From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) by mx.groups.io with SMTP id smtpd.web10.150.1663965316293406597 for ; Fri, 23 Sep 2022 13:35:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=S9WFKyjl; spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.215.202, mailfrom: 3gxguywskbywty433qw1qfuw44w1u.s42tubu1ut0i.w74a58.y4@flex--dionnaglaze.bounces.google.com) Received: by mail-pg1-f202.google.com with SMTP id f4-20020a636a04000000b0043a18cf1a5aso675999pgc.14 for ; Fri, 23 Sep 2022 13:35:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date; bh=w1n2V9eJ5zA7TMdk/TaJ+ewiO7RAmcYgT3GGR8n2miA=; b=S9WFKyjlrBFBTuJB0gurW4peW/kzug++fcwffEIjspi4O6N2BzYTfirywz3aM41aJB Wckkxh+gfkFIezRwNGRVmNMNTnx8+UHRlQRxEQxdPmnczwyJjok1AftSa4PlsgGv6enH bDlbp4FLkztqyRLL3MAZx/7q/Znx1l94rtf0ptmT/NbtsWc9Ys+4CJulNNe7kh4bMQr9 7c1jUbDrI5QtKIcQ0lvOrfsZUD+Kb4kXqbOa9M5pLxPC3+nYyFblhNJPtL/0sTacJLrS ckiy/7onIFz3I3m1hYqC0Hs66nPVodm0fGi4Cbi+zvSSlQsmBpDLqP0Whdq/g0qfptT/ nLrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date; bh=w1n2V9eJ5zA7TMdk/TaJ+ewiO7RAmcYgT3GGR8n2miA=; b=HJiuXSeYdd7nAMWox+rAIL6JKBkAh/Rlz/8q6id+bNfzU5etjZX+wRZCNwK7NNkkgc LPpc4MPzVH8b3CUX9K4Y3VjLip24dwbuqBsFMZzidFAkdrDQVpOP+sD8RF/29bw8d2bP IwjA0cRVe9JXFBbFBbd15AngoYojcV29Dr3OFibMlvp1PhQAFyvWoeuyRmBEqvrJTgV1 CLMAUfa/q+JYr7hEDbMifulUfPT0Bq5HSmEdgWQMdF7iMRMhivtU2ZsJLeQNbi9kOpOw 7KLtdMdpegqPErTPxEF2Nbhwgl/WKPwX7w/Q4HiDetr++681TkQtf6J+5K+JUrwOOkio ldmQ== X-Gm-Message-State: ACrzQf2JKZsErrGoAhoXCEjf9PhyE2gwmaEkqe6BFDDHdhnNMHRSyIY3 BlgyAByocWpiffh+zHvK0ANskFlsyr48H5SzutrT2O0SPb65DL++1LMzm9rz0DCoaQ7TKG0hjMR SF44WwU2g248IX8hNOaKwr3HfupagIBplaWr1Al/HLXJhw7654iu572pObDM7FS3rRLK+byXO X-Google-Smtp-Source: AMsMyM6qpazJYU3XjqjA8Cif3cFkaWZQOzDFCbdbWg+o/VA+5muATwKzl4OaihAK2amuS1dV48Cjo36EVu3VPEJO4g== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:90a:f28b:b0:203:627c:7ba1 with SMTP id fs11-20020a17090af28b00b00203627c7ba1mr23258368pjb.191.1663965315704; Fri, 23 Sep 2022 13:35:15 -0700 (PDT) Date: Fri, 23 Sep 2022 20:34:31 +0000 In-Reply-To: <20220923203431.1428535-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20220923203431.1428535-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.37.3.998.g577e59143f-goog Message-ID: <20220923203431.1428535-5-dionnaglaze@google.com> Subject: [PATCHv2 4/4] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted From: "Dionna Glaze" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas Content-Type: text/plain; charset="UTF-8" Instead of eagerly accepting all memory in PEI, only accept memory under the 4GB address. This allows a loaded image to use the ENABLE_UNACCEPTED_MEMORY_PROTOCOL to indicate that it can interpret the memory type accordingly. This classification is safe since ExitBootServices will accept and reclassify the memory as conventional if the enable protocol is not used. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Signed-off-by: Dionna Glaze --- OvmfPkg/PlatformPei/AmdSev.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 385562b44c..912d6996ae 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -63,6 +63,10 @@ AmdSevSnpInitialize ( for (Hob.Raw = GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw = GET_NEXT_HOB (Hob)) { if ((Hob.Raw != NULL) && (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR)) { ResourceHob = Hob.ResourceDescriptor; + if (ResourceHob->PhysicalStart >= SIZE_4GB) { + ResourceHob->ResourceType = EFI_RESOURCE_MEMORY_UNACCEPTED; + continue; + } if (ResourceHob->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) { MemEncryptSevSnpPreValidateSystemRam ( -- 2.37.3.998.g577e59143f-goog