From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (NAM02-DM3-obe.outbound.protection.outlook.com [40.107.95.82]) by mx.groups.io with SMTP id smtpd.web09.44.1663953049482468081 for ; Fri, 23 Sep 2022 10:10:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=vPZz1pFR; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.95.82, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RbFxroUnaRsV+PzK56TJVfjS0NlWE/DRCFlSuX1Nv5HQXCaA1Xk5/fwn/ACs4heFmSGpsPI5IBacBOqSFsEZEr9JxEwX4go5wMHzx58HLDI/EtzHs3UufPpO3UkQITkARnCZvpX3EZr9dKeJNCL2zEk3J5Vb2csUUJlYDkNYn2KP7At35tSHvt0STI7NtHyDaOVcn30ZBC3UmRlHZRuh7BcDMz3hSWfM2VqGudL28cj/KttufKLudlPkpinw8/BDoAysHrAKkUxFY8IdtYmkMeYQcjstGSsz6Y4uKoCDYc7RdwOBxqcyn1YI/fqp0We/Vee1Qi2lTTQuwq30972GAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qGPzbD4shmPrTg4x6gfJcmN1kQ2uquXA/eOCAZ52/rE=; b=BpOz+H2S3hJJj+jIIOEo9ZgsnXwkQNK8yEyWgdWGw/GmlmA8209XsR6S0/cLyvhmWco+g+P/JdGz4ly+ChS1fpHofhYO2PYVGU6c/xJEqVJqcQ2pSD+KW+0IH8arzhPQpfCWc/GKnBbtroN/OWoTa0vbqzQc+i9ga1bjdho1YeN6CNqPokS/B6FHuifPnmRRzDXX7G5VC0Tt62fLXb7+21i9ptFjodbTeMt31YweDrE7QnTs0wbgLR/Ffz+PUQml4DD37+MLpYiWXUhMMhQMp8iJP8lefgODEr4W06+gAM2YqcEzgGHKO4Sx9CdR5sUW9rpaMQmzfqdMKIVf6C+aiw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qGPzbD4shmPrTg4x6gfJcmN1kQ2uquXA/eOCAZ52/rE=; b=vPZz1pFR9Dy1l0/2ZEciaXLhI6oJN+RBgEPNLV58c/ROFg/zgCA295lcuMAQE5Nu31QMyoNBfreQqx0JhcUGklte9MtKjJMOvET63vQY1omsnBC6ai0blcyMQiVVW/3WZ1wsUTT3Uvrqwbu0mxqnb/AVvXv25reXqeWIyeLzI4g= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DS0PR12MB7655.namprd12.prod.outlook.com (2603:10b6:8:11e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.20; Fri, 23 Sep 2022 17:10:47 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::c175:4c:c0d:1396]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::c175:4c:c0d:1396%4]) with mapi id 15.20.5654.020; Fri, 23 Sep 2022 17:10:47 +0000 Message-ID: Date: Fri, 23 Sep 2022 12:10:45 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH 1/3] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe To: Dionna Glaze , devel@edk2.groups.io Cc: Gerd Hoffmann , James Bottomley , Jiewen Yao , Sophia Wolf References: <20220922205052.1198237-1-dionnaglaze@google.com> <20220922205052.1198237-2-dionnaglaze@google.com> From: "Lendacky, Thomas" In-Reply-To: <20220922205052.1198237-2-dionnaglaze@google.com> X-ClientProxiedBy: SN6PR04CA0106.namprd04.prod.outlook.com (2603:10b6:805:f2::47) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|DS0PR12MB7655:EE_ X-MS-Office365-Filtering-Correlation-Id: 6a896178-c370-4fee-a370-08da9d868e8b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 72bEc8bfP410mdSh9ZvEAvpOUIzFA2KrtOehvBA/IMycdoNKX8kGHgAM8Li6HHVi1Sy9HrTVK+vlJiwCIFt1QI0ODy/gXemOy4n5hNu90sNwdbMFSSJHfz+2B3+EP9lZ0fqTvYzP6k5aJZ9xqCZnzf5MMwiIheztjOhMpgQ8PC3XKG1J1+fOBw9LHoQu9Idg62CT5LbPWC6uzpnpLJEdkeh6WtknXGj3wk4e/tAm4svEZueYo9DYcsJHIGKjYYrsKX9RruZfKbU4z7pqHN5Ern1CSUj7CSpWiOY6W15Uh53wRSCsn4BFgRnUyYXjuGuhP3FgWJo1hPwq3DF5mPLTflou7dxacH1eNNOdym/v0rivPN20PDXUyjFrNHsyH6I3yV+mxb1ldSzx7OCHeqffyipV9RYvPtSRB8NBW79+hQSVSCLAv215xDeE1iX02aB5whPnJ0C6pWnqbqk6zDKracbC0F/liF4xqCUT/KyUUaw7VbICbl09igxKANCM85BLpNBuPYIu0jL9gWX8B7o33dBMML2ozk7Jy2Vswvgnal38dy2m93eOfF21tgpJfuIYacE1Y1Hs5djjMCiNCFPjrmtDTQQKcGNoUqKkzLMCRTPqfVWDuYfhDge2QPr597r77Ub/Zr2ZDrUPbkaSCtmuD1+UGlQSKgnsVQjvwNrOqcw3ZecmRI5AEoYIo/EaB2cc4OqTF4vOVJGxCtLrPuy0ka/mkKrjUJ3HZfJw8XnQOyGH91mIT0WAXqfnebMy22SbCT++6HkYE+6H7oeISBljwPOJrIWFo59eH8GK4dJIJgA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(396003)(39860400002)(366004)(136003)(376002)(346002)(451199015)(31686004)(36756003)(6512007)(54906003)(6506007)(316002)(26005)(478600001)(31696002)(86362001)(53546011)(83380400001)(38100700002)(2906002)(66946007)(5660300002)(66476007)(8676002)(4326008)(2616005)(66556008)(186003)(19627235002)(6486002)(8936002)(41300700001)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?R09ETTU3SGRxdFAwUjk2cU1DR0UzRDNDUmgvYUhOQmZhSUt6akVvM0tZd0Nz?= =?utf-8?B?d091YmtWYmRVVGxvYmNYVk13Kyt3RjlHWW5DbTlIRDZnc1A1bzZiZ1hVVEF1?= =?utf-8?B?VnN6R0lzNjFtYWx1WVVneEsyK1VMYUdUUThtWjMvVEtJZUJtWk1VWUkzTHEy?= =?utf-8?B?bEhTWUU4WFFibDErOU9Od3RCcE82VEJKdjkvMW5xcUkrL1N4M2s1dWloYy9s?= =?utf-8?B?T21QWHlGUHRtSDNnYjNwSWh5a3dmMFliSythRml2blBTS0VkVi9nWnVBcGJu?= =?utf-8?B?UndJWEtPMkFYWnZ2ekRtNXR5ZnBySTNiczlrbTdib2JJMEwvOW9xVkplQU1Q?= =?utf-8?B?S1diWEttNzJOMVp4QU1WV3FHQlhKOFdhdS83UFFuVU1iYUF3WDlpY2JqZHRP?= =?utf-8?B?RklyeWc4ejd1QVpsS2NraXBZY2swZVFsalpZUWRaWHQybkMzYzdJSG14RGJM?= =?utf-8?B?RUE2c0dUK0FCVWYvM2xGN1RJblYrVFZuRDdGNVpUdEdIa3NTeG5rR3JNYUV4?= =?utf-8?B?TjlTbW1BM3RaRUU0OVRUVk5xRFpydFpYK3JTTk10TzkzV0NGWjFIb1JEWHNF?= =?utf-8?B?Wk13dVQzME1JWHVoeldUSHA2QUI1dFpOQ1gzY1NQUGh4UU5PbmREU3Z3NGlE?= =?utf-8?B?ek1JQ3JMTHZpYno1M1N4a0FpQmxXbHZnbzZwSElHeTExRXNDdm4wZWVsa01v?= =?utf-8?B?dDA3SkluQnB5eEk1SWo5dWZPclgwend3RFRIUzI0eXYrdmgvN0toYzlIcjhZ?= =?utf-8?B?MjBDTDRZckw5RXFoT2xuZ1VQVmduMVRLaHpyYVVvUG5yMWFpc2pMc3dwbk1v?= =?utf-8?B?UEFmcVEzRVRZR29rVXIwQUIzSmFlbHFkbjF0ZnkrUHZnOEVhY3I3aTMvSzVP?= =?utf-8?B?SFZ1ZGQyL0dES1VMRUdXRnNsQlYrNFNHa0Q1ZUczUjJJY0NKRHo2blNTVWxt?= =?utf-8?B?aGxod0h2U0wyUUdQaEhVa2tsa2U4UlRPWmRSYW9qbXgxaGtNQmRLNHo2ZGMw?= =?utf-8?B?ZTRjQlVCVFFZZitkT2hVYnFocS9hQWpCRXVPdWQzNkhEYmZySngzVGtWOWFk?= =?utf-8?B?ZU85NkJXbkVKdUxFaE0zN1NnblJvTDlNaXB5dmJuN1R2U0UzZDlLelVpaVNX?= =?utf-8?B?OXhxaXREcnZzaEt0cHpoS1NtWGdMK3dFNXBFUVZxWkpRK1pkbTloM0pobUhr?= =?utf-8?B?KzUyK0dwdjVyem13RTdibjMwNjZKWFlsYmxWTDJtM1hoNmpxbXFMK0M3T2ZU?= =?utf-8?B?K054QUkxakp4QnhxRit6d1FUOWc2UmhwcDFaWDNEdlNmRVNnR2JpdzdzbDNK?= =?utf-8?B?ZC9NbjhrdUY0RHJhRVlVcm1CZVlHeWNYSStaOGZQL2w3M3MzMExsUmQzSWRV?= =?utf-8?B?Tnl0b0o0MGhGZG5qNFlNTk9hTG0vNVBITnRRNzNQYTRiVmhZTlY0YmdWQTlD?= =?utf-8?B?ckJxUHF4TDlkaUJIejBRL0pOWXM5WTBGd0pTd1hRUU5jUFVGRGRhdXIwQkdZ?= =?utf-8?B?VFJoMG1HaVJMVFpqWGNzUCt1NGxkUWcvbTNOaTVmVStxZlNNUTkxVU1Xb1c5?= =?utf-8?B?Q0lxYWN6aUlxbm5hV01USUVxRklqa0JDMnN0d3I4TitzdUNzUk5MUW1xZFBx?= =?utf-8?B?MmVuSE9KaElTZkhUZ0pIRUQzS0ZaaVJpMjA2NDYydFo5NjZZeHdoL3hzNXNz?= =?utf-8?B?aFNCQk54NUMvcXJVNUwvOVhIWVlIVUNobkEweUhHOWsxTzRyUWFlZysxNWtH?= =?utf-8?B?WEZndmNhZm5pb21QNEorblpWWU5ZTnZWMnFZZ1FhSUYxSWVscUFFaGVNRUdZ?= =?utf-8?B?eThva29HVG5Sc3RyL21ZZjJzVlcrZmd5N3FTZ1ZydVgwQkQ5djR1OE9BY2lM?= =?utf-8?B?dm1kTzhBbUlHNmIxd2Z5NVdHMkJBekFNcnVROCtYNHU4VmxqQVJBbGgydGJT?= =?utf-8?B?WjhzU2UyWE1oakxiQWVoUEZyajgrd0orTFd5dDJUQ3FnRUNqSjYzOGk3R2pz?= =?utf-8?B?ZTFZc2ZhcFZOcE51ZHVsZ1lUWTd2YnpVOE11V1A3ckxIMk92RXozRm1ranZa?= =?utf-8?B?OEhYNDhPK3I2Mjd5cmVVMXd2LzdmWG9BZUNlRUNkK0lsc0t4aGgvVnlPNGg3?= =?utf-8?Q?Lcr4bR6RW7sYHqXmAkqocjjG+?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6a896178-c370-4fee-a370-08da9d868e8b X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Sep 2022 17:10:47.0290 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 0J5uQ2Q58TEUoZ3qY6QmfrdoQ/6YGyp6vSXC/AXF/t1ein9Exsw/liTIZB/Dc2o46XQFLBxd4r2h1yNjBteHbw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7655 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 9/22/22 15:50, Dionna Glaze wrote: > From: Sophia Wolf > > When a guest OS does not support unaccepted memory, the unaccepted > memory must be accepted before returning a memory map to the caller. > > EfiMemoryAcceptProtocol is defined in MdePkg and is implementated / > Installed in AmdSevDxe for AMD SEV-SNP memory acceptance. > > Cc: Gerd Hoffmann > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > > Signed-off-by: Sophia Wolf > --- > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 27 ++++++++++++++ > OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++ > OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++++++++ > .../Ia32/MemEncryptSevLib.c | 17 +++++++++ > .../X64/DxeSnpSystemRamValidate.c | 35 +++++++++++++++++++ > .../X64/PeiSnpSystemRamValidate.c | 17 +++++++++ > .../X64/SecSnpSystemRamValidate.c | 18 ++++++++++ > 7 files changed, 131 insertions(+) > > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > index 662d3c4ccb..74b82a5814 100644 > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > @@ -20,6 +20,7 @@ > #include > #include > #include > +#include > > STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { > SIGNATURE_32 ('A', 'M', 'D', 'E'), > @@ -31,6 +32,25 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { > FixedPcdGet32 (PcdOvmfCpuidSize), > }; > > +EFI_HANDLE mAmdSevDxeHandle = NULL; Add STATIC this variable and the function below. > + > +EFI_STATUS > +EFIAPI > +AmdSevMemoryAccept ( > + IN EFI_MEMORY_ACCEPT_PROTOCOL *This, > + IN EFI_PHYSICAL_ADDRESS StartAddress, > + IN UINTN Size > +) > +{ > + MemEncryptSnpAcceptPages (StartAddress, Size / SIZE_4KB); Can't this instead just call MemEncryptSevSnpPreValidateSystemRam()? All phases have this function, so it would just be changing the version that is currently in OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c Also, this needs to follow the coding standards and should be: MemEncryptSevSnpPreValidateSystemRam ( StartAddress, EFI_SIZE_TO_PAGES (Size) ); > + > + return EFI_SUCCESS; > +} > + > +EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = { STATIC > + AmdSevMemoryAccept > +}; > + > EFI_STATUS > EFIAPI > AmdSevDxeEntryPoint ( > @@ -147,6 +167,13 @@ AmdSevDxeEntryPoint ( > } > } > > + Status = gBS->InstallProtocolInterface (&mAmdSevDxeHandle, > + &gEfiMemoryAcceptProtocolGuid, EFI_NATIVE_INTERFACE, > + &mMemoryAcceptProtocol); Status = gBS->InstallProtocolInterface ( &mAmdSevDxeHandle, &gEfiMemoryAcceptProtocolGuid, EFI_NATIVE_INTERFACE, &mMemoryAcceptProtocol ); (You'll need to this in all places in order to pass CI) > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n")); > + } > + > // > // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB. > // It contains the location for both the Secrets and CPUID page. > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf > index 9acf860cf2..5ddddabc32 100644 > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf > @@ -47,6 +47,9 @@ > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize > > +[Protocols] > + gEfiMemoryAcceptProtocolGuid > + > [Guids] > gConfidentialComputingSevSnpBlobGuid > > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h > index 4fa9c0d700..05ec10471d 100644 > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h > @@ -228,4 +228,18 @@ MemEncryptSevSnpPreValidateSystemRam ( > IN UINTN NumPages > ); > > +/** > + Accept pages system RAM when SEV-SNP is enabled in the guest VM. > + > + @param[in] BaseAddress Base address > + @param[in] NumPages Number of pages starting from the base address > + > +**/ > +VOID > +EFIAPI > +MemEncryptSnpAcceptPages ( > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ); > + This becomes unnecessary if you use MemEncryptSevSnpPreValidateSystemRam() instead, since this will only be called during DXE, right? Thanks, Tom > #endif // _MEM_ENCRYPT_SEV_LIB_H_ > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > index f92299fc77..f0747d792e 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > @@ -153,3 +153,20 @@ MemEncryptSevSnpPreValidateSystemRam ( > { > ASSERT (FALSE); > } > + > +/** > + Accept pages system RAM when SEV-SNP is enabled in the guest VM. > + > + @param[in] BaseAddress Base address > + @param[in] NumPages Number of pages starting from the base address > + > +**/ > +VOID > +EFIAPI > +MemEncryptSnpAcceptPages ( > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + ASSERT (FALSE); > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c > index d3a95e4913..7693e0ca66 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c > @@ -14,6 +14,7 @@ > #include > > #include "SnpPageStateChange.h" > +#include "VirtualMemory.h" > > /** > Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. > @@ -38,3 +39,37 @@ MemEncryptSevSnpPreValidateSystemRam ( > // > ASSERT (FALSE); > } > + > +/** > + Accept pages system RAM when SEV-SNP is enabled in the guest VM. > + > + @param[in] BaseAddress Base address > + @param[in] NumPages Number of pages starting from the base address > + > +**/ > +VOID > +EFIAPI > +MemEncryptSnpAcceptPages ( > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + EFI_STATUS Status; > + > + if (!MemEncryptSevSnpIsEnabled ()) { > + return; > + } > + if (BaseAddress >= SIZE_4GB) { > + Status = InternalMemEncryptSevCreateIdentityMap1G ( > + 0, > + BaseAddress, > + EFI_PAGES_TO_SIZE (NumPages) > + ); > + if (EFI_ERROR (Status)) { > + ASSERT (FALSE); > + CpuDeadLoop (); > + } > + } > + > + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c > index 4970165444..1c52bfe691 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c > @@ -126,3 +126,20 @@ MemEncryptSevSnpPreValidateSystemRam ( > BaseAddress = EndAddress; > } > } > + > +/** > + Accept pages system RAM when SEV-SNP is enabled in the guest VM. > + > + @param[in] BaseAddress Base address > + @param[in] NumPages Number of pages starting from the base address > + > +**/ > +VOID > +EFIAPI > +MemEncryptSnpAcceptPages ( > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + ASSERT (FALSE); > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c > index 7797febb8a..edfebf6ef4 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c > @@ -10,6 +10,7 @@ > > #include > #include > +#include > #include > > #include "SnpPageStateChange.h" > @@ -80,3 +81,20 @@ MemEncryptSevSnpPreValidateSystemRam ( > > InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); > } > + > +/** > + Accept pages system RAM when SEV-SNP is enabled in the guest VM. > + > + @param[in] BaseAddress Base address > + @param[in] NumPages Number of pages starting from the base address > + > +**/ > +VOID > +EFIAPI > +MemEncryptSnpAcceptPages ( > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + ASSERT(FALSE); > +}