subject:"\[edk2\-devel\] \[PATCH 0\/3\] Add safe unaccepted memory behavior"

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

2022-09-26 Thread Gerd Hoffmann

On Fri, Sep 23, 2022 at 02:42:57PM -0500, Tom Lendacky wrote:
> On 9/23/22 14:34, Dionna Amalie Glaze wrote:
> > Ah yes, I did forget to include that patch. Will add to v2. I was just
> > setting the ResourceType to unaccepted and skipping the Prevalidate call
> > in PlatformPei if the start address is greater or equal to SIZE_4GB.
> > That seemed more self-contained than messing with PlatformInitLib. Would
> > you prefer that I add SevSnp logic to PlatformInitLib?
> 
> No, if it works and is easier / more concise, then please keep it the way
> you have it.

Well, moving over the SEV code over to PlatformInitLib makes sense.

That should allow the AmdSev use pei-less boot, simliar to IntelTdx,
and further down the road allow unify AmdSev + IntelTdx variants into
a single firmware binary supporting both SevSnp and Tdx.

I don't think that should be part of the "unaccepted memory" patch
series though.

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94341): https://edk2.groups.io/g/devel/message/94341
Mute This Topic: https://groups.io/mt/93857638/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

2022-09-23 Thread Lendacky, Thomas via groups.io


On 9/23/22 14:34, Dionna Amalie Glaze wrote:
Ah yes, I did forget to include that patch. Will add to v2. I was just 
setting the ResourceType to unaccepted and skipping the Prevalidate call 
in PlatformPei if the start address is greater or equal to SIZE_4GB. That 
seemed more self-contained than messing with PlatformInitLib. Would you 
prefer that I add SevSnp logic to PlatformInitLib?


No, if it works and is easier / more concise, then please keep it the way 
you have it.


Thanks,
Tom



On Fri, Sep 23, 2022 at 10:19 AM Tom Lendacky > wrote:


On 9/22/22 15:50, Dionna Glaze wrote:
 > These three patches build on the lazy-accept patch series
 >
 > "Introduce Lazy-accept for Tdx guest"
 >
 > by adding SEV-SNP support for the MemoryAccept protocol, and
 > importantly making eager memory acceptance the default behavior.
 >
 > For unaccepted memory to be enabled, we must know that the booted image
 > supports the unaccepted memory type. We add a trivial protocol that
sets
 > a dynamic Pcd to true when called in order for the booted image to
 > signal its support for unaccepted memory. This does not need to be an
 > OsIndications bit because it does not need to be persisted.
 >
 > We use the Pcd to disable a new ExitBootServices notification that
 > accepts all unaccepted memory, removes the unaccepted memory entries in
 > the memory space map, and then add the same memory ranges back as
 > conventional memory.
 >
 > All images that support unaccepted memory must now locate and call this
 > new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

This seems to be missing the creation of unaccepted memory under SEV-SNP.
Is that going to be part of a separate patch (to update
PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as
unaccepted)?

Thanks,
Tom

 >
 > Cc: Ard Biescheuvel mailto:a...@kernel.org>>
 > Cc: "Min M. Xu" mailto:min.m...@intel.org>>
 > Cc: Gerd Hoffmann mailto:kra...@redhat.com>>
 > Cc: James Bottomley mailto:j...@linux.ibm.com>>
 > Cc: Tom Lendacky mailto:thomas.lenda...@amd.com>>
 > Cc: Jiewen Yao mailto:jiewen@intel.com>>
 > Cc: Erdem Aktas mailto:erdemak...@google.com>>
 >
 > Signed-off-by: Dionna Glaze mailto:dionnagl...@google.com>>
 >
 > Dionna Glaze (3):
 >    OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
 >    DxeMain accepts all memory at EBS if needed
 >    MdeModulePkg: add EnableUnacceptedMemoryProtocol
 >
 >   MdeModulePkg/Core/Dxe/DxeMain.h               |  32 +
 >   MdeModulePkg/Core/Dxe/DxeMain.inf             |   3 +
 >   MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c       |  19 ++-
 >   MdeModulePkg/Core/Dxe/Mem/Page.c              | 122
++
 >   MdeModulePkg/MdeModulePkg.dec                 |   9 ++
 >   MdeModulePkg/MdeModulePkg.uni                 |   6 +
 >   OvmfPkg/AmdSev/AmdSevX64.dsc                  |   1 +
 >   OvmfPkg/AmdSevDxe/AmdSevDxe.c                 |  27 
 >   OvmfPkg/AmdSevDxe/AmdSevDxe.inf               |   3 +
 >   OvmfPkg/Bhyve/BhyveX64.dsc                    |   2 +
 >   OvmfPkg/CloudHv/CloudHvX64.dsc                |   2 +
 >   OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
 >   OvmfPkg/IntelTdx/IntelTdxX64.dsc              |   2 +
 >   .../Ia32/MemEncryptSevLib.c                   |  17 +++
 >   .../X64/DxeSnpSystemRamValidate.c             |  35 +
 >   .../X64/PeiSnpSystemRamValidate.c             |  17 +++
 >   .../X64/SecSnpSystemRamValidate.c             |  18 +++
 >   OvmfPkg/OvmfPkgIa32X64.dsc                    |   2 +
 >   OvmfPkg/OvmfPkgX64.dsc                        |   2 +
 >   OvmfPkg/OvmfXen.dsc                           |   2 +
 >   20 files changed, 334 insertions(+), 1 deletion(-)
 >



--
-Dionna Glaze, PhD (she/her)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94249): https://edk2.groups.io/g/devel/message/94249
Mute This Topic: https://groups.io/mt/93857638/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

2022-09-23 Thread Dionna Glaze via groups.io

Ah yes, I did forget to include that patch. Will add to v2. I was just
setting the ResourceType to unaccepted and skipping the Prevalidate call in
PlatformPei if the start address is greater or equal to SIZE_4GB. That
seemed more self-contained than messing with PlatformInitLib. Would you
prefer that I add SevSnp logic to PlatformInitLib?

On Fri, Sep 23, 2022 at 10:19 AM Tom Lendacky 
wrote:

> On 9/22/22 15:50, Dionna Glaze wrote:
> > These three patches build on the lazy-accept patch series
> >
> > "Introduce Lazy-accept for Tdx guest"
> >
> > by adding SEV-SNP support for the MemoryAccept protocol, and
> > importantly making eager memory acceptance the default behavior.
> >
> > For unaccepted memory to be enabled, we must know that the booted image
> > supports the unaccepted memory type. We add a trivial protocol that sets
> > a dynamic Pcd to true when called in order for the booted image to
> > signal its support for unaccepted memory. This does not need to be an
> > OsIndications bit because it does not need to be persisted.
> >
> > We use the Pcd to disable a new ExitBootServices notification that
> > accepts all unaccepted memory, removes the unaccepted memory entries in
> > the memory space map, and then add the same memory ranges back as
> > conventional memory.
> >
> > All images that support unaccepted memory must now locate and call this
> > new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.
>
> This seems to be missing the creation of unaccepted memory under SEV-SNP.
> Is that going to be part of a separate patch (to update
> PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)?
>
> Thanks,
> Tom
>
> >
> > Cc: Ard Biescheuvel 
> > Cc: "Min M. Xu" 
> > Cc: Gerd Hoffmann 
> > Cc: James Bottomley 
> > Cc: Tom Lendacky 
> > Cc: Jiewen Yao 
> > Cc: Erdem Aktas 
> >
> > Signed-off-by: Dionna Glaze 
> >
> > Dionna Glaze (3):
> >OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
> >DxeMain accepts all memory at EBS if needed
> >MdeModulePkg: add EnableUnacceptedMemoryProtocol
> >
> >   MdeModulePkg/Core/Dxe/DxeMain.h   |  32 +
> >   MdeModulePkg/Core/Dxe/DxeMain.inf |   3 +
> >   MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c   |  19 ++-
> >   MdeModulePkg/Core/Dxe/Mem/Page.c  | 122 ++
> >   MdeModulePkg/MdeModulePkg.dec |   9 ++
> >   MdeModulePkg/MdeModulePkg.uni |   6 +
> >   OvmfPkg/AmdSev/AmdSevX64.dsc  |   1 +
> >   OvmfPkg/AmdSevDxe/AmdSevDxe.c |  27 
> >   OvmfPkg/AmdSevDxe/AmdSevDxe.inf   |   3 +
> >   OvmfPkg/Bhyve/BhyveX64.dsc|   2 +
> >   OvmfPkg/CloudHv/CloudHvX64.dsc|   2 +
> >   OvmfPkg/Include/Library/MemEncryptSevLib.h|  14 ++
> >   OvmfPkg/IntelTdx/IntelTdxX64.dsc  |   2 +
> >   .../Ia32/MemEncryptSevLib.c   |  17 +++
> >   .../X64/DxeSnpSystemRamValidate.c |  35 +
> >   .../X64/PeiSnpSystemRamValidate.c |  17 +++
> >   .../X64/SecSnpSystemRamValidate.c |  18 +++
> >   OvmfPkg/OvmfPkgIa32X64.dsc|   2 +
> >   OvmfPkg/OvmfPkgX64.dsc|   2 +
> >   OvmfPkg/OvmfXen.dsc   |   2 +
> >   20 files changed, 334 insertions(+), 1 deletion(-)
> >
>


-- 
-Dionna Glaze, PhD (she/her)


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94248): https://edk2.groups.io/g/devel/message/94248
Mute This Topic: https://groups.io/mt/93857638/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

2022-09-23 Thread Lendacky, Thomas via groups.io


On 9/22/22 15:50, Dionna Glaze wrote:

These three patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

For unaccepted memory to be enabled, we must know that the booted image
supports the unaccepted memory type. We add a trivial protocol that sets
a dynamic Pcd to true when called in order for the booted image to
signal its support for unaccepted memory. This does not need to be an
OsIndications bit because it does not need to be persisted.

We use the Pcd to disable a new ExitBootServices notification that
accepts all unaccepted memory, removes the unaccepted memory entries in
the memory space map, and then add the same memory ranges back as
conventional memory.

All images that support unaccepted memory must now locate and call this
new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.


This seems to be missing the creation of unaccepted memory under SEV-SNP. 
Is that going to be part of a separate patch (to update 
PlatformAddMemoryBaseSizeHob () and mark anything above 4GB as unaccepted)?


Thanks,
Tom



Cc: Ard Biescheuvel 
Cc: "Min M. Xu" 
Cc: Gerd Hoffmann 
Cc: James Bottomley 
Cc: Tom Lendacky 
Cc: Jiewen Yao 
Cc: Erdem Aktas 

Signed-off-by: Dionna Glaze 

Dionna Glaze (3):
   OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
   DxeMain accepts all memory at EBS if needed
   MdeModulePkg: add EnableUnacceptedMemoryProtocol

  MdeModulePkg/Core/Dxe/DxeMain.h   |  32 +
  MdeModulePkg/Core/Dxe/DxeMain.inf |   3 +
  MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c   |  19 ++-
  MdeModulePkg/Core/Dxe/Mem/Page.c  | 122 ++
  MdeModulePkg/MdeModulePkg.dec |   9 ++
  MdeModulePkg/MdeModulePkg.uni |   6 +
  OvmfPkg/AmdSev/AmdSevX64.dsc  |   1 +
  OvmfPkg/AmdSevDxe/AmdSevDxe.c |  27 
  OvmfPkg/AmdSevDxe/AmdSevDxe.inf   |   3 +
  OvmfPkg/Bhyve/BhyveX64.dsc|   2 +
  OvmfPkg/CloudHv/CloudHvX64.dsc|   2 +
  OvmfPkg/Include/Library/MemEncryptSevLib.h|  14 ++
  OvmfPkg/IntelTdx/IntelTdxX64.dsc  |   2 +
  .../Ia32/MemEncryptSevLib.c   |  17 +++
  .../X64/DxeSnpSystemRamValidate.c |  35 +
  .../X64/PeiSnpSystemRamValidate.c |  17 +++
  .../X64/SecSnpSystemRamValidate.c |  18 +++
  OvmfPkg/OvmfPkgIa32X64.dsc|   2 +
  OvmfPkg/OvmfPkgX64.dsc|   2 +
  OvmfPkg/OvmfXen.dsc   |   2 +
  20 files changed, 334 insertions(+), 1 deletion(-)




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94243): https://edk2.groups.io/g/devel/message/94243
Mute This Topic: https://groups.io/mt/93857638/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

2022-09-22 Thread Dionna Glaze via groups.io

These three patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

For unaccepted memory to be enabled, we must know that the booted image
supports the unaccepted memory type. We add a trivial protocol that sets
a dynamic Pcd to true when called in order for the booted image to
signal its support for unaccepted memory. This does not need to be an
OsIndications bit because it does not need to be persisted.

We use the Pcd to disable a new ExitBootServices notification that
accepts all unaccepted memory, removes the unaccepted memory entries in
the memory space map, and then add the same memory ranges back as
conventional memory.

All images that support unaccepted memory must now locate and call this
new ENABLE_UNACCEPTED_MEMORY_PROTOCOL.

Cc: Ard Biescheuvel 
Cc: "Min M. Xu" 
Cc: Gerd Hoffmann 
Cc: James Bottomley 
Cc: Tom Lendacky 
Cc: Jiewen Yao 
Cc: Erdem Aktas 

Signed-off-by: Dionna Glaze 

Dionna Glaze (3):
  OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
  DxeMain accepts all memory at EBS if needed
  MdeModulePkg: add EnableUnacceptedMemoryProtocol

 MdeModulePkg/Core/Dxe/DxeMain.h   |  32 +
 MdeModulePkg/Core/Dxe/DxeMain.inf |   3 +
 MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c   |  19 ++-
 MdeModulePkg/Core/Dxe/Mem/Page.c  | 122 ++
 MdeModulePkg/MdeModulePkg.dec |   9 ++
 MdeModulePkg/MdeModulePkg.uni |   6 +
 OvmfPkg/AmdSev/AmdSevX64.dsc  |   1 +
 OvmfPkg/AmdSevDxe/AmdSevDxe.c |  27 
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf   |   3 +
 OvmfPkg/Bhyve/BhyveX64.dsc|   2 +
 OvmfPkg/CloudHv/CloudHvX64.dsc|   2 +
 OvmfPkg/Include/Library/MemEncryptSevLib.h|  14 ++
 OvmfPkg/IntelTdx/IntelTdxX64.dsc  |   2 +
 .../Ia32/MemEncryptSevLib.c   |  17 +++
 .../X64/DxeSnpSystemRamValidate.c |  35 +
 .../X64/PeiSnpSystemRamValidate.c |  17 +++
 .../X64/SecSnpSystemRamValidate.c |  18 +++
 OvmfPkg/OvmfPkgIa32X64.dsc|   2 +
 OvmfPkg/OvmfPkgX64.dsc|   2 +
 OvmfPkg/OvmfXen.dsc   |   2 +
 20 files changed, 334 insertions(+), 1 deletion(-)

-- 
2.37.3.998.g577e59143f-goog



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94134): https://edk2.groups.io/g/devel/message/94134
Mute This Topic: https://groups.io/mt/93857638/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

Re: [edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

[edk2-devel] [PATCH 0/3] Add safe unaccepted memory behavior

5 matches

Site Navigation

Mail list logo

Footer information