From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ej1-f52.google.com (mail-ej1-f52.google.com [209.85.218.52]) by mx.groups.io with SMTP id smtpd.web11.907.1663961676353075619 for ; Fri, 23 Sep 2022 12:34:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=T5p5WCsK; spf=pass (domain: google.com, ip: 209.85.218.52, mailfrom: dionnaglaze@google.com) Received: by mail-ej1-f52.google.com with SMTP id r18so2685690eja.11 for ; Fri, 23 Sep 2022 12:34:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=iaVuLiKFUBd7pPPv86ZV3mddwePCAqQ42iFMIDeYV5Y=; b=T5p5WCsKqX/fRVjjV2HjJglhE1TunnDnLQ6AS3NIYPTrNvsGPFGx1/zEge646O1KWw gUimrsPDd34Nh5KiAqHI7VKHrFk8XA2kUeZihgN16T19D2e3x0czL3fadxqlea1Qqd/O g5okd1EAqoJzWHyh6E+V3MLIQjlDTIzf9FL8Ut/AbpAj5JLWsadXM63ezpysp1MUM1YB 3XkCCmd6jPU+kqmhr9x3C2Mtk77kU87rR+NFruqXuJuFHOWRiT4nWhq4du3SfDzT3A08 lDunfcvQ5mFuhaFHSV1rxiadSCrUMvJYYUptfBGdyiejaDpMlOwvDnezPMP0Qm4cqz0d IVmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=iaVuLiKFUBd7pPPv86ZV3mddwePCAqQ42iFMIDeYV5Y=; b=tavM4gZLwu7r5J1fbQaR/tBONM1ark0+DUGzB2rpnYD/aw3X8N+h92meHGUThEn9px d4iHOVzsUmQg/6arI7FC6Fy5n9J40F9oDJzauw/h2gpc0so9EN6Hqc5pI6tsKwe421e3 3iy2nli76I5AvORRtiRlGxLaJQCALTJGtBJylydaXYK2BPZj7KnpLa7S6RjR9MK/fr0V pfL37Igv4IVLP6nr9bQBwsv7kvZ14+6Uo+39w+GJe9a6G6mn1AkmggmFbDaTs1BIR5l7 Z/xXRta/TjXcAjPSJr1Aah5RyS+g5Ob5DavcvxQAcDOeD8MaGRa56eMqhJ2+2/WBaTfj dWiQ== X-Gm-Message-State: ACrzQf13ui1tDKQLChEEaslC/OxP3+S5MgY/EaNLnpFXNMrSNWXOzI4n rBTloOAiUaNuQ69ovZh5VIOtwxQtr+Buaalp2r5GeA== X-Google-Smtp-Source: AMsMyM6xBElJZMMiXG06KFks55ZD0VJ+hubueNSymWX2pjcgeFYYfwD9povnVeaReqZ5cy4GRhgyt7f9Y7Ui6Zx+rDE= X-Received: by 2002:a17:906:fe46:b0:73d:939a:ec99 with SMTP id wz6-20020a170906fe4600b0073d939aec99mr8573185ejb.169.1663961674672; Fri, 23 Sep 2022 12:34:34 -0700 (PDT) MIME-Version: 1.0 References: <20220922205052.1198237-1-dionnaglaze@google.com> In-Reply-To: From: "Dionna Glaze" Date: Fri, 23 Sep 2022 12:34:23 -0700 Message-ID: Subject: Re: [PATCH 0/3] Add safe unaccepted memory behavior To: Tom Lendacky Cc: devel@edk2.groups.io, Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Jiewen Yao , Erdem Aktas Content-Type: multipart/alternative; boundary="0000000000008a67cf05e95d442d" --0000000000008a67cf05e95d442d Content-Type: text/plain; charset="UTF-8" Ah yes, I did forget to include that patch. Will add to v2. I was just setting the ResourceType to unaccepted and skipping the Prevalidate call in PlatformPei if the start address is greater or equal to SIZE_4GB. That seemed more self-contained than messing with PlatformInitLib. Would you prefer that I add SevSnp logic to PlatformInitLib? On Fri, Sep 23, 2022 at 10:19 AM Tom Lendacky wrote: > On 9/22/22 15:50, Dionna Glaze wrote: > > These three patches build on the lazy-accept patch series > > > > "Introduce Lazy-accept for Tdx guest" > > > > by adding SEV-SNP support for the MemoryAccept protocol, and > > importantly making eager memory acceptance the default behavior. > > > > For unaccepted memory to be enabled, we must know that the booted image > > supports the unaccepted memory type. We add a trivial protocol that sets > > a dynamic Pcd to true when called in order for the booted image to > > signal its support for unaccepted memory. This does not need to be an > > OsIndications bit because it does not need to be persisted. > > > > We use the Pcd to disable a new ExitBootServices notification that > > accepts all unaccepted memory, removes the unaccepted memory entries in > > the memory space map, and then add the same memory ranges back as > > conventional memory. > > > > All images that support unaccepted memory must now locate and call this > > new ENABLE_UNACCEPTED_MEMORY_PROTOCOL. > > This seems to be missing the creation of unaccepted memory under SEV-SNP. > Is that going to be part of a separate patch (to update > PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)? > > Thanks, > Tom > > > > > Cc: Ard Biescheuvel > > Cc: "Min M. Xu" > > Cc: Gerd Hoffmann > > Cc: James Bottomley > > Cc: Tom Lendacky > > Cc: Jiewen Yao > > Cc: Erdem Aktas > > > > Signed-off-by: Dionna Glaze > > > > Dionna Glaze (3): > > OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe > > DxeMain accepts all memory at EBS if needed > > MdeModulePkg: add EnableUnacceptedMemoryProtocol > > > > MdeModulePkg/Core/Dxe/DxeMain.h | 32 +++++ > > MdeModulePkg/Core/Dxe/DxeMain.inf | 3 + > > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 19 ++- > > MdeModulePkg/Core/Dxe/Mem/Page.c | 122 ++++++++++++++++++ > > MdeModulePkg/MdeModulePkg.dec | 9 ++ > > MdeModulePkg/MdeModulePkg.uni | 6 + > > OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + > > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 27 ++++ > > OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 + > > OvmfPkg/Bhyve/BhyveX64.dsc | 2 + > > OvmfPkg/CloudHv/CloudHvX64.dsc | 2 + > > OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++ > > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 + > > .../Ia32/MemEncryptSevLib.c | 17 +++ > > .../X64/DxeSnpSystemRamValidate.c | 35 +++++ > > .../X64/PeiSnpSystemRamValidate.c | 17 +++ > > .../X64/SecSnpSystemRamValidate.c | 18 +++ > > OvmfPkg/OvmfPkgIa32X64.dsc | 2 + > > OvmfPkg/OvmfPkgX64.dsc | 2 + > > OvmfPkg/OvmfXen.dsc | 2 + > > 20 files changed, 334 insertions(+), 1 deletion(-) > > > -- -Dionna Glaze, PhD (she/her) --0000000000008a67cf05e95d442d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Ah yes, I did forget to include that patch. Will add to v2= . I was just setting the ResourceType to unaccepted and skipping the Preval= idate call in PlatformPei if the start address is greater or equal to SIZE_= 4GB. That seemed more self-contained than messing with PlatformInitLib. Wou= ld you prefer that I add SevSnp logic to PlatformInitLib?

On Fri, Sep 23, 20= 22 at 10:19 AM Tom Lendacky <= thomas.lendacky@amd.com> wrote:
On 9/22/22 15:50, Dionna Glaze wrote:
> These three patches build on the lazy-accept patch series
>
> "Introduce Lazy-accept for Tdx guest"
>
> by adding SEV-SNP support for the MemoryAccept protocol, and
> importantly making eager memory acceptance the default behavior.
>
> For unaccepted memory to be enabled, we must know that the booted imag= e
> supports the unaccepted memory type. We add a trivial protocol that se= ts
> a dynamic Pcd to true when called in order for the booted image to
> signal its support for unaccepted memory. This does not need to be an<= br> > OsIndications bit because it does not need to be persisted.
>
> We use the Pcd to disable a new ExitBootServices notification that
> accepts all unaccepted memory, removes the unaccepted memory entries i= n
> the memory space map, and then add the same memory ranges back as
> conventional memory.
>
> All images that support unaccepted memory must now locate and call thi= s
> new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

This seems to be missing the creation of unaccepted memory under SEV-SNP. <= br> Is that going to be part of a separate patch (to update
PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)?=

Thanks,
Tom

>
> Cc: Ard Biescheuvel <ardb@kernel.org>
> Cc: "Min M. Xu" <min.m.xu@intel.org>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
>
> Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
>
> Dionna Glaze (3):
>=C2=A0 =C2=A0 OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
>=C2=A0 =C2=A0 DxeMain accepts all memory at EBS if needed
>=C2=A0 =C2=A0 MdeModulePkg: add EnableUnacceptedMemoryProtocol
>
>=C2=A0 =C2=A0MdeModulePkg/Core/Dxe/DxeMain.h=C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 32 +++++
>=C2=A0 =C2=A0MdeModulePkg/Core/Dxe/DxeMain.inf=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 =C2=A03 +
>=C2=A0 =C2=A0MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c=C2=A0 =C2=A0 =C2= =A0 =C2=A0|=C2=A0 19 ++-
>=C2=A0 =C2=A0MdeModulePkg/Core/Dxe/Mem/Page.c=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 | 122 ++++++++++++++++++
>=C2=A0 =C2=A0MdeModulePkg/MdeModulePkg.dec=C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 =C2=A09 ++
>=C2=A0 =C2=A0MdeModulePkg/MdeModulePkg.uni=C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 =C2=A06 +
>=C2=A0 =C2=A0OvmfPkg/AmdSev/AmdSevX64.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A01 +
>=C2=A0 =C2=A0OvmfPkg/AmdSevDxe/AmdSevDxe.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 27 ++++
>=C2=A0 =C2=A0OvmfPkg/AmdSevDxe/AmdSevDxe.inf=C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 =C2=A03 +
>=C2=A0 =C2=A0OvmfPkg/Bhyve/BhyveX64.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A02 +
>=C2=A0 =C2=A0OvmfPkg/CloudHv/CloudHvX64.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A02 +
>=C2=A0 =C2=A0OvmfPkg/Include/Library/MemEncryptSevLib.h=C2=A0 =C2=A0 |= =C2=A0 14 ++
>=C2=A0 =C2=A0OvmfPkg/IntelTdx/IntelTdxX64.dsc=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A02 +
>=C2=A0 =C2=A0.../Ia32/MemEncryptSevLib.c=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 17 +++
>=C2=A0 =C2=A0.../X64/DxeSnpSystemRamValidate.c=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 35 +++++
>=C2=A0 =C2=A0.../X64/PeiSnpSystemRamValidate.c=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 17 +++
>=C2=A0 =C2=A0.../X64/SecSnpSystemRamValidate.c=C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 18 +++
>=C2=A0 =C2=A0OvmfPkg/OvmfPkgIa32X64.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A02 +
>=C2=A0 =C2=A0OvmfPkg/OvmfPkgX64.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 |=C2=A0 =C2=A02 +
>=C2=A0 =C2=A0OvmfPkg/OvmfXen.dsc=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0|=C2=A0 =C2=A02 = +
>=C2=A0 =C2=A020 files changed, 334 insertions(+), 1 deletion(-)
>


--
-Dionna Glaze, PhD (she/her)
--0000000000008a67cf05e95d442d--