HI GaoLiming,
     The redundant symbol is available after using Hexedit and Edit command in the shell.

I have tried these 2 commands. These changes are required for Hexedit and Edit commands only.

 

Hi gaoliming,

Hello,
Thanks Leif for the review on the ArmPkg patches.

In case the maintainers of the MdePkg/SecurityPkg want to have a look at the v7,
I'll wait a bit before sending a new version,

Regards,
Pierre

Reviewed-by: James Lu <james.lu@...>

From: Gua Guo <gua.guo@...>

REF : https://bugzilla.tianocore.org/show_bug.cgi?id=3D4096

TDES and ARC4 services are deprecated so set it as disable.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: James Lu <james.lu@...>
Signed-off-by: Gua Guo <gua.guo@...>
---
UefiPayloadPkg/UefiPayloadPkg.dsc | 2 --
1 file changed, 2 deletions(-)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayload=
Pkg.dsc
index 8f23802199..1150be6acd 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -459,12 +459,10 @@
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge=
tContextSize | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In=
it | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb=
cEncrypt | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb=
cDecrypt | TRUE=0D
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
--=20
2.31.1.windows.1

On 10/5/22 15:33, Dionna Glaze wrote:

Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and
indicate that it can interpret the memory type accordingly.
This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.
Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>

Reviewed-by: Tom Lendacky <thomas.lendacky@...>

---

Ard told me it should still work this way.

Let me clarify that I've also tested the new code and it does still work.


--
-Dionna Glaze, PhD (she/her)

The specification says that disabling the timer should happen right
after. Ard told me it should still work this way.

--
-Dionna Glaze, PhD (she/her)

On 10/5/22 15:33, Dionna Glaze wrote:

Location of notification is has been specified in UEFI v2.9.
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>
Cc: Ray Ni <ray.ni@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++
2 files changed, 7 insertions(+)
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
index e4bca89577..35d5bf0dee 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -100,6 +100,7 @@
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
+ gEfiEventBeforeExitBootServicesGuid
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 5733f0c8ec..4683016ed7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -763,6 +763,12 @@ CoreExitBootServices (
{
EFI_STATUS Status;
+ //
+ // Notify other drivers of their last chance to use boot services
+ // before the memory map is terminated.
+ //
+ CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid);

Isn't this supposed to be after disabling the timer?

Thanks,
Tom

+
//
// Disable Timer
//

On 10/5/22 15:33, Dionna Glaze wrote:

From: Sophia Wolf <phiawolf@...>
When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.
EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>

Reviewed-by: Tom Lendacky <thomas.lendacky@...>

---

Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and
indicate that it can interpret the memory type accordingly.

This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/PlatformPei/AmdSev.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 385562b44c..2a52d6f491 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,7 @@
#include <Library/MemEncryptSevLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Pi/PrePiHob.h>
#include <PiPei.h>
#include <Register/Amd/Msr.h>
#include <Register/Intel/SmramSaveStateMap.h>
@@ -63,6 +64,10 @@ AmdSevSnpInitialize (
for (Hob.Raw = GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw = GET_NEXT_HOB (Hob)) {
if ((Hob.Raw != NULL) && (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR)) {
ResourceHob = Hob.ResourceDescriptor;
+ if (ResourceHob->PhysicalStart >= SIZE_4GB) {
+ ResourceHob->ResourceType = EFI_RESOURCE_MEMORY_UNACCEPTED;
+ continue;
+ }

if (ResourceHob->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) {
MemEncryptSevSnpPreValidateSystemRam (
--
2.38.0.rc1.362.ged0d419d3c-goog

This protocol implementation disables the accept-all-memory behavior
of the BeforeExitBootServices event this driver adds.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/CocoDxe/CocoDxe.c | 25 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 1 +
2 files changed, 26 insertions(+)

diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
index ae64fbf28e..a7c54b36a3 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.c
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -16,6 +16,7 @@
#include <Library/UefiBootServicesTableLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/MemEncryptTdxLib.h>
+#include <Protocol/Bz3987AcceptAllUnacceptedMemory.h>
#include <Protocol/ExitBootServicesCallback.h>
#include <Protocol/MemoryAccept.h>

@@ -105,6 +106,21 @@ ResolveUnacceptedMemory (
ASSERT_EFI_ERROR (Status);
}

+STATIC
+EFI_STATUS
+EFIAPI
+DisableAcceptAllUnacceptedMemory (
+ IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This
+ )
+{
+ mAcceptAllUnacceptedMemoryEnabled = FALSE;
+ return EFI_SUCCESS;
+}
+
+STATIC
+BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+mAcceptAllUnacceptedMemoryProtocol = {DisableAcceptAllUnacceptedMemory};
+
EFI_STATUS
EFIAPI
CocoDxeEntryPoint (
@@ -136,5 +152,14 @@ CocoDxeEntryPoint (
DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for EventBeforeExitBootServices failed.\n"));
}

+ Status = gBS->InstallProtocolInterface (&mCocoDxeHandle,
+ &gBz3987AcceptAllUnacceptedMemoryProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mAcceptAllUnacceptedMemoryProtocol
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Install Bz3987AcceptAllUnacceptedMemoryProtocol failed.\n"));
+ }
+
return EFI_SUCCESS;
}
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
index 3bbb5fc9cc..e24188147a 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.inf
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -42,4 +42,5 @@
gEfiEventBeforeExitBootServicesGuid

[Protocols]
+ gBz3987AcceptAllUnacceptedMemoryProtocolGuid
gEfiMemoryAcceptProtocolGuid
--
2.38.0.rc1.362.ged0d419d3c-goog

The default behavior for unaccepted memory is to accept all memory
when ExitBootServices is called. An OS loader can use this protocol to
Disable this behavior to assume responsibility for memory acceptance and
to affirm that the OS can handle the unaccepted memory type.

This is a candidate for standardization.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 ++++++++++++++++++++
MdePkg/MdePkg.dec | 3 ++
2 files changed, 43 insertions(+)

diff --git a/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h b/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
new file mode 100644
index 0000000000..e50831836c
--- /dev/null
+++ b/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
@@ -0,0 +1,40 @@
+/** @file
+ The file provides the protocol that disables the behavior that all memory
+ gets accepted at ExitBootServices(). This protocol is only meant to be called
+ by the OS loader, and not EDK2 itself.
+
+ Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#ifndef _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+#define _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+
+#define BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL_GUID \
+ {0xc5a010fe, \
+ 0x38a7, \
+ 0x4531, \
+ {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
+
+typedef struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+ BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL;
+
+/**
+ @param This A pointer to a BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY)(
+ IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This
+ );
+
+///
+/// The BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL allows the OS loader to
+/// indicate to EDK2 that ExitBootServices should not accept all memory.
+///
+struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL {
+ BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY Disable;
+};
+
+extern EFI_GUID gBz3987AcceptAllUnacceptedMemoryProtocolGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 32c3501e66..a453b67b7e 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -1022,6 +1022,9 @@
gEfiPeiDelayedDispatchPpiGuid = { 0x869c711d, 0x649c, 0x44fe, { 0x8b, 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}

[Protocols]
+ ## Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
+ gBz3987AcceptAllUnacceptedMemoryProtocolGuid = { 0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }}
+
## Include/Protocol/MemoryAccept.h
gEfiMemoryAcceptProtocolGuid = { 0x38c74800, 0x5590, 0x4db4, { 0xa0, 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}

--
2.38.0.rc1.362.ged0d419d3c-goog

This driver is meant as a join point for all Confidential Compute
technologies to put shared behavior that doesn't belong anywhere else.

The first behavior added here is to accept all unaccepted memory at
ExitBootServices if the behavior is not disabled. This allows safe
upgrades for OS loaders to affirm their support for the unaccepted
memory type.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
OvmfPkg/CocoDxe/CocoDxe.c | 140 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 45 +++++++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 +
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/OvmfPkgX64.fdf | 1 +
10 files changed, 193 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 90e8a213ef..ad6b73ca4a 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -747,6 +747,7 @@
<LibraryClasses>
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
}
+ OvmfPkg/CocoDxe/CocoDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

#
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 4658e1d30e..3717ec9094 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -302,6 +302,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf


diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
new file mode 100644
index 0000000000..ae64fbf28e
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -0,0 +1,140 @@
+/** @file
+
+ Confidential Compute Dxe driver. This driver installs protocols that are
+ generic over confidential compute techonology.
+
+ Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/MemEncryptSevLib.h>
+#include <Library/MemEncryptTdxLib.h>
+#include <Protocol/ExitBootServicesCallback.h>
+#include <Protocol/MemoryAccept.h>
+
+STATIC BOOLEAN mAcceptAllUnacceptedMemoryEnabled = TRUE;
+
+STATIC EFI_EVENT mAcceptAllUnacceptedMemoryEvent = NULL;
+
+STATIC
+EFI_STATUS
+AcceptAllUnacceptedMemory (
+ IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory
+ )
+{
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;
+ UINTN NumEntries;
+ UINTN Index;
+ EFI_STATUS Status;
+
+ DEBUG ((DEBUG_INFO, "Accepting all memory\n"));
+ /*
+ * Get a copy of the memory space map to iterate over while
+ * changing the map.
+ */
+ Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ for (Index = 0; Index < NumEntries; Index++) {
+ CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;
+
+ Desc = &AllDescMap[Index];
+ if (Desc->GcdMemoryType != EfiGcdMemoryTypeUnaccepted) {
+ continue;
+ }
+
+ Status = AcceptMemory->AcceptMemory (
+ AcceptMemory,
+ Desc->BaseAddress,
+ Desc->Length
+ );
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+
+ Status = gDS->RemoveMemorySpace(Desc->BaseAddress, Desc->Length);
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+
+ Status = gDS->AddMemorySpace (
+ EfiGcdMemoryTypeSystemMemory,
+ Desc->BaseAddress,
+ Desc->Length,
+ EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP
+ );
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+ }
+
+ gBS->FreePool (AllDescMap);
+ return Status;
+}
+
+VOID
+EFIAPI
+ResolveUnacceptedMemory (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory;
+ EFI_STATUS Status;
+
+ if (!mAcceptAllUnacceptedMemoryEnabled) {
+ return;
+ }
+
+ Status = gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL,
+ (VOID **)&AcceptMemory);
+ if (Status == EFI_NOT_FOUND) {
+ return;
+ }
+ ASSERT_EFI_ERROR (Status);
+
+ Status = AcceptAllUnacceptedMemory(AcceptMemory);
+ ASSERT_EFI_ERROR (Status);
+}
+
+EFI_STATUS
+EFIAPI
+CocoDxeEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Do nothing when confidential compute technologies that require memory
+ // acceptance are not enabled.
+ //
+ if (!MemEncryptSevSnpIsEnabled () &&
+ !MemEncryptTdxIsEnabled ()) {
+ return EFI_UNSUPPORTED;
+ }
+
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ ResolveUnacceptedMemory,
+ NULL,
+ &gEfiEventBeforeExitBootServicesGuid,
+ &mAcceptAllUnacceptedMemoryEvent
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for EventBeforeExitBootServices failed.\n"));
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
new file mode 100644
index 0000000000..3bbb5fc9cc
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -0,0 +1,45 @@
+#/** @file
+#
+# Driver installs shared protocols needed for confidential compute
+# technologies.
+#
+# Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#**/
+
+[Defines]
+ INF_VERSION = 1.25
+ BASE_NAME = CocoDxe
+ FILE_GUID = 08162f1e-5147-4d3e-b5a9-fa48c9808419
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = CocoDxeEntryPoint
+
+[Sources]
+ CocoDxe.c
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ DebugLib
+ DxeServicesTableLib
+ MemEncryptSevLib
+ MemEncryptTdxLib
+ MemoryAllocationLib
+ UefiDriverEntryPoint
+
+[Depex]
+ TRUE
+
+[Guids]
+ gEfiEventBeforeExitBootServicesGuid
+
+[Protocols]
+ gEfiMemoryAcceptProtocolGuid
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index c0c1a15b09..8136d50eb2 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -753,6 +753,7 @@
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

OvmfPkg/TdxDxe/TdxDxe.inf
+ OvmfPkg/CocoDxe/CocoDxe.inf

#
# Variable driver stack (non-SMM)
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
index 6923eb8831..e612608c0c 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
@@ -269,6 +269,7 @@ INF ShellPkg/Application/Shell/Shell.inf
INF MdeModulePkg/Logo/LogoDxe.inf

INF OvmfPkg/TdxDxe/TdxDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf

#
# Usb Support
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index af566b953f..2cfb3fbc6b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -965,6 +965,7 @@
<LibraryClasses>
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
}
+ OvmfPkg/CocoDxe/CocoDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 80de4fa2c0..2ab7f3b95b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -343,6 +343,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f39d9cd117..3ead476b61 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1036,6 +1036,7 @@
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

OvmfPkg/TdxDxe/TdxDxe.inf
+ OvmfPkg/CocoDxe/CocoDxe.inf

!if $(SMM_REQUIRE) == TRUE
OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index c0f5a1ef3c..5dd452f42b 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -370,6 +370,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
--
2.38.0.rc1.362.ged0d419d3c-goog

Location of notification is has been specified in UEFI v2.9.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>
Cc: Ray Ni <ray.ni@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++
2 files changed, 7 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
index e4bca89577..35d5bf0dee 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -100,6 +100,7 @@
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
+ gEfiEventBeforeExitBootServicesGuid
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 5733f0c8ec..4683016ed7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -763,6 +763,12 @@ CoreExitBootServices (
{
EFI_STATUS Status;

+ //
+ // Notify other drivers of their last chance to use boot services
+ // before the memory map is terminated.
+ //
+ CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid);
+
//
// Disable Timer
//
--
2.38.0.rc1.362.ged0d419d3c-goog

Event group as defined in UEFI standard v2.9.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdePkg/Include/Guid/EventGroup.h | 5 +++++
MdePkg/MdePkg.dec | 5 ++++-
2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Guid/EventGroup.h b/MdePkg/Include/Guid/EventGroup.h
index 063d1f7157..64bfd4bab9 100644
--- a/MdePkg/Include/Guid/EventGroup.h
+++ b/MdePkg/Include/Guid/EventGroup.h
@@ -14,6 +14,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

extern EFI_GUID gEfiEventExitBootServicesGuid;

+#define EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES \
+ { 0x8be0e274, 0x3970, 0x4b44, { 0x80, 0xc5, 0x1a, 0xb9, 0x50, 0x2f, 0x3b, 0xfc } }
+
+extern EFI_GUID gEfiEventBeforeExitBootServicesGuid;
+
#define EFI_EVENT_GROUP_VIRTUAL_ADDRESS_CHANGE \
{ 0x13fa7698, 0xc831, 0x49c7, { 0x87, 0xea, 0x8f, 0x43, 0xfc, 0xc2, 0x51, 0x96 } }

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index de3c56758b..32c3501e66 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -408,7 +408,10 @@
gEfiEventMemoryMapChangeGuid = { 0x78BEE926, 0x692F, 0x48FD, { 0x9E, 0xDB, 0x01, 0x42, 0x2E, 0xF0, 0xD7, 0xAB }}

## Include/Guid/EventGroup.h
- gEfiEventVirtualAddressChangeGuid = { 0x13FA7698, 0xC831, 0x49C7, { 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }}
+ gEfiEventVirtualAddressChangeGuid = { 0x13FA7698, 0xC831, 0x49C7, { 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }}
+
+ ## Include/Guid/EventGroup.h
+ gEfiEventBeforeExitBootServicesGuid = { 0x8BE0E274, 0x3970, 0x4B44, { 0x80, 0xC5, 0x1A, 0xB9, 0x50, 0x2F, 0x3B, 0xFC }}

## Include/Guid/EventGroup.h
gEfiEventExitBootServicesGuid = { 0x27ABF055, 0xB1B8, 0x4C26, { 0x80, 0x48, 0x74, 0x8F, 0x37, 0xBA, 0xA2, 0xDF }}
--
2.38.0.rc1.362.ged0d419d3c-goog

From: Sophia Wolf <phiawolf@...>

When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.

EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++++++++++++++--
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 +++++++--
3 files changed, 74 insertions(+), 8 deletions(-)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..5f68a56315 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
#include <Library/UefiBootServicesTableLib.h>
#include <Guid/ConfidentialComputingSevSnpBlob.h>
#include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>

STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
SIGNATURE_32 ('A', 'M', 'D', 'E'),
@@ -31,6 +32,40 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
FixedPcdGet32 (PcdOvmfCpuidSize),
};

+STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
+
+#define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) == 0))
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+ IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+ IN EFI_PHYSICAL_ADDRESS StartAddress,
+ IN UINTN Size
+)
+{
+ //
+ // The StartAddress must be page-aligned, and the Size must be a positive
+ // multiple of SIZE_4KB. Use an assert instead of returning an erros since
+ // this is an EDK2-internal protocol.
+ //
+ ASSERT (IS_ALIGNED (StartAddress, SIZE_4KB));
+ ASSERT (IS_ALIGNED (Size, SIZE_4KB));
+ ASSERT (Size != 0);
+
+ MemEncryptSevSnpPreValidateSystemRam (
+ StartAddress,
+ EFI_SIZE_TO_PAGES (Size)
+ );
+
+ return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
+ AmdSevMemoryAccept
+};
+
EFI_STATUS
EFIAPI
AmdSevDxeEntryPoint (
@@ -147,11 +182,23 @@ AmdSevDxeEntryPoint (
}
}

- //
- // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
- // It contains the location for both the Secrets and CPUID page.
- //
if (MemEncryptSevSnpIsEnabled ()) {
+ //
+ // Memory acceptance began being required in SEV-SNP, so install the
+ // memory accept protocol implementation for a SEV-SNP active guest.
+ //
+ Status = gBS->InstallProtocolInterface (
+ &mAmdSevDxeHandle,
+ &gEfiMemoryAcceptProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mMemoryAcceptProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
+ // It contains the location for both the Secrets and CPUID page.
+ //
return gBS->InstallConfigurationTable (
&gConfidentialComputingSevSnpBlobGuid,
&mSnpBootDxeTable
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize

+[Protocols]
+ gEfiMemoryAcceptProtocolGuid
+
[Guids]
gConfidentialComputingSevSnpBlobGuid

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index d3a95e4913..ee3710f7b3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
#include <Library/MemEncryptSevLib.h>

#include "SnpPageStateChange.h"
+#include "VirtualMemory.h"

/**
Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam (
IN UINTN NumPages
)
{
+ EFI_STATUS Status;
+
if (!MemEncryptSevSnpIsEnabled ()) {
return;
}

- //
- // All the pre-validation must be completed in the PEI phase.
- //
- ASSERT (FALSE);
+ // DXE pre-validation may happen with the memory accept protocol.
+ // The protocol should only be called outside the prevalidated ranges
+ // that the PEI stage code explicitly skips. Specifically, only memory
+ // ranges that are classified as unaccepted.
+ if (BaseAddress >= SIZE_4GB) {
+ Status = InternalMemEncryptSevCreateIdentityMap1G (
+ 0,
+ BaseAddress,
+ EFI_PAGES_TO_SIZE (NumPages)
+ );
+ if (EFI_ERROR (Status)) {
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+ }
+ }
+
+ InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
}
--
2.38.0.rc1.362.ged0d419d3c-goog

These seven patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

We implement a standardized event group from UEFI v2.9,
EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES, since it provides exactly
the right invocation point for eagerly accepting memory if eager
acceptance has not been disabled.

To make use of this event group, we add a new driver that is meant to
carry behavior that is needed for all confidential compute technologies,
not just specific platforms, CocoDxe. In CocoDxe we implement the
default safe behavior to accept all unaccepted memory and invalidate
the MemoryMap on ExitBootServices.

To allow the OS loader to prevent the eager acceptance, we add a new
protocol, up for standardization, AcceptAllUnacceptedMemoryProtocol.
This protocol has one interface, Disable(). The OS loader can inform the
UEFI that it supports the unaccepted memory type and accepts the
responsibility to accept it.

All images that support unaccepted memory must now locate and call this
new BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL and call the Disable
function.

Changes since v6:
- Added implementation of EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES.
- Changed callback protocol of v5 to instead use the standardized event
group for before_exit_boot_services.

Changes since v5:
- Generic callback protocol moved to MdeModulePkg
- Removed use of EFI_WARN_STALE_DATA and added comment that the callback
should only return EFI_SUCCESS or EFI_INVALID_PARAMETER.
- Removed errant log statement and fixed formatting.

Changes since v4:
- Commit message wording
- Replaced direct change to DxeMain with a more generic callback
protocol.
- Implemented the direct change as an instance of the callback protocol
from a new CocoDxe driver.
- Replaced "enable" protocol with a "disable" protocol, since the name
was confusing. The AcceptAllUnacceptedMemory protocol directly names
the behavior that is disabling.

Changes since v3:
- "DxeMain accepts all memory" patch split into 3 to make each patch
affect only one package at a time.

Changes since v2:
- Removed the redundant memory accept interface and added the accept
behavior to the DXE implementation of
MemEncryptSevSnpPreValidateSystemRam.
- Fixed missing #include in >=4GB patch.

Changes since v1:
- Added a patch to classify SEV-SNP memory above 4GB unaccepted.
- Fixed style problems in EfiMemoryAcceptProtocol implementation.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>

Dionna Glaze (7):
OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID
MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices
OvmfPkg: Introduce CocoDxe driver
MdePkg: Introduce the AcceptAllUnacceptedMemory protocol
OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe
OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 +
MdePkg/Include/Guid/EventGroup.h | 5 +
MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 +++++
MdePkg/MdePkg.dec | 8 +-
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++-
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 +
OvmfPkg/CocoDxe/CocoDxe.c | 165 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 46 ++++++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 +
OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/OvmfPkgX64.fdf | 1 +
OvmfPkg/PlatformPei/AmdSev.c | 5 +
19 files changed, 357 insertions(+), 9 deletions(-)
create mode 100644 MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
create mode 100644 OvmfPkg/CocoDxe/CocoDxe.c
create mode 100644 OvmfPkg/CocoDxe/CocoDxe.inf

--
2.38.0.rc1.362.ged0d419d3c-goog