OvmfPkg: Add memory acceptance event in AmdSevDxe

The added behavior is to accept all unaccepted memory at
ExitBootServices if the behavior is not disabled. This allows safe
upgrades for OS loaders to affirm their support for the unaccepted
memory type.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Andrew Fish <afish@apple.com>
Cc: "Michael D. Kinney" <michael.d.kinney@intel.com>
Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index f7600c3c81e6206842df4afe3d3322b55f25c5cc..37d1a3ff55c6bbb1aae521ca112931d014f953ea 100644 (file)
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
 #include <Library/UefiBootServicesTableLib.h>\r
 #include <Guid/ConfidentialComputingSevSnpBlob.h>\r
 #include <Library/PcdLib.h>\r
+#include <Pi/PrePiDxeCis.h>\r
 #include <Protocol/MemoryAccept.h>\r
 \r
 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {\r
@@ -34,6 +35,10 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
 \r
 STATIC EFI_HANDLE  mAmdSevDxeHandle = NULL;\r
 \r
+STATIC BOOLEAN  mAcceptAllMemoryAtEBS = TRUE;\r
+\r
+STATIC EFI_EVENT  mAcceptAllMemoryEvent = NULL;\r
+\r
 #define IS_ALIGNED(x, y)  ((((x) & ((y) - 1)) == 0))\r
 \r
 STATIC\r
@@ -62,6 +67,82 @@ AmdSevMemoryAccept (
   return EFI_SUCCESS;\r
 }\r
 \r
+STATIC\r
+EFI_STATUS\r
+AcceptAllMemory (\r
+  VOID\r
+  )\r
+{\r
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *AllDescMap;\r
+  UINTN                            NumEntries;\r
+  UINTN                            Index;\r
+  EFI_STATUS                       Status;\r
+\r
+  DEBUG ((DEBUG_INFO, "Accepting all memory\n"));\r
+\r
+  /*\r
+   * Get a copy of the memory space map to iterate over while\r
+   * changing the map.\r
+   */\r
+  Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
+\r
+  for (Index = 0; Index < NumEntries; Index++) {\r
+    CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *Desc;\r
+\r
+    Desc = &AllDescMap[Index];\r
+    if (Desc->GcdMemoryType != EFI_GCD_MEMORY_TYPE_UNACCEPTED) {\r
+      continue;\r
+    }\r
+\r
+    Status = AmdSevMemoryAccept (\r
+               NULL,\r
+               Desc->BaseAddress,\r
+               Desc->Length\r
+               );\r
+    if (EFI_ERROR (Status)) {\r
+      break;\r
+    }\r
+\r
+    Status = gDS->RemoveMemorySpace (Desc->BaseAddress, Desc->Length);\r
+    if (EFI_ERROR (Status)) {\r
+      break;\r
+    }\r
+\r
+    Status = gDS->AddMemorySpace (\r
+                    EfiGcdMemoryTypeSystemMemory,\r
+                    Desc->BaseAddress,\r
+                    Desc->Length,\r
+                    EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP\r
+                    );\r
+    if (EFI_ERROR (Status)) {\r
+      break;\r
+    }\r
+  }\r
+\r
+  gBS->FreePool (AllDescMap);\r
+  return Status;\r
+}\r
+\r
+VOID\r
+EFIAPI\r
+ResolveUnacceptedMemory (\r
+  IN EFI_EVENT  Event,\r
+  IN VOID       *Context\r
+  )\r
+{\r
+  EFI_STATUS  Status;\r
+\r
+  if (!mAcceptAllMemoryAtEBS) {\r
+    return;\r
+  }\r
+\r
+  Status = AcceptAllMemory ();\r
+  ASSERT_EFI_ERROR (Status);\r
+}\r
+\r
 STATIC EDKII_MEMORY_ACCEPT_PROTOCOL  mMemoryAcceptProtocol = {\r
   AmdSevMemoryAccept\r
 };\r
@@ -195,6 +276,22 @@ AmdSevDxeEntryPoint (
                     );\r
     ASSERT_EFI_ERROR (Status);\r
 \r
+    // SEV-SNP support does not automatically imply unaccepted memory support,\r
+    // so make ExitBootServices accept all unaccepted memory if support is\r
+    // not communicated.\r
+    Status = gBS->CreateEventEx (\r
+                    EVT_NOTIFY_SIGNAL,\r
+                    TPL_CALLBACK,\r
+                    ResolveUnacceptedMemory,\r
+                    NULL,\r
+                    &gEfiEventBeforeExitBootServicesGuid,\r
+                    &mAcceptAllMemoryEvent\r
+                    );\r
+\r
+    if (EFI_ERROR (Status)) {\r
+      DEBUG ((DEBUG_ERROR, "AllowUnacceptedMemory event creation for EventBeforeExitBootServices failed.\n"));\r
+    }\r
+\r
     //\r
     // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.\r
     // It contains the location for both the Secrets and CPUID page.\r

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index cd1b686c5365f6ef3c14a71896895d1fd951c5fb..5b443d45bcefbf7ff29199836b0f1f203e829946 100644 (file)
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -52,6 +52,7 @@
 \r
 [Guids]\r
   gConfidentialComputingSevSnpBlobGuid\r
+  gEfiEventBeforeExitBootServicesGuid\r
 \r
 [Pcd]\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId\r