From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by mx.groups.io with SMTP id smtpd.web11.1502.1664823240305215610 for ; Mon, 03 Oct 2022 11:54:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=X3TuhZWf; spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.216.74, mailfrom: 3xy87ywskbtqtyeddqwbqpuweewbu.sectulubutas.whekfi.ye@flex--dionnaglaze.bounces.google.com) Received: by mail-pj1-f74.google.com with SMTP id lk8-20020a17090b33c800b0020a8e908e98so3524893pjb.9 for ; Mon, 03 Oct 2022 11:54:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date; bh=vJYqSMrzKXC5EKPqZ7ML4ZgB8KCarrjGqSvlwAms31Q=; b=X3TuhZWfrbIWnwO/1TYD4qvmXlldyD8qs73zBNZhHatNfpVEEpP1IV9v68vohnO+DZ /4tHcHeYpsPC4k/bxTik9vSVb0zkmDn4y48gBQZGG8DK9iqsNPVosRYnspWpYZxIQTxv d8G1y5amFU4wZ6E75uPXbNsjtTExEf0jcfW7AXHY6ULydhhC77vZ81fnlO8lBPivLKbC jhq2cN+5w1VbktTS/ZAlri0nrsgo9QckNJmRULhwAr0zIpiqv0M+/4Mb1QiFyupWDRhJ filNEgiGXGeYWHRHY5p97aWS/FvECQy2xcqCTsp/fe6XzuTUiVMN7Hchfn6tklHgFm82 eiig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date; bh=vJYqSMrzKXC5EKPqZ7ML4ZgB8KCarrjGqSvlwAms31Q=; b=lWlPlm37Ebj/sUtd9CZU8ZhW3wTR+bNFEay85qLXo9agKKQPrKoW2os4xPcBWVTNge c2Bl5XuH616nSJC4qz7kONzFXePk1lsI3sCQEp1dBYFauOgFgS44SRODY2J5JOy05egT MJBGj97O6LtCjoD3a5oHAh6iYtst900qJtVllhbLk3ZyhbShEQnZMxFWd7PatzTtu++s QA+LegIU56JXxdai+NFqPASYRqWqTQ7E21BSNWyi3vjrH9wNwBx7GVwbaHCVdIodNu8r kJB2sStHs3n5SLaDx8Rmz4Nf9121jAFW1oPdv3PG0+p4XdWii7VcYy7j1ULdWsq+pZ1U zHMw== X-Gm-Message-State: ACrzQf02vUC5j8NFAiYgyZD8sIQlGDfhzuSE1TBP3/5ZKErOGow23eGH wRMBZ/tBxb98cflOAUGadzv1FE18VOjcCBWoDuNEIDesQMaQGX5xdcWHSJ4/B5DHokIOLm+lWUn aH612exYCg9SpY3o8+UX/aTj/gVlfZ1u5FbMPwZ6IfG2A0s74apIX4+qEH0kqNdgtv8+0Np6f X-Google-Smtp-Source: AMsMyM4rGzgYcj1xxM3VRUrMO9RqMjxPUMYEYGflN9iYE/a49gwCA1TxGUaXtnjYS+JJN8xfh7T2005tGDVm+x4m/A== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a17:903:248:b0:172:7520:db04 with SMTP id j8-20020a170903024800b001727520db04mr23707254plh.99.1664823239550; Mon, 03 Oct 2022 11:53:59 -0700 (PDT) Date: Mon, 3 Oct 2022 18:53:45 +0000 Mime-Version: 1.0 X-Mailer: git-send-email 2.38.0.rc1.362.ged0d419d3c-goog Message-ID: <20221003185352.3969999-1-dionnaglaze@google.com> Subject: [PATCH v6 0/7] Add safe unaccepted memory behavior From: "Dionna Glaze" To: devel@edk2.groups.io Cc: Dionna Glaze , Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Tom Lendacky , Jiewen Yao , Erdem Aktas , Andrew Fish , "Michael D. Kinney" Content-Type: text/plain; charset="UTF-8" These seven patches build on the lazy-accept patch series "Introduce Lazy-accept for Tdx guest" by adding SEV-SNP support for the MemoryAccept protocol, and importantly making eager memory acceptance the default behavior. We add a new protocol, ExitBootServicesCallbackProtocol, with a single interface: TerminateMemoryMapPrehook(). We invoke all prehooks in CoreExitBootServices after disabling the timer and before TerminateMemoryMap. This gives hooks the chance to change the memory map and cause ExitBootServices to fail with EFI_INVALID_PARAMETER. The failure is specified to require the caller to update their view of the MemoryMap and call ExitBootServices again. To make use of this new protocol, we add a new driver that is meant to carry behavior that is needed for all confidential compute technologies, not just specific platforms, CocoDxe. In CocoDxe we implement the default safe behavior to accept all unaccepted memory and invalidate the MemoryMap on ExitBootServices. To allow the OS loader to prevent the eager acceptance, add another protocol, up for standardization, AcceptAllUnacceptedMemoryProtocol. This protocol has one interface, Disable(). The OS loader can inform the UEFI that it supports the unaccepted memory type and accepts the responsibility to accept it. All images that support unaccepted memory must now locate and call this new BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL and call the Disable function. Changes since v5: - Generic callback protocol moved to MdeModulePkg - Removed use of EFI_WARN_STALE_DATA and added comment that the callback should only return EFI_SUCCESS or EFI_INVALID_PARAMETER. - Removed errant log statement and fixed formatting. Changes since v4: - Commit message wording - Replaced direct change to DxeMain with a more generic callback protocol. - Implemented the direct change as an instance of the callback protocol from a new CocoDxe driver. - Replaced "enable" protocol with a "disable" protocol, since the name was confusing. The AcceptAllUnacceptedMemory protocol directly names the behavior that is disabling. Changes since v3: - "DxeMain accepts all memory" patch split into 3 to make each patch affect only one package at a time. Changes since v2: - Removed the redundant memory accept interface and added the accept behavior to the DXE implementation of MemEncryptSevSnpPreValidateSystemRam. - Fixed missing #include in >=4GB patch. Changes since v1: - Added a patch to classify SEV-SNP memory above 4GB unaccepted. - Fixed style problems in EfiMemoryAcceptProtocol implementation. Cc: Ard Biescheuvel Cc: "Min M. Xu" Cc: Gerd Hoffmann Cc: James Bottomley Cc: Tom Lendacky Cc: Jiewen Yao Cc: Erdem Aktas Cc: Andrew Fish Cc: "Michael D. Kinney" Dionna Glaze (7): OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe MdeModulePkg: Introduce ExitBootServicesCallbackProtocol MdeModulePkg: Invoke all ExitBootServicesCallback instances at ExitBootServices OvmfPkg: Introduce CocoDxe driver MdePkg: Introduce the AcceptAllUnacceptedMemory protocol OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted MdeModulePkg/Core/Dxe/DxeMain.h | 1 + MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 41 +++++ MdeModulePkg/Include/Protocol/ExitBootServicesCallback.h | 40 +++++ MdeModulePkg/MdeModulePkg.dec | 3 + MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 +++++ MdePkg/MdePkg.dec | 3 + OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++- OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 + OvmfPkg/CocoDxe/CocoDxe.c | 169 ++++++++++++++++++++ OvmfPkg/CocoDxe/CocoDxe.inf | 44 +++++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 + OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++- OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/OvmfPkgX64.fdf | 1 + OvmfPkg/PlatformPei/AmdSev.c | 5 + 21 files changed, 429 insertions(+), 8 deletions(-) create mode 100644 MdeModulePkg/Include/Protocol/ExitBootServicesCallback.h create mode 100644 MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h create mode 100644 OvmfPkg/CocoDxe/CocoDxe.c create mode 100644 OvmfPkg/CocoDxe/CocoDxe.inf -- 2.38.0.rc1.362.ged0d419d3c-goog