From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) by mx.groups.io with SMTP id smtpd.web08.455.1663879886163120483 for ; Thu, 22 Sep 2022 13:51:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=pSHfCTvk; spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.215.202, mailfrom: 3zmosywskbtuuzfeerxcrqvxffxcv.tfduvmvcvubt.xiflgj.zf@flex--dionnaglaze.bounces.google.com) Received: by mail-pg1-f202.google.com with SMTP id r126-20020a632b84000000b004393806c06eso5888542pgr.4 for ; Thu, 22 Sep 2022 13:51:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date; bh=NaABzg+gdqhoGIftvKLONPv+eIKBScOO+M8msXNZYl8=; b=pSHfCTvkzDkiyhKBol5JP4CQecZhkZkbpQsZhoNY96d+i1GVYz0WZ5lmOLZkuYWpPN PMcKeJdFPiKFt0Fsxb9OqXfoWuT7gTj/fJMDamo5sFxWDpCKAwyjMlyyi8fT4X/7FMEO FyjW9X512eMyzAi7rha4Jcg/Tz09W+t7wKhtY0F3+Owmors1mOycU64VOPKPMA5RvwJf /FxwX8L8D8COSfhaxRw4CvlOaxHl5A1LuMLkpUwaNv+FOu/xrHZG4GbmuPa2bQvfsMvk H5m6K97zs5cN63qxNlfovyI7kHrrgzakBCGcoeTVSl5M/x/6gcnVRUsgxye9sz5BlkC0 PGRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date; bh=NaABzg+gdqhoGIftvKLONPv+eIKBScOO+M8msXNZYl8=; b=J9IEfT+gXCTQ4cV5P3GVP4tEw8YqNnc2H3jrW8kmtR/c6mhpRGkwKAgh1I3keWtkiy GEjBIfM9XOL6PsMn8aD4CUa/V49vf/i+q9GFrAUstnBjN10y3L9ShMFF/icUOeeu+Fh7 Vn7WRHKMDRIeFAkq+HE4+qFaPbnuTYQnOuOR7WJBPfx7TLe47oPHYMv47k0s4Cd62tij g/x2C6msMfxiNPZIFH52/hRuFQ1psAfqZ5YK2lHLh8zJ6AZu+gQEaHXJ78wOCgF5z93P KnTL5cly9ASSuLHAbBLJ63yolVS9vllA6zCmRI3cCo+GP08BNpKqIrOqpvQvLtE0YPqX ao+A== X-Gm-Message-State: ACrzQf1bzVUcl9e71Rir4iq2+/3rkgUFfCOjKysAVub0/U4a3qYwcQDz sXC9nAqc0d25MbR+ZYj2gyIhzF03usg8099ddn1OhZfdsjCFAM59rPp4gPKdYi7DBwH8TO4UZh6 PjbJZB1uf+zpPCSUN9MLIxK7uMc7wVtvDq+uBzE5nZm1Q1RB9Cam9Uw5GqELsBCFhp1Juewl9 X-Google-Smtp-Source: AMsMyM4LuP1qKdYT9ThJ03mXwlLrnx5srtjp34UreNoWKFHgdRUiUN9eaEBqxsPrhmhDc/ZRsrJuWZKz3tpLS0n3TA== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90b:10a:b0:200:2849:235f with SMTP id p10-20020a17090b010a00b002002849235fmr385468pjz.1.1663879884138; Thu, 22 Sep 2022 13:51:24 -0700 (PDT) Date: Thu, 22 Sep 2022 20:50:51 +0000 In-Reply-To: <20220922205052.1198237-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20220922205052.1198237-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.37.3.998.g577e59143f-goog Message-ID: <20220922205052.1198237-3-dionnaglaze@google.com> Subject: [PATCH 2/3] DxeMain accepts all memory at EBS if needed From: "Dionna Glaze" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky , Ard Biesheuvel Content-Type: text/plain; charset="UTF-8" With the addition of the EfiUnacceptedMemory memory type, it is possible the EFI-enlightened guests do not themselves support the new memory type. This commit adds a dynamic Pcd that can be set to enable unaccepted memory support before ExitBootServices is called. The expected usage is to set the new Pcd with a protocol that is usable by bootloaders and directly-booted OSes when they can determine that the OS does indeed support unaccepted memory. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Ard Biesheuvel Signed-off-by: Dionna Glaze --- MdeModulePkg/Core/Dxe/DxeMain.h | 10 +++ MdeModulePkg/Core/Dxe/DxeMain.inf | 2 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 14 +++- MdeModulePkg/Core/Dxe/Mem/Page.c | 87 +++++++++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 6 ++ MdeModulePkg/MdeModulePkg.uni | 6 ++ OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/Bhyve/BhyveX64.dsc | 2 + OvmfPkg/CloudHv/CloudHvX64.dsc | 2 + OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 + OvmfPkg/OvmfPkgIa32X64.dsc | 2 + OvmfPkg/OvmfPkgX64.dsc | 2 + OvmfPkg/OvmfXen.dsc | 2 + 13 files changed, 137 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h index 815a6b4bd8..ac943c87a3 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.h +++ b/MdeModulePkg/Core/Dxe/DxeMain.h @@ -2698,6 +2698,16 @@ CoreInitializeMemoryProtection ( VOID ); +/** + Accept and convert unaccepted memory to conventional memory if unaccepted + memory is not enabled and there is an implementation of MemoryAcceptProtocol + installed. + **/ +EFI_STATUS +CoreResolveUnacceptedMemory ( + VOID + ); + /** Install MemoryAttributesTable on memory allocation. diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf index e4bca89577..deb8bb2ba8 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain.inf +++ b/MdeModulePkg/Core/Dxe/DxeMain.inf @@ -153,6 +153,7 @@ gEfiHiiPackageListProtocolGuid ## SOMETIMES_PRODUCES gEfiSmmBase2ProtocolGuid ## SOMETIMES_CONSUMES gEdkiiPeCoffImageEmulatorProtocolGuid ## SOMETIMES_CONSUMES + gEfiMemoryAcceptProtocolGuid ## SOMETIMES_CONSUMES # Arch Protocols gEfiBdsArchProtocolGuid ## CONSUMES @@ -186,6 +187,7 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory ## CONSUMES # [Hob] # RESOURCE_DESCRIPTOR ## CONSUMES diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c index 5733f0c8ec..8d1de32fe7 100644 --- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c +++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c @@ -768,13 +768,25 @@ CoreExitBootServices ( // gTimer->SetTimerPeriod (gTimer, 0); + // + // Accept all memory if unaccepted memory isn't enabled. + // + Status = CoreResolveUnacceptedMemory(); + if (EFI_ERROR (Status)) { + // + // Notify other drivers that ExitBootServices failed + // + CoreNotifySignalList (&gEventExitBootServicesFailedGuid); + return Status; + } + // // Terminate memory services if the MapKey matches // Status = CoreTerminateMemoryMap (MapKey); if (EFI_ERROR (Status)) { // - // Notify other drivers that ExitBootServices fail + // Notify other drivers that ExitBootServices failed // CoreNotifySignalList (&gEventExitBootServicesFailedGuid); return Status; diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/Page.c index ffe79dcca9..cbebe62a28 100644 --- a/MdeModulePkg/Core/Dxe/Mem/Page.c +++ b/MdeModulePkg/Core/Dxe/Mem/Page.c @@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "DxeMain.h" #include "Imem.h" #include "HeapGuard.h" +#include +#include // // Entry for tracking the memory regions for each memory type to coalesce similar memory types @@ -2118,6 +2120,91 @@ CoreFreePoolPages ( CoreConvertPages (Memory, NumberOfPages, EfiConventionalMemory); } +EFI_EVENT gExitBootServiceEvent = NULL; + +STATIC +EFI_STATUS +AcceptAllUnacceptedMemory ( + IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory + ) +{ + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + EFI_STATUS Status; + + /* + * Get a copy of the memory space map to iterate over while + * changing the map. + */ + Status = CoreGetMemorySpaceMap (&NumEntries, &AllDescMap); + if (EFI_ERROR (Status)) { + return Status; + } + for (Index = 0; Index < NumEntries; Index++) { + CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc; + + Desc = &AllDescMap[Index]; + if (Desc->GcdMemoryType != EfiGcdMemoryTypeUnaccepted) { + continue; + } + + Status = AcceptMemory->AcceptMemory ( + AcceptMemory, + Desc->BaseAddress, + Desc->Length + ); + if (EFI_ERROR(Status)) { + goto done; + } + + Status = CoreRemoveMemorySpace(Desc->BaseAddress, Desc->Length); + if (EFI_ERROR(Status)) { + goto done; + } + + Status = CoreAddMemorySpace ( + EfiGcdMemoryTypeSystemMemory, + Desc->BaseAddress, + Desc->Length, + EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP + ); + if (EFI_ERROR(Status)) { + goto done; + } + } + +done: + FreePool (AllDescMap); + return Status; +} + +EFI_STATUS +CoreResolveUnacceptedMemory ( + VOID + ) +{ + EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory; + EFI_STATUS Status; + + // No need to accept anything. Unaccepted memory is enabled. + if (PcdGetBool(PcdEnableUnacceptedMemory)) { + return EFI_SUCCESS; + } + + Status = gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL, + (VOID **)&AcceptMemory); + if (Status == EFI_NOT_FOUND) { + return EFI_SUCCESS; + } + if (Status != EFI_SUCCESS) { + DEBUG ((DEBUG_ERROR, "Error locating MemoryAcceptProtocol: %d\n", Status)); + return Status; + } + + return AcceptAllUnacceptedMemory(AcceptMemory); +} + /** Make sure the memory map is following all the construction rules, it is the last time to check memory map error before exit boot services. diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 58e6ab0048..dd07b3725a 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -2102,6 +2102,12 @@ # @Prompt The shared bit mask when Intel Tdx is enabled. gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025 + ## Indicates if the memory map may include unaccepted memory after ExitBootServices().

+ # TRUE - The memory map may include unaccepted memory after ExitBootServices().
+ # FALSE - The memory map may not include unaccepted memory after ExitBootServices().
+ # @Prompt Support unaccepted memory type. + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE|BOOLEAN|0x10000026 + [PcdsPatchableInModule] ## Specify memory size with page number for PEI code when # Loading Module at Fixed Address feature is enabled. diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index 33ce9f6198..fde57da123 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -1338,3 +1338,9 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPcieResizableBarSupport_HELP #language en-US "Indicates if the PCIe Resizable BAR Capability Supported.

\n" "TRUE - PCIe Resizable BAR Capability is supported.
\n" "FALSE - PCIe Resizable BAR Capability is not supported.
" + +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_PROMPT #language en-US "Support unaccepted memory type" +#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdEnableUnacceptedMemory_HELP #language en-US "Indicates if the memory map may include unaccepted memory " + "after ExitBootServices().

\n" + "TRUE - The memory map may include unaccepted memory after ExitBootServices().
\n" + "FALSE - The memory map may not include unaccepted memory after ExitBootServices().
\n" diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 90e8a213ef..23086748c5 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -526,6 +526,7 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE !include OvmfPkg/OvmfTpmPcds.dsc.inc diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc index 475b88b21a..004be8b019 100644 --- a/OvmfPkg/Bhyve/BhyveX64.dsc +++ b/OvmfPkg/Bhyve/BhyveX64.dsc @@ -559,6 +559,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 # MdeModulePkg resolution sets up the system display resolution diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 10b16104ac..41f43a2631 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -618,6 +618,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc index c0c1a15b09..55b6a2a845 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -514,6 +514,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index af566b953f..aebe1c3192 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -655,6 +655,8 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f39d9cd117..6e4418388e 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -679,6 +679,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 58a7c97cdd..0f57e22a2b 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -505,6 +505,8 @@ # Set Tdx shared bit mask gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableUnacceptedMemory|FALSE + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 ################################################################################ -- 2.37.3.998.g577e59143f-goog