OvmfPkg/PlatformPei: reserve the SMRAM at the default SMBASE, if it exists

The 128KB SMRAM at the default SMBASE will be used for protecting the
initial SMI handler for hot-plugged VCPUs. After platform reset, the SMRAM
in question is open (and looks just like RAM). When BDS signals
EFI_DXE_MM_READY_TO_LOCK_PROTOCOL (and so TSEG is locked down), we're
going to lock the SMRAM at the default SMBASE too.

For this, we have to reserve said SMRAM area as early as possible, from
components in PEI, DXE, and OS runtime.

* QemuInitializeRam() currently produces a single resource descriptor HOB,
  for exposing the system RAM available under 1GB. This occurs during both
  normal boot and S3 resume identically (the latter only for the sake of
  CpuMpPei borrowing low RAM for the AP startup vector).

  But, the SMRAM at the default SMBASE falls in the middle of the current
  system RAM HOB. Split the HOB, and cover the SMRAM with a reserved
  memory HOB in the middle. CpuMpPei (via MpInitLib) skips reserved memory
  HOBs.

* InitializeRamRegions() is responsible for producing memory allocation
  HOBs, carving out parts of the resource descriptor HOBs produced in
  QemuInitializeRam(). Allocate the above-introduced reserved memory
  region in full, similarly to how we treat TSEG, so that DXE and the OS
  avoid the locked SMRAM (black hole) in this area.

  (Note that these allocations only occur on the normal boot path, as they
  matter for the UEFI memory map, which cannot be changed during S3
  resume.)

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1512
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Message-Id: <20200129214412.2361-8-lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
index 4879ee87b797613fe9f024fcf47cebca92d8632d..8fdc9c2ed7c9676163e5a3afa1518a0a15ddeaba 100644 (file)
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -646,6 +646,28 @@ PublishPeiMemory (
 }\r
 \r
 \r
+STATIC\r
+VOID\r
+QemuInitializeRamBelow1gb (\r
+  VOID\r
+  )\r
+{\r
+  if (FeaturePcdGet (PcdSmmSmramRequire) && mQ35SmramAtDefaultSmbase) {\r
+    AddMemoryRangeHob (0, SMM_DEFAULT_SMBASE);\r
+    AddReservedMemoryBaseSizeHob (SMM_DEFAULT_SMBASE, MCH_DEFAULT_SMBASE_SIZE,\r
+      TRUE /* Cacheable */);\r
+    STATIC_ASSERT (\r
+      SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE < BASE_512KB + BASE_128KB,\r
+      "end of SMRAM at default SMBASE ends at, or exceeds, 640KB"\r
+      );\r
+    AddMemoryRangeHob (SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE,\r
+      BASE_512KB + BASE_128KB);\r
+  } else {\r
+    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);\r
+  }\r
+}\r
+\r
+\r
 /**\r
   Peform Memory Detection for QEMU / KVM\r
 \r
@@ -690,12 +712,12 @@ QemuInitializeRam (
     // allocation HOBs, and to honor preexistent memory allocation HOBs when\r
     // looking for an area to borrow.\r
     //\r
-    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);\r
+    QemuInitializeRamBelow1gb ();\r
   } else {\r
     //\r
     // Create memory HOBs\r
     //\r
-    AddMemoryRangeHob (0, BASE_512KB + BASE_128KB);\r
+    QemuInitializeRamBelow1gb ();\r
 \r
     if (FeaturePcdGet (PcdSmmSmramRequire)) {\r
       UINT32 TsegSize;\r
@@ -861,6 +883,17 @@ InitializeRamRegions (
         TsegSize,\r
         EfiReservedMemoryType\r
         );\r
+      //\r
+      // Similarly, allocate away the (already reserved) SMRAM at the default\r
+      // SMBASE, if it exists.\r
+      //\r
+      if (mQ35SmramAtDefaultSmbase) {\r
+        BuildMemoryAllocationHob (\r
+          SMM_DEFAULT_SMBASE,\r
+          MCH_DEFAULT_SMBASE_SIZE,\r
+          EfiReservedMemoryType\r
+          );\r
+      }\r
     }\r
   }\r
 }\r