From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by groups.io with SMTP; Tue, 24 Sep 2019 04:35:32 -0700
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 19C4A8BA2DA;
	Tue, 24 Sep 2019 11:35:32 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-118.rdu2.redhat.com [10.10.120.118])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 6E681600CC;
	Tue, 24 Sep 2019 11:35:29 +0000 (UTC)
From: "Laszlo Ersek" <lersek@redhat.com>
To: edk2-devel-groups-io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Boris Ostrovsky <boris.ostrovsky@oracle.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Igor Mammedov <imammedo@redhat.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Joao M Martins <joao.m.martins@oracle.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Jun Nakajima <jun.nakajima@intel.com>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Phillip Goerl <phillip.goerl@oracle.com>,
	Yingwen Chen <yingwen.chen@intel.com>
Subject: [PATCH wave 1 07/10] OvmfPkg/PlatformPei: reserve the SMRAM at the default SMBASE, if it exists
Date: Tue, 24 Sep 2019 13:35:02 +0200
Message-Id: <20190924113505.27272-8-lersek@redhat.com>
In-Reply-To: <20190924113505.27272-1-lersek@redhat.com>
References: <20190924113505.27272-1-lersek@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (mx1.redhat.com [10.5.110.68]); Tue, 24 Sep 2019 11:35:32 +0000 (UTC)
Content-Transfer-Encoding: quoted-printable

The 128KB SMRAM at the default SMBASE will be used for protecting the
initial SMI handler for hot-plugged VCPUs. After platform reset, the SMRA=
M
in question is open (and looks just like RAM). When BDS signals
EFI_DXE_MM_READY_TO_LOCK_PROTOCOL (and so TSEG is locked down), we're
going to lock the SMRAM at the default SMBASE too.

For this, we have to reserve said SMRAM area as early as possible, from
components in PEI, DXE, and OS runtime.

* QemuInitializeRam() currently produces a single resource descriptor HOB=
,
  for exposing the system RAM available under 1GB. This occurs during bot=
h
  normal boot and S3 resume identically (the latter only for the sake of
  CpuMpPei borrowing low RAM for the AP startup vector).

  But, the SMRAM at the default SMBASE falls in the middle of the current
  system RAM HOB. Split the HOB, and cover the SMRAM with a reserved
  memory HOB in the middle. CpuMpPei (via MpInitLib) skips reserved memor=
y
  HOBs.

* InitializeRamRegions() is responsible for producing memory allocation
  HOBs, carving out parts of the resource descriptor HOBs produced in
  QemuInitializeRam(). Allocate the above-introduced reserved memory
  region in full, similarly to how we treat TSEG, so that DXE and the OS
  avoid the locked SMRAM (black hole) in this area.

  (Note that these allocations only occur on the normal boot path, as the=
y
  matter for the UEFI memory map, which cannot be changed during S3
  resume.)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Joao M Martins <joao.m.martins@oracle.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Phillip Goerl <phillip.goerl@oracle.com>
Cc: Yingwen Chen <yingwen.chen@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1512
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/PlatformPei/MemDetect.c | 37 ++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDet=
ect.c
index 4879ee87b797..8fdc9c2ed7c9 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -646,6 +646,28 @@ PublishPeiMemory (
 }
=20
=20
+STATIC
+VOID
+QemuInitializeRamBelow1gb (
+  VOID
+  )
+{
+  if (FeaturePcdGet (PcdSmmSmramRequire) && mQ35SmramAtDefaultSmbase) {
+    AddMemoryRangeHob (0, SMM_DEFAULT_SMBASE);
+    AddReservedMemoryBaseSizeHob (SMM_DEFAULT_SMBASE, MCH_DEFAULT_SMBASE=
_SIZE,
+      TRUE /* Cacheable */);
+    STATIC_ASSERT (
+      SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE < BASE_512KB + BASE_1=
28KB,
+      "end of SMRAM at default SMBASE ends at, or exceeds, 640KB"
+      );
+    AddMemoryRangeHob (SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE,
+      BASE_512KB + BASE_128KB);
+  } else {
+    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);
+  }
+}
+
+
 /**
   Peform Memory Detection for QEMU / KVM
=20
@@ -690,12 +712,12 @@ QemuInitializeRam (
     // allocation HOBs, and to honor preexistent memory allocation HOBs =
when
     // looking for an area to borrow.
     //
-    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);
+    QemuInitializeRamBelow1gb ();
   } else {
     //
     // Create memory HOBs
     //
-    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);
+    QemuInitializeRamBelow1gb ();
=20
     if (FeaturePcdGet (PcdSmmSmramRequire)) {
       UINT32 TsegSize;
@@ -861,6 +883,17 @@ InitializeRamRegions (
         TsegSize,
         EfiReservedMemoryType
         );
+      //
+      // Similarly, allocate away the (already reserved) SMRAM at the de=
fault
+      // SMBASE, if it exists.
+      //
+      if (mQ35SmramAtDefaultSmbase) {
+        BuildMemoryAllocationHob (
+          SMM_DEFAULT_SMBASE,
+          MCH_DEFAULT_SMBASE_SIZE,
+          EfiReservedMemoryType
+          );
+      }
     }
   }
 }
--=20
2.19.1.3.g30247aa5d201