From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201])
 by mx.groups.io with SMTP id smtpd.web10.2312.1664220779375373076
 for <devel@edk2.groups.io>;
 Mon, 26 Sep 2022 12:32:59 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@google.com header.s=20210112 header.b=eDzIsdXd;
 spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.128.201, mailfrom: 3av4xywskbu8uz544rx2rgvx55x2v.t53uvcv2vu1j.x85b69.z5@flex--dionnaglaze.bounces.google.com)
Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-349423f04dbso71448497b3.13
        for <devel@edk2.groups.io>; Mon, 26 Sep 2022 12:32:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date;
        bh=lFlz2erMkAnQH1b1s6nEEXYMtVF8KG/KO8S2s5VEyVo=;
        b=eDzIsdXd2g6lOYo3yoLXTdh0ZHAN6aJSVFy5kAPu2dd/DHPw+2BhScVZc3f31xOjVW
         eZvpjNZZiEc6Ea2IjbHEu8Gq6pTMsrDmQhc7A81tCFcykSndD394vCCGM6OjfcOgARY4
         vvDPrnJTLetxiQ6PzIq3fatWct+DIrGdvQ5iCfS7rXODyPOJpOWluk1wxJgXwezMyRND
         ByrS+EkTajOVnMscCZJ1cCPkhvDoeGTL2KqnhNjGkcKYmwzeaOqn4plKTx3FtSgdhWya
         a63dkFdoi7v1+bQKCwqd1Bzc1gZvUXwB9cG9+KddtZkT1Po2dT0g4DxDzjQYcs/f21RN
         52pQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date;
        bh=lFlz2erMkAnQH1b1s6nEEXYMtVF8KG/KO8S2s5VEyVo=;
        b=GkbtB4eYV6+GlAfliT8haid71ZHWNqtCCSE15fkAKrG3zyIjGtSxZhzyNNKSF+ne3M
         u9ajz9Xrkybps6mbRk/WWZFoU/o2h15DVgJSwyf7uEPl3mxj8Qd/5+xQyhhQmfLW68yZ
         zthsrOrVuWHOpSV+HHEZIZEwLNwDZ2vpSd/obcNePeBg2hH4CBjofloxAc9VIRj1RLDq
         cI6FpDHpaJ/yrO8B/+3X7yPD09ymka+W3tfmj/yNH3B8BBREBWFKgcx/5aNmyZtMIXi9
         L0pD+G28rOKIhtqElue2iLVGABWPLeJ2piP3s6Cmw+u/mP/qU29ZQaZU5dntGg6n9fn4
         k/wg==
X-Gm-Message-State: ACrzQf2s1mUXK+jzAqZYv9EAndzZLYMa/CEt4jwBHuH4qGoC0ivTJNUA
	SaWgXi2AEQKP8lWuz9GDrpdVYSMBAX8xgwYUpDSHnWpBVlR53csCdlXXOBgqi7KtQXm3kIA/3o3
	y3C5ORf4QunX0nwEBrrSGbfsfgBD0P+H2/uHdNt+beWEGR7WKaT3c5I4zylud62MXriJWPi6C
X-Google-Smtp-Source: AMsMyM7DQrv1aKr7mj4HqDtUFWLONwkwngQCFqjL99rW8cbi6G9mEmOwB7ao6tvK2uRBzmloYIIvCW8EObIATl1S/A==
X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a81:4ec3:0:b0:351:2197:292b with SMTP
 id c186-20020a814ec3000000b003512197292bmr2266472ywb.273.1664220778533; Mon,
 26 Sep 2022 12:32:58 -0700 (PDT)
Date: Mon, 26 Sep 2022 19:32:39 +0000
In-Reply-To: <20220926193242.2094502-1-dionnaglaze@google.com>
Mime-Version: 1.0
References: <20220926193242.2094502-1-dionnaglaze@google.com>
X-Mailer: git-send-email 2.37.3.998.g577e59143f-goog
Message-ID: <20220926193242.2094502-2-dionnaglaze@google.com>
Subject: [PATCH v3 1/4] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
From: "Dionna Glaze" <dionnaglaze@google.com>
To: devel@edk2.groups.io
Cc: Dionna Glaze <dionnaglaze@google.com>, Gerd Hoffmann <kraxel@redhat.com>, 
	James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>, 
	Tom Lendacky <thomas.lendacky@amd.com>, Sophia Wolf <phiawolf@google.com>
Content-Type: text/plain; charset="UTF-8"

From: Sophia Wolf <phiawolf@google.com>

When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.

EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>

Signed-off-by: Sophia Wolf <phiawolf@google.com>
---
 OvmfPkg/AmdSevDxe/AmdSevDxe.c                                      | 34 ++++++++++++++++++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf                                    |  3 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 +++++++++++---
 3 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..09aa15165d 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Guid/ConfidentialComputingSevSnpBlob.h>
 #include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>
 
 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
   SIGNATURE_32 ('A',                                    'M', 'D', 'E'),
@@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
   FixedPcdGet32 (PcdOvmfCpuidSize),
 };
 
+STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+  IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+  IN EFI_PHYSICAL_ADDRESS StartAddress,
+  IN UINTN Size
+)
+{
+  MemEncryptSevSnpPreValidateSystemRam (
+    StartAddress,
+    EFI_SIZE_TO_PAGES (Size)
+    );
+
+  return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
+  AmdSevMemoryAccept
+};
+
 EFI_STATUS
 EFIAPI
 AmdSevDxeEntryPoint (
@@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
     }
   }
 
+  Status = gBS->InstallProtocolInterface (
+                  &mAmdSevDxeHandle,
+                  &gEfiMemoryAcceptProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  &mMemoryAcceptProtocol
+                  );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
+  }
+
   //
   // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
   // It contains the location for both the Secrets and CPUID page.
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
 
+[Protocols]
+  gEfiMemoryAcceptProtocolGuid
+
 [Guids]
   gConfidentialComputingSevSnpBlobGuid
 
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index d3a95e4913..ee3710f7b3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
 #include <Library/MemEncryptSevLib.h>
 
 #include "SnpPageStateChange.h"
+#include "VirtualMemory.h"
 
 /**
   Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam (
   IN UINTN             NumPages
   )
 {
+  EFI_STATUS Status;
+
   if (!MemEncryptSevSnpIsEnabled ()) {
     return;
   }
 
-  //
-  // All the pre-validation must be completed in the PEI phase.
-  //
-  ASSERT (FALSE);
+  // DXE pre-validation may happen with the memory accept protocol.
+  // The protocol should only be called outside the prevalidated ranges
+  // that the PEI stage code explicitly skips. Specifically, only memory
+  // ranges that are classified as unaccepted.
+  if (BaseAddress >= SIZE_4GB) {
+    Status = InternalMemEncryptSevCreateIdentityMap1G (
+               0,
+               BaseAddress,
+               EFI_PAGES_TO_SIZE (NumPages)
+               );
+    if (EFI_ERROR (Status)) {
+      ASSERT (FALSE);
+      CpuDeadLoop ();
+    }
+  }
+
+  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
 }
-- 
2.37.3.998.g577e59143f-goog