Re: [edk2-devel] [PATCH v4 1/6] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe

Wed, 28 Sep 2022 14:02:26 -0700 

On 9/28/22 10:33, Dionna Glaze wrote:

From: Sophia Wolf <phiaw...@google.com>

When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.

EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.

Cc: Gerd Hoffmann <kra...@redhat.com>
Cc: James Bottomley <j...@linux.ibm.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>

Signed-off-by: Sophia Wolf <phiaw...@google.com>
---
  OvmfPkg/AmdSevDxe/AmdSevDxe.c                                      | 34 
++++++++++++++++++++
  OvmfPkg/AmdSevDxe/AmdSevDxe.inf                                    |  3 ++
  OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 
+++++++++++---
  3 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..09aa15165d 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
  #include <Library/UefiBootServicesTableLib.h>
  #include <Guid/ConfidentialComputingSevSnpBlob.h>
  #include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>
STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { 
    SIGNATURE_32 ('A',                                    'M', 'D', 'E'),
@@ -31,6 +32,29 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  
mSnpBootDxeTable = {
    FixedPcdGet32 (PcdOvmfCpuidSize),
  };
+STATIC EFI_HANDLE mAmdSevDxeHandle = NULL; 
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+  IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+  IN EFI_PHYSICAL_ADDRESS StartAddress,
+  IN UINTN Size
+)
+{
+  MemEncryptSevSnpPreValidateSystemRam (
+    StartAddress,
+    EFI_SIZE_TO_PAGES (Size)
Sorry, I forgot to ask this earlier in the series, but is StartAddress guaranteed to be page-aligned and Size a multiple of 4KB? Should there be any asserts for those just in case?
Also, can Size be 0? In which case MemEncryptSevSnpPreValidateSystemRam() shouldn't be called? 


+    );
+
+  return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
+  AmdSevMemoryAccept
+};
+
  EFI_STATUS
  EFIAPI
  AmdSevDxeEntryPoint (
@@ -147,6 +171,16 @@ AmdSevDxeEntryPoint (
      }
    }
+ Status = gBS->InstallProtocolInterface ( 
+                  &mAmdSevDxeHandle,
+                  &gEfiMemoryAcceptProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  &mMemoryAcceptProtocol
+                  );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Install EfiMemoryAcceptProtocol failed.\n"));
+  }


Should this only be installed for an SNP guest, e.g. put within the
"if (MemEncryptSevSnpIsEnabled ()) {" check?

Maybe use ASSERT_EFI_ERROR (Status)?

Thanks,
Tom


+
    //
    // If its SEV-SNP active guest then install the 
CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
    // It contains the location for both the Secrets and CPUID page.
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
    gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
    gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
+[Protocols] 
+  gEfiMemoryAcceptProtocolGuid
+
  [Guids]
    gConfidentialComputingSevSnpBlobGuid
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c 
index d3a95e4913..ee3710f7b3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
  #include <Library/MemEncryptSevLib.h>
#include "SnpPageStateChange.h" 
+#include "VirtualMemory.h"
/** 
    Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam (
    IN UINTN             NumPages
    )
  {
+  EFI_STATUS Status;
+
    if (!MemEncryptSevSnpIsEnabled ()) {
      return;
    }
- // 
-  // All the pre-validation must be completed in the PEI phase.
-  //
-  ASSERT (FALSE);
+  // DXE pre-validation may happen with the memory accept protocol.
+  // The protocol should only be called outside the prevalidated ranges
+  // that the PEI stage code explicitly skips. Specifically, only memory
+  // ranges that are classified as unaccepted.
+  if (BaseAddress >= SIZE_4GB) {
+    Status = InternalMemEncryptSevCreateIdentityMap1G (
+               0,
+               BaseAddress,
+               EFI_PAGES_TO_SIZE (NumPages)
+               );
+    if (EFI_ERROR (Status)) {
+      ASSERT (FALSE);
+      CpuDeadLoop ();
+    }
+  }
+
+  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
  }



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94485): https://edk2.groups.io/g/devel/message/94485
Mute This Topic: https://groups.io/mt/93975245/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to