + } > + > + Status = AcceptMemory->AcceptMemory ( > + AcceptMemory, > + Desc->BaseAddress, > + Desc->Length > + ); > + if (EFI_ERROR(Status)) { > + goto done; > + } > + > + Status = CoreRemoveMemorySpace(Desc->BaseAddress, Desc->Length); > + if (EFI_ERROR(Status)) { > + goto done; > + } > + > + Status = CoreAddMemorySpace ( > + EfiGcdMemoryTypeSystemMemory, > + Desc->BaseAddress, > + Desc->Length, > + EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP > + ); > + if (EFI_ERROR(Status)) { > + goto done; > + } > + } > + > +done: > + FreePool (AllDescMap); > + return Status; > +} > + > +EFI_STATUS > +CoreResolveUnacceptedMemory ( > + VOID > + ) > +{ > + EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory; > + EFI_STATUS Status; > + > + // No need to accept anything. Unaccepted memory is enabled. > + if (PcdGetBool(PcdEnableUnacceptedMemory)) { > + return EFI_SUCCESS; > + } > + > + Status = gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL, > + (VOID **)&AcceptMemory); > + if (Status == EFI_NOT_FOUND) { > + return EFI_SUCCESS; > + } > + if (Status != EFI_SUCCESS) { > + DEBUG ((DEBUG_ERROR, "Error locating MemoryAcceptProtocol: %d\n", Status)); > + return Status; > + } > + > + return AcceptAllUnacceptedMemory(AcceptMemory); > +} > + > /** > Make sure the memory map is following all the construction rules, > it is the last time to check memory map error before exit boot services. > diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec > index 58e6ab0048..dd07b3725a 100644 > --- a/MdeModulePkg/MdeModulePkg.dec > +++ b/MdeModulePkg/MdeModulePkg.dec > @@ -2102,6 +2102,12 @@ > # @Prompt The shared bit mask when Intel Tdx is enabled. > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025 > > + ## Indicates if the memory map may include unaccepted memory after ExitBootServices().

> + # TRUE - The memory map may include unaccepted memory after ExitBootServices().
> + # FALSE - The memory map may not include unaccepted memory after ExitBootServices().
> + # @Prompt Support unaccepted memory type. > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE|BOOLEAN|0x10000026 > + > [PcdsPatchableInModule] > ## Specify memory size with page number for PEI code when > # Loading Module at Fixed Address feature is enabled. > diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni > index 33ce9f6198..fde57da123 100644 > --- a/MdeModulePkg/MdeModulePkg.uni > +++ b/MdeModulePkg/MdeModulePkg.uni > @@ -1338,3 +1338,9 @@ > #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPcieResizableBarSupport_HELP #language en-US "Indicates if the PCIe Resizable BAR Capability Supported.

\n" > "TRUE - PCIe Resizable BAR Capability is supported.
\n" > "FALSE - PCIe Resizable BAR Capability is not supported.
" > + > +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_PROMPT #language en-US "Support unaccepted memory type" > +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_HELP #language en-US "Indicates if the memory map may include unaccepted memory " > + "after ExitBootServices().

\n" > + "TRUE - The memory map may include unaccepted memory after ExitBootServices().
\n" > + "FALSE - The memory map may not include unaccepted memory after ExitBootServices().
\n" > diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc > index 90e8a213ef..23086748c5 100644 > --- a/OvmfPkg/AmdSev/AmdSevX64.dsc > +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc > @@ -526,6 +526,7 @@ > > # Set ConfidentialComputing defaults > gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > > !include OvmfPkg/OvmfTpmPcds.dsc.inc > > diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc > index 475b88b21a..004be8b019 100644 > --- a/OvmfPkg/Bhyve/BhyveX64.dsc > +++ b/OvmfPkg/Bhyve/BhyveX64.dsc > @@ -559,6 +559,8 @@ > # Set Tdx shared bit mask > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 > > # MdeModulePkg resolution sets up the system display resolution > diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc > index 10b16104ac..41f43a2631 100644 > --- a/OvmfPkg/CloudHv/CloudHvX64.dsc > +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc > @@ -618,6 +618,8 @@ > # Set Tdx shared bit mask > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc > index c0c1a15b09..55b6a2a845 100644 > --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc > +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc > @@ -514,6 +514,8 @@ > # Set Tdx shared bit mask > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index af566b953f..aebe1c3192 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -655,6 +655,8 @@ > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index f39d9cd117..6e4418388e 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -679,6 +679,8 @@ > # Set Tdx shared bit mask > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc > index 58a7c97cdd..0f57e22a2b 100644 > --- a/OvmfPkg/OvmfXen.dsc > +++ b/OvmfPkg/OvmfXen.dsc > @@ -505,6 +505,8 @@ > # Set Tdx shared bit mask > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE > + > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 > > ################################################################################