From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73])
 by mx.groups.io with SMTP id smtpd.web12.406.1663879871115496343
 for <devel@edk2.groups.io>;
 Thu, 22 Sep 2022 13:51:11 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@google.com header.s=20210112 header.b=UkrcyGa1;
 spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.216.73, mailfrom: 3vsosywskbscglrqqdjodchjrrjoh.frpghyhohgnf.jurxsv.lr@flex--dionnaglaze.bounces.google.com)
Received: by mail-pj1-f73.google.com with SMTP id o23-20020a17090aac1700b002006b02384fso2170060pjq.3
        for <devel@edk2.groups.io>; Thu, 22 Sep 2022 13:51:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject
         :date;
        bh=3zeKcdpyqedCntrerCk3EbGlVzYXptBM6Lp4t88iUGs=;
        b=UkrcyGa1VLnPJa7weYuHn/8bFFiveEHs2SDjCHYNcAqVb25K0HabwwhRoljmMHL5U3
         b5FMpVUSJYaIjYNEJCLPQF299BI0O4ftedCM8HQH2a8BKzF0Z6rRANjWLVJ2wk1SGfM5
         A/sMs97ISA2e5zzZROl8vKe+DHqdQ9IHnsmiJWjCn/SOJdnD5t62++y3g5HEXoslOKPI
         NSYvVUW925fh2XVRC2RtkbA2m4PDL2aA8BxlzeWfzpcbpSgGuAdqipkybkv1id5urY4Q
         YxsgYV9wyswgaELTBz8uwBVGA8osopXl8J3oySov9W4dKYhXO1dK5I+ON/yPMapCIj1f
         LAMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state
         :from:to:cc:subject:date;
        bh=3zeKcdpyqedCntrerCk3EbGlVzYXptBM6Lp4t88iUGs=;
        b=lqsoQ+tmE/JCn7xxxL8afXIAiGAQMfFf7DYoa6tdZzHc75v29PbBoSKi2ny18aRycV
         zRQ0Dk+tlfFU4wDa98XQUT1gHcn0HxWTFBY2lmtmsqpOxo2Z4BQaJlPKf/c0s6sJqh15
         UCOhZ46TFMKxH0D2xv7YI/FfhRS+rE1ClGuGoK6lEviA9/5MgDGhJJWGQ8jA/oPgHkhG
         8GwlG5TBXFOirWfcimCVYfhHuv7vl5UGWnTsfq/9uk432opZn0Lx3x4+2qcjcyc2wuxX
         1SX2x6FgmN24cjQD3BiqD3HwDFggRpyUE0ipUJZzX7bYxzcOFS7+zap9fHGGdcSRJS7o
         LfKw==
X-Gm-Message-State: ACrzQf1n4QG32UP0D21/zpriWiqSBLtwMvCb2jOci6dg25J31rdDkABx
	HCuqlsJwUasUjICN9Olbatws3WPrCv6gamPv4d74pu+vS4dvggwP7SJUkTelmaQDrDqdMNQUCf6
	Uw6M/tekZFMhdAz8v1XCQ/7XnwLnWu8mD+wpd7MlMGZXclk5HdRbmtaW4S67ZQlFsBqC+5htJ
X-Google-Smtp-Source: AMsMyM6C1DJoYNAvCePDve1uMoVTt1Bn+uKNjD+Di/LfFjSz1I1ocw+JCF1JJAbVJTVjrIltGIPh1lEEaczsJXGtoQ==
X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a05:6a00:2485:b0:52e:ca57:5018 with
 SMTP id c5-20020a056a00248500b0052eca575018mr5398856pfv.43.1663879870376;
 Thu, 22 Sep 2022 13:51:10 -0700 (PDT)
Date: Thu, 22 Sep 2022 20:50:49 +0000
Mime-Version: 1.0
X-Mailer: git-send-email 2.37.3.998.g577e59143f-goog
Message-ID: <20220922205052.1198237-1-dionnaglaze@google.com>
Subject: [PATCH 0/3] Add safe unaccepted memory behavior
From: "Dionna Glaze" <dionnaglaze@google.com>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Ard Biescheuvel <ardb@kernel.org>, 
	"Min M. Xu" <min.m.xu@intel.org>, Gerd Hoffmann <kraxel@redhat.com>, 
	James Bottomley <jejb@linux.ibm.com>, Tom Lendacky <Thomas.Lendacky@amd.com>, 
	Jiewen Yao <jiewen.yao@intel.com>, Erdem Aktas <erdemaktas@google.com>
Content-Type: text/plain; charset="UTF-8"

These three patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

For unaccepted memory to be enabled, we must know that the booted image
supports the unaccepted memory type. We add a trivial protocol that sets
a dynamic Pcd to true when called in order for the booted image to
signal its support for unaccepted memory. This does not need to be an
OsIndications bit because it does not need to be persisted.

We use the Pcd to disable a new ExitBootServices notification that
accepts all unaccepted memory, removes the unaccepted memory entries in
the memory space map, and then add the same memory ranges back as
conventional memory.

All images that support unaccepted memory must now locate and call this
new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

Cc: Ard Biescheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>

Dionna Glaze (3):
  OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
  DxeMain accepts all memory at EBS if needed
  MdeModulePkg: add EnableUnacceptedMemoryProtocol

 MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +++++
 MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
 MdeModulePkg/Core/Dxe/Mem/Page.c              | 122 ++++++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                 |   9 ++
 MdeModulePkg/MdeModulePkg.uni                 |   6 +
 OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
 OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 ++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
 OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
 OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
 OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
 .../Ia32/MemEncryptSevLib.c                   |  17 +++
 .../X64/DxeSnpSystemRamValidate.c             |  35 +++++
 .../X64/PeiSnpSystemRamValidate.c             |  17 +++
 .../X64/SecSnpSystemRamValidate.c             |  18 +++
 OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
 OvmfPkg/OvmfPkgX64.dsc                        |   2 +
 OvmfPkg/OvmfXen.dsc                           |   2 +
 20 files changed, 334 insertions(+), 1 deletion(-)

-- 
2.37.3.998.g577e59143f-goog