[edk2-devel] [PATCH v11 3/4] OvmfPkg: Implement AcceptAllUnacceptedMemory in AmdSevDxe

Thu, 26 Jan 2023 13:17:55 -0800 

This protocol implementation disables the accept-all-memory behavior
of the BeforeExitBootServices event this driver adds.

Cc: Gerd Hoffmann <kra...@redhat.com>
Cc: James Bottomley <j...@linux.ibm.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: Ard Biesheuvel <a...@kernel.org>
Cc: "Min M. Xu" <min.m...@intel.com>
Cc: Andrew Fish <af...@apple.com>
Cc: "Michael D. Kinney" <michael.d.kin...@intel.com>

Signed-off-by: Dionna Glaze <dionnagl...@google.com>
---
 OvmfPkg/AmdSevDxe/AmdSevDxe.c   | 26 ++++++++++++++++++++
 OvmfPkg/AmdSevDxe/AmdSevDxe.inf |  1 +
 2 files changed, 27 insertions(+)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 37d1a3ff55..9d05a16c6e 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -21,6 +21,7 @@
 #include <Guid/ConfidentialComputingSevSnpBlob.h>
 #include <Library/PcdLib.h>
 #include <Pi/PrePiDxeCis.h>
+#include <Protocol/SevMemoryAcceptance.h>
 #include <Protocol/MemoryAccept.h>
 
 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
@@ -143,6 +144,21 @@ ResolveUnacceptedMemory (
   ASSERT_EFI_ERROR (Status);
 }
 
+STATIC
+EFI_STATUS
+EFIAPI
+AllowUnacceptedMemory (
+  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
+  )
+{
+  mAcceptAllMemoryAtEBS = FALSE;
+  return EFI_SUCCESS;
+}
+
+STATIC
+OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
+  mMemoryAcceptanceProtocol = { AllowUnacceptedMemory };
+
 STATIC EDKII_MEMORY_ACCEPT_PROTOCOL  mMemoryAcceptProtocol = {
   AmdSevMemoryAccept
 };
@@ -292,6 +308,16 @@ AmdSevDxeEntryPoint (
       DEBUG ((DEBUG_ERROR, "AllowUnacceptedMemory event creation for 
EventBeforeExitBootServices failed.\n"));
     }
 
+    Status = gBS->InstallProtocolInterface (
+                    &mAmdSevDxeHandle,
+                    &gOvmfSevMemoryAcceptanceProtocolGuid,
+                    EFI_NATIVE_INTERFACE,
+                    &mMemoryAcceptanceProtocol
+                    );
+    if (EFI_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "Install OvmfSevMemoryAcceptanceProtocol 
failed.\n"));
+    }
+
     //
     // If its SEV-SNP active guest then install the 
CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
     // It contains the location for both the Secrets and CPUID page.
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 5b443d45bc..e7c7d526c9 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -49,6 +49,7 @@
 
 [Protocols]
   gEdkiiMemoryAcceptProtocolGuid
+  gOvmfSevMemoryAcceptanceProtocolGuid
 
 [Guids]
   gConfidentialComputingSevSnpBlobGuid
-- 
2.39.1.456.gfc5497dd1b-goog



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#99101): https://edk2.groups.io/g/devel/message/99101
Mute This Topic: https://groups.io/mt/96553085/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to