On 6/16/2022 1:37 PM, Gerd Hoffmann wrote:
Hi,
Per my understanding, Unaccepted Memory in UEFI is introduced for
confidential VMs, i.e., for Intel TDX and AMD SEV-SNP. The only reason
UEFI/OVMF reports "Unaccepted Memory" to OS, is a confidential VM is
desired.
No. Reporting "Unaccepted Memory" to the OS is not a hard requirement
for confidential VMs, it only optimizes boot times. Instead of doing
that time-consuming process in the firmware for all memory we tell the
guest OS which memory is accepted already and which is not. So the
guest OS can go accept the remaining memory in a background process.
But for non-confidential VMs, even a range of memory is reported as
unaccepted nothing prevents it from being accessed without accepting it,
and it's not time-consuming. Did I miss anything?
take care,
Gerd
