From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.40]) by mx.groups.io with SMTP id smtpd.web09.8779.1667918254791417870 for ; Tue, 08 Nov 2022 06:37:35 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=Iqqx/Bhr; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.236.40, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XbDjg+I982ums/0EvZvAXSf7tgmSF8wrutbtXK5dTCkjkmt8oxAiprmcbQXxe9+nCvaXzRBfkSobgV6iNVMdIzlu0qBah1WAOa/iAgGtyXm1Y0Lt/D/pyiDfRcA8Xeh30daIcXiMG7WvDq4bMlaRPTGwsBKRipd0ZP06SvADlRFKWGvSG5QSPLYJ2rgk0JEz3G+0Adga0AQp/YMis4JlPOSn0BIz2YcEZ5+YaEkzP8TQ47lzjDpuFuttCVJUmqH27WWs2/u178QuMb8ZLvVLwz3EC1VhcQyhJjXmMaWuw3jzyIFyV+nYyUDK2R12wFGviNkaJ2cPrG7iG8SmHugROQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VKKCwVAwS8E4xcJMt7/ac1hDTCuQqbKfRabYwUJcObE=; b=Ff4w426gD0Tk7wCRGfs1VdU3Q2/TJ+WvsvUBuKbCGEB8quWI+WGVWD45ozPfyYArAz9Xrd7KvWaoc7Bbb49e9c/ovnlp6LkPBTMNkPP+wqHlf6a4Gy19WbEpPZMOY1IO8LFgFmwNxLCc1hBUdtzFVFZFEk8RIl1R/appaFaZ50mqaw1T7xw6rTD90oZWuboKGGVMK88xK/iNw2rqNVZGZXDcSEUcRJ7wa/AHgcOAh28z1CHDydJwTpN1duj/UJ946DusfRC/HFzyN6sbvDwnCBjYs24n12W3/VeIS7jJKkPWy4jp2Kl/dMvUuXEiN94BnchkeK89e+EH0+odh9+IAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VKKCwVAwS8E4xcJMt7/ac1hDTCuQqbKfRabYwUJcObE=; b=Iqqx/BhrfG/uRihBekJdel17iOyfUFEoSapmPT45S0L52gVFIwZKRXK16DCCyIVEK/V2Tok/9hrL5I7rO5gGr0QGAh+3JdFEAh9QjEH41BxvzwEP/J0ryKJI+El/nsIXTGVSdVXP2rh0715fd+Guo+VsjM97i4pY8wrRr3gqygw= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DM4PR12MB7766.namprd12.prod.outlook.com (2603:10b6:8:101::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.25; Tue, 8 Nov 2022 14:37:32 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::4da8:e3eb:20eb:f00]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::4da8:e3eb:20eb:f00%2]) with mapi id 15.20.5791.027; Tue, 8 Nov 2022 14:37:32 +0000 Message-ID: Date: Tue, 8 Nov 2022 08:37:30 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: [PATCH v8 0/7] Add safe unaccepted memory behavior To: Dionna Glaze , devel@edk2.groups.io Cc: Ard Biescheuvel , "Min M. Xu" , Gerd Hoffmann , James Bottomley , Jiewen Yao , Erdem Aktas , Andrew Fish , "Michael D. Kinney" References: <20221024204114.2772064-1-dionnaglaze@google.com> From: "Lendacky, Thomas" In-Reply-To: <20221024204114.2772064-1-dionnaglaze@google.com> X-ClientProxiedBy: CH0PR03CA0067.namprd03.prod.outlook.com (2603:10b6:610:cc::12) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|DM4PR12MB7766:EE_ X-MS-Office365-Filtering-Correlation-Id: ac64fe36-f9e6-4bfa-b752-08dac196c502 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VZeiHJVSc+57tnr1GefT5qycAppOHqv3V8uqpT1n1LiYicFUZW0l/vvIhzCL5b+VwYELE8UKG6bXv8rueSie3pxNfgZanGyozIQ8xUtBtZ6/k+7rbyjE8mDmP1d6NhnHRYPKRDHGdGBO1HUUtCIwGro++WcsBy6dfmTejJiX5D21kl8VIDp9zMEL5V9iRz627H31yrpVyEf5MynXGjP4Xyg1OSEsnbxipYDaQRdjY1hvabBGl832GItaF8VBS58tUJvY0Fu5qHJbqZkeUx1QPwZocSyt+fP1tcD66NjFuwn4PvBSXsk2FxqwjjsxupudOZwGltv2VIucWi6jdVIOwwcWm2/ooyWGoZ170KFpM3/yPA/mqXlRZRwf95HSPW6IIp3vei2K8d1GnhD9PMdNgsNZ6d4WrZaD95FR2VHtzbxNiqRVCZ0otWm4MQ+fMcOizYYOfZ7b4SNlIVDdADjY2lzvYl5x/ac+3G2esoLZgRiO8wiUOGB2427HRnOc+ACX/Oa+bBjsIq/PMQDXLRvHi3rou5O1zt9zObzquDI14izvIBhXs+5zfYidFqpV2yqs3r6bcg+Mhds92sFMrU8isOWw76zY1jUQFpBCIl4qyCmWoiIraUzlyNRW5jEI/6xs0yzOcHtyI7GkjhIOlvQ327zQ5hRtUcjHUDb9q9dvlxD4yBhECZz2YlbHcC65S/lKMpUr6pjz0bznrSVBL9Wi8+l37QvEicwrquVzstc3jv8ZQnzcZeC/GeZpu7g/6DDWkKpPBt7fonurw/QReY83ZHZQ+Nk5G81x/9hGLBfG8cs= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(136003)(396003)(376002)(366004)(346002)(451199015)(38100700002)(31696002)(86362001)(6486002)(478600001)(26005)(8936002)(66946007)(19627235002)(66556008)(66476007)(4326008)(54906003)(83380400001)(2906002)(316002)(6506007)(5660300002)(7416002)(53546011)(41300700001)(6512007)(2616005)(186003)(8676002)(31686004)(36756003)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?S3V1bkJDbW03OCs0NUc2Nzk3cXNwMzRKZ25XUXBPZXJGTnlxeGNqaHpBSkRU?= =?utf-8?B?Mk92UHdDOGZCeEhrd2o0NEZiQmxTUXJkOUF6d2FLd2tvQU9qSWFGeHlnaGpN?= =?utf-8?B?bTBkR0I5bitocXJYbTFxREZKQThOWlpkVDQwb1p5b3ArNERDanZSUnRaMlNv?= =?utf-8?B?VkExSHdrNi9wMnlkRDJ2NFVaa05qYlBqbkNKeHpNRjFTblJhZXUwaW9Talpo?= =?utf-8?B?WXpKUk1wR2p1cUZ0WGFYZUxOT05ud3ZQTDFoWGlYV2Zuc2dtcno3VWJERzQz?= =?utf-8?B?VEYrMW1lSkhjdkVibTNDTHVwc2IrTEZ5WUZWV0FyaGVxRDVLTWlhNlRpR1J4?= =?utf-8?B?QzErY2prcTcxaGk4OFlCWWZGdDdFcjJuM28rdVpqZEhvdGpVRVpwRmVXcEQr?= =?utf-8?B?VWxWT0J6S0dIL1VVUTZSbFMxMVBYNGM1M2dFTUlBV1lFQ2RMVElzd0Jtd0cx?= =?utf-8?B?M3hNYlJoclpoY045dFlMK1c2NWY3d0VOcDV5aVpLY0pTV0lGaUJVTEdTeUky?= =?utf-8?B?MEpob0dnaEdjMzIzOVJURmQvT0dFQTJPdGNBR2I0RnVGN0Z6WkVTY0xpM1hD?= =?utf-8?B?UTgyRjd5NnF3RGR3Y0J0QjFVYk42WDN1U21USUsvMDdqWHhKeWZPWXcvU2I1?= =?utf-8?B?MklsYkFUVjRhYUtoeXl0Rkt5b0xLeWh3YW1jbk9kQ2xKeUxsS3c3bVFxcnZX?= =?utf-8?B?NkxvWVZ6c2NmWGtSK0VEOU9vWS9FbWJSbVpNa0dIc2tuZU5JR0JzbWdrK0xj?= =?utf-8?B?aTZpRlNEZ0ozd0tQbkNXK29iWk1walZBbkZPWUFBRndyNUo5SENPb3VqM0xD?= =?utf-8?B?cnR5N2wyV2puUG9oTEZ3VFRqK2J2VmNPUGhjNFlROU45NE9vdC8xK3RoQmtL?= =?utf-8?B?VXBWdWZoR1NYUlYvV2lGUkZSdko2RG5PWFMxRmd0UVc3SDZPTG5qbWZNeTI3?= =?utf-8?B?RlFVOFMybS9mWWh1U2xXUnpYOFZuUXlPbDhtaVZJWDJESmwrYmRNRGVKVmpj?= =?utf-8?B?dituMlBSUEs0bHF1aUszaGt1V0VDSDhuKy9xUnZlOW9vMDVoWTlWY0IvNGJy?= =?utf-8?B?YWc0d2xHWll2RHpwSFBTVTlEM0MwNkFhSjNNUEd3U3ArRUt2Q2U1UmJYRkxE?= =?utf-8?B?clpheUhKZ0NLY1YzZUxaSXkrbGsvcUxScjhMTk9xQ0xoanNCVmhrRWpzb0lN?= =?utf-8?B?WGhaZ2Jhc0d2UDkrVUxuSHc1TG1IRHZYdnJXTTFVUUpab1RkRXFkM3NmblMx?= =?utf-8?B?UlN4cERZOW9qNnNURno2S2hQZGEzSVlsZlF1OTNMclpPWUcwdit6YVc5dzVa?= =?utf-8?B?T2pyT1Q0ZW1tVGJCTzA2aWdRbktmMHJLWEFvRS9FbVZXd0FFS2lNZmlTQTBz?= =?utf-8?B?MVdrNlQ0MHcxanRUZUlPYytvcDZUaC9IeUlvdFpWSHpxd1pTR01ya2tOWURY?= =?utf-8?B?bFBBdy9ZL1FLSlMra2NnUStqNTc4Z2dPK1M4Vmk2QVdFTEpOL2pEZ0pTNElQ?= =?utf-8?B?V3Q3cjU0SGRodnV2aWJLK28zTE1sdHhFQ2FZVlYxNjl4dGNNb2VkUm5iQ0Fn?= =?utf-8?B?WW9INzdWTWRweFUwQWZnNk9OSTVJb1dVYWVkTjZKd2RHL0tkRE0yN3JUSGdU?= =?utf-8?B?MEFMZmlrRVJlaitIOS82SnNsVFFmazhnclVzYTE2bm5YeDhEYlVZR3NhUVR0?= =?utf-8?B?d3JiZ3RmRXVWSC9kVUhLSWY0WTZMTENjdVRCZUNNRFdVUTdaNmtMaWNZYS9X?= =?utf-8?B?dWt6S2s3WWEyYkRCSjVzaXhhOGo1dm9PcjZ2OGl1NFlNQUU4NVRSd01MYXYx?= =?utf-8?B?OThtSTI1MVNmMVd6N1NwTDFNeDJneTNXaVB3MTJ6cG5rTml4RHoxUUJjdG1n?= =?utf-8?B?dDJHRFY1VGxlcDZnWHpOeDcyYmFsSmpzUjVGUXBvUS9TNzVVSjIvUkNrOXB0?= =?utf-8?B?YTBZMk5EbkJreGVhSXRxMTQvZnE4Z2g0YzcyTzB2aGJTUndHU2RHS3J4Rnk3?= =?utf-8?B?Nk16UUJTQVJoUXQ0QVh4NFhMbEpSRjFEWTFCMkxYdlZlRlhYK0tWQ2tlQzBo?= =?utf-8?B?ZlFYRkh5dVFvazJCV3dlNzR3Q056VHp0YVBxd0tmMGdaeHJadXZ1dlgzMVlS?= =?utf-8?Q?kde4gD6dmW8Y80Fdx+HZ/usoF?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: ac64fe36-f9e6-4bfa-b752-08dac196c502 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 14:37:32.2140 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: BqA6IkKgS5nuR8tdfpzMIdyuL18arG4Xu+nTyOBO4XrIk/5atebZxybsDkZNC3OWq/NdT8y2iufR+PSTqJqMXg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7766 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 10/24/22 15:41, Dionna Glaze wrote: > These seven patches build on the lazy-accept patch series > > "Introduce Lazy-accept for Tdx guest" Since the above series was accepted into the EDK2 tree, can this series also be pulled in so that both TDX and SNP can support unaccepted memory in the same release? Thanks, Tom > > by adding SEV-SNP support for the MemoryAccept protocol, and > importantly making eager memory acceptance the default behavior. > > We implement a standardized event group from UEFI v2.9, > EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES, since it provides exactly > the right invocation point for eagerly accepting memory if eager > acceptance has not been disabled. > > To make use of this event group, we add a new driver that is meant to > carry behavior that is needed for all confidential compute technologies, > not just specific platforms, CocoDxe. In CocoDxe we implement the > default safe behavior to accept all unaccepted memory and invalidate > the MemoryMap on ExitBootServices. > > To allow the OS loader to prevent the eager acceptance, we add a new > protocol, up for standardization, AcceptAllUnacceptedMemoryProtocol. > This protocol has one interface, Disable(). The OS loader can inform the > UEFI that it supports the unaccepted memory type and accepts the > responsibility to accept it. > > All images that support unaccepted memory must now locate and call this > new BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL and call the Disable > function. > > Changes since v7: > - Rebased onto lazy accept v4 patch series, so memory accept protocol > has the EDKII prefix, and the unaccepted memory type has the BZ3937 > prefix. > - Removed a bad #include to a header removed in v7. > - Renamed the protocol to BZ3987_MEMORY_ACCEPTANCE_PROTOCOL as per the > discussion on the buganizer issue. > - Uncrustify formatting > > Changes since v6: > - Added implementation of EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES. > - Changed callback protocol of v5 to instead use the standardized event > group for before_exit_boot_services. > > Changes since v5: > - Generic callback protocol moved to MdeModulePkg > - Removed use of EFI_WARN_STALE_DATA and added comment that the callback > should only return EFI_SUCCESS or EFI_INVALID_PARAMETER. > - Removed errant log statement and fixed formatting. > > Changes since v4: > - Commit message wording > - Replaced direct change to DxeMain with a more generic callback > protocol. > - Implemented the direct change as an instance of the callback protocol > from a new CocoDxe driver. > - Replaced "enable" protocol with a "disable" protocol, since the name > was confusing. The AcceptAllUnacceptedMemory protocol directly names > the behavior that is disabling. > > Changes since v3: > - "DxeMain accepts all memory" patch split into 3 to make each patch > affect only one package at a time. > > Changes since v2: > - Removed the redundant memory accept interface and added the accept > behavior to the DXE implementation of > MemEncryptSevSnpPreValidateSystemRam. > - Fixed missing #include in >=4GB patch. > > Changes since v1: > - Added a patch to classify SEV-SNP memory above 4GB unaccepted. > - Fixed style problems in EfiMemoryAcceptProtocol implementation. > > Cc: Ard Biescheuvel > Cc: "Min M. Xu" > Cc: Gerd Hoffmann > Cc: James Bottomley > Cc: Tom Lendacky > Cc: Jiewen Yao > Cc: Erdem Aktas > Cc: Andrew Fish > Cc: "Michael D. Kinney" > > Signed-off-by: Dionna Glaze > > Dionna Glaze (7): > OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe > MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID > MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices > OvmfPkg: Introduce CocoDxe driver > MdePkg: Introduce the MemoryAcceptance protocol > OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe > OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted > > MdeModulePkg/Core/Dxe/DxeMain.inf | 1 + > MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 + > MdePkg/Include/Guid/EventGroup.h | 5 + > MdePkg/Include/Protocol/MemoryAcceptance.h | 40 +++++ > MdePkg/MdePkg.dec | 8 +- > OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + > OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++- > OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 + > OvmfPkg/CocoDxe/CocoDxe.c | 174 ++++++++++++++++++++ > OvmfPkg/CocoDxe/CocoDxe.inf | 46 ++++++ > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + > OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 + > OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++- > OvmfPkg/OvmfPkgIa32X64.dsc | 1 + > OvmfPkg/OvmfPkgIa32X64.fdf | 1 + > OvmfPkg/OvmfPkgX64.dsc | 1 + > OvmfPkg/OvmfPkgX64.fdf | 1 + > OvmfPkg/PlatformPei/AmdSev.c | 5 + > 19 files changed, 366 insertions(+), 9 deletions(-) > create mode 100644 MdePkg/Include/Protocol/MemoryAcceptance.h > create mode 100644 OvmfPkg/CocoDxe/CocoDxe.c > create mode 100644 OvmfPkg/CocoDxe/CocoDxe.inf >