From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by mx.groups.io with SMTP id smtpd.web09.151.1663965310078954577 for ; Fri, 23 Sep 2022 13:35:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=Ta6RIlRe; spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.216.74, mailfrom: 3fbguywskbyumrxwwjpuj8npxxpun.lxvmn4nunmtb.p0x3y1.rx@flex--dionnaglaze.bounces.google.com) Received: by mail-pj1-f74.google.com with SMTP id np18-20020a17090b4c5200b00202c7bf5849so5827946pjb.0 for ; Fri, 23 Sep 2022 13:35:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date; bh=X+bpTs0ygdFHxhjzZoP5x3ql+aAxuXf/1byOCsEfbfo=; b=Ta6RIlRevlKZZdDpB+UAjkeJChlbDJSufvNAwiHk0L1bHGxlFx3//Poi8o9A5Jy7iK r7NoROLzKaR+ANYo7XoO9cS+e9JMzeWzFbVPrMmlOkOQ8xqWL1O5bc8J+nrOb9nbg3ps UCckscJQdSUWOUbVzh/O89Nzb2T8ieg7vbdgK3XETQS0/zN72Xp0/nCjsgm9HBIrVUZJ Np2ckd0v6qY9FK+PB5maYmr+BmM2rqDVxqBQmR7ITjxFzjYwqgnx5+HB1PfM/KnHITBO 1Fbs5Wxz5vzPx7T3LRDaojZM69kiIztRoC3EbaO+U94X6TQkmxCVJ3xBR+pbBrLl9wKR olLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date; bh=X+bpTs0ygdFHxhjzZoP5x3ql+aAxuXf/1byOCsEfbfo=; b=mg6Wn8vyYRJCVqN+uxOKiVPAvcqBBc6mD3yd5jbHHP9Aa+plBCulM+iMJUF1we5B2c v2iSg0FDhbn4dw2GlDePL/56pxBNGL24+BlrQf3TAIbJVAzWnfHyf/hbSFmdkAy5LLU4 +2haJPyFHwYC2wWeO5BtLY+CpjAqWadXNDoH9hb+S080Z/D+9u7aAuWUa6OF+fbvmIPm XBU+nePR5WqbuuUh/cG4d6vKkSefEoXzothw+cMQshIVo57vJwCzhFIPhCnwe49MfyY+ 93KZmkLDd7gTBKb0FQ0dLP5cGNqo4ps7hce7d397jawk7gFZbv3f4nkBbc92fBHc6xVJ +iEA== X-Gm-Message-State: ACrzQf1gEGYXLhnq7/1RfvpbX8FYmkIqy+qN8HJVoE5C0tdsyF9SJMsf BfKnf6v6XHEvAo/cziQowTo34LSmYbNt045OoskECzX3f9JM8YyuDVNkdkDcH6Dc0yc1+JroEzC Qk3Y5qTKwmVE1f4lcfwkIhUN+v9kbDwwfLeJLET+HffRUpynAy1/BjHy+Xp8D0O/YI2bF06S0 X-Google-Smtp-Source: AMsMyM5BbwRQW6es9wmircLUp9nebZGPHHJ6lMs6N2BZFQ9zm8wqsTeR+zzrq5yzcKRJxRGqYWHEE/EHRxHx/nBDQg== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90a:cd06:b0:203:ae0e:6a21 with SMTP id d6-20020a17090acd0600b00203ae0e6a21mr30799pju.0.1663965308974; Fri, 23 Sep 2022 13:35:08 -0700 (PDT) Date: Fri, 23 Sep 2022 20:34:27 +0000 Mime-Version: 1.0 X-Mailer: git-send-email 2.37.3.998.g577e59143f-goog Message-ID: <20220923203431.1428535-1-dionnaglaze@google.com> Subject: [PATCHv2 0/4] Add safe unaccepted memory behavior From: "Dionna Glaze" To: devel@edk2.groups.io Cc: Dionna Glaze Content-Type: text/plain; charset="UTF-8" These three patches build on the lazy-accept patch series "Introduce Lazy-accept for Tdx guest" by adding SEV-SNP support for the MemoryAccept protocol, and importantly making eager memory acceptance the default behavior. For unaccepted memory to be enabled, we must know that the booted image supports the unaccepted memory type. We add a trivial protocol that sets a dynamic Pcd to true when called in order for the booted image to signal its support for unaccepted memory. This does not need to be an OsIndications bit because it does not need to be persisted. We use the Pcd to disable a new ExitBootServices notification that accepts all unaccepted memory, removes the unaccepted memory entries in the memory space map, and then add the same memory ranges back as conventional memory. All images that support unaccepted memory must now locate and call this new ENABLE_UNACCEPTED_MEMORY_PROTOCOL. Changes since v1: - Added a patch to classify SEV-SNP memory above 4GB unaccepted. - Fixed style problems in EfiMemoryAcceptProtocol implementation. Dionna Glaze (4): OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe DxeMain accepts all memory at EBS if needed MdeModulePkg: add EnableUnacceptedMemoryProtocol OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted MdeModulePkg/Core/Dxe/DxeMain.h | 32 +++++ MdeModulePkg/Core/Dxe/DxeMain.inf | 3 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 19 ++- MdeModulePkg/Core/Dxe/Mem/Page.c | 122 ++++++++++++++++++ MdeModulePkg/MdeModulePkg.dec | 9 ++ MdeModulePkg/MdeModulePkg.uni | 6 + OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/AmdSevDxe/AmdSevDxe.c | 34 +++++ OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 + OvmfPkg/Bhyve/BhyveX64.dsc | 2 + OvmfPkg/CloudHv/CloudHvX64.dsc | 2 + OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 + .../Ia32/MemEncryptSevLib.c | 17 +++ .../X64/DxeSnpSystemRamValidate.c | 35 +++++ .../X64/PeiSnpSystemRamValidate.c | 17 +++ .../X64/SecSnpSystemRamValidate.c | 18 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 2 + OvmfPkg/OvmfPkgX64.dsc | 2 + OvmfPkg/OvmfXen.dsc | 2 + OvmfPkg/PlatformPei/AmdSev.c | 4 + 21 files changed, 345 insertions(+), 1 deletion(-) -- 2.37.3.998.g577e59143f-goog