Date   

Re: 回复: [edk2-devel] [PATCH]Shell screen will show a redundant symbol after using Hexedit command under command line

 

 
HI GaoLiming,
     The redundant symbol is available after using Hexedit and Edit command in the shell.

I have tried these 2 commands. These changes are required for Hexedit and Edit commands only.

 I have tried the  edk2-edk2-stable202002 source Emulator64 environment. It will produce shell.efi application. Tried this application on the  MSI platform, and the redundant cursor symbol was available on the shell screen.
Thanks,
Sivaparvathi 

 


Re: 回复: [edk2-devel] 回复: [edk2-devel] [edk2] [PATCH]MdeModulePkg\scsi: Coverity scan flags multiple issues in edk2-stable202205

 

Hi gaoliming,
 
How can i create EDK2 pull request ?
Can you share the steps?
 
Thanks,
Sivaparvathi C
 


Re: [PATCH v7 00/19] Add Raw algorithm support using Arm FW-TRNG interface

PierreGondois
 

Hello,
Thanks Leif for the review on the ArmPkg patches.

In case the maintainers of the MdePkg/SecurityPkg want to have a look at the v7,
I'll wait a bit before sending a new version,

Regards,
Pierre

On 10/3/22 09:34, PierreGondois via groups.io wrote:
From: Pierre Gondois <pierre.gondois@...>
Bugzilla: Bug 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
The Arm True Random Number Generator Firmware, Interface 1.0, specification
defines an interface between an Operating System (OS) executing at EL1 and
Firmware (FW) exposing a conditioned entropy source that is provided by a
TRNG back end.
This patch-set:
- defines a TRNG library class that provides an interface to access the
entropy source on a platform.
- implements a TRNG library instance that uses the Arm FW-TRNG interface.
- Adds RawAlgorithm support to RngDxe for Arm architecture using the Arm
FW-TRNG interface.
- Enables RNG support using FW-TRNG interface for Kvmtool Guest/Virtual
firmware.
This patch-set is based on the v2 from Sami Mujawar:
[PATCH v2 0/8] Add Raw algorithm support using Arm FW-TRNG interface
v2:
https://edk2.groups.io/g/devel/message/83775
v3:
https://edk2.groups.io/g/devel/message/90845
https://github.com/PierreARM/edk2/tree/Arm_Trng_v3
v4:
https://github.com/PierreARM/edk2/tree/Arm_Trng_v4
v5:
https://github.com/PierreARM/edk2/tree/Arm_Trng_v5
v6:
https://github.com/PierreARM/edk2/tree/Arm_Trng_v6
v7:
https://github.com/PierreARM/edk2/tree/Arm_Trng_v7
v7:
- Removed Reviewed-by from Leif.
- Remove Sami's Signed-off.
V6:
- Added my signed-off on patches authored by Sami. [Leif]
- New patch to make it easier to add new libraries in alphabetical
order: ArmPkg: Sort HVC/SMC section alphbetically in ArmPkg.dsc [Leif]
- Renmaed ArmHvcNullLib to ArmHvcLibNull. [Leif]
- Added RISCV64 to the list of VALID_ARCHITECTURES for BaseTrngLibNull. [Leif]
- Removed unnecessary space in function parameter documentation
('[in, out]'). [Rebecca]
- Updated INF_VERSION to latest spec (1.29) for new libraries. [Rebecca]
- Dropped the following patches [Leif]:
- ArmPkg/ArmLib: Add ArmHasRngExt()
- ArmPkg/ArmLib: Add ArmReadIdIsar0() helper
- MdePkg/BaseRngLib: Rename ArmReadIdIsar0() to ArmGetFeatRng()
V5:
- Removed references in Trnglib.h to 'Special Publication'
800-90A and 800-90C, and only reference 'Arm True Random
Number Generator Firmware, Interface 1.0' in the Arm
implementation of the TrngLib. [Jiewen]
V4:
- Removed dependencies on ArmPkg and dropped patch:
[PATCH v3 12/22] SecurityPkg: Update Securitypkg.ci.yaml
[Jiewen]
- Use a dynamically allocated array to hold available algorithms.
The array is freed in a new UNLOAD_IMAGE function and
allocated in arch specific implementations of
GetAvailableAlgorithms(), available in AArch64/AArch64Algo.c
and Arm/ArmAlgo.c.
- Correctly reference gEfiRngAlgorithmSp80090Ctr256Guid
Guid by copying its address (add missing '&'). [Jiewen]
V3:
- Address Leif's comment (moving definitions, optimizations, ...)
- Add ArmMonitorLib to choose Hvc/Smc conduit depending on a Pcd.
- Re-factor some parts of SecurityPkg/RngDxe/ to ease the addition
of new algorithms.
- Add ArmHasRngExt() function to check Arm's FEAT_RNG extension.
V2:
- Updates TrngLib definitions to use RETURN_STATUS as the return type
from the interface functions as TrngLib is base type library.
- Drops the patch "MdePkg: Add definition for NULL GUID" as there is
already an equivalent definition provided by gZeroGuid. Thus, the
use of gNullGuid has been replaced with gZeroGuid.
Pierre Gondois (11):
ArmPkg/ArmMonitorLib: Definition for ArmMonitorLib library class
ArmPkg/ArmMonitorLib: Add ArmMonitorLib
ArmPkg: Sort HVC/SMC section alphbetically in ArmPkg.dsc
ArmPkg/ArmHvcLibNull: Add NULL instance of ArmHvcLib
SecurityPkg/RngDxe: Replace Pcd with Sp80090Ctr256Guid
SecurityPkg/RngDxe: Remove ArchGetSupportedRngAlgorithms()
SecurityPkg/RngDxe: Documentation/include/parameter cleanup
SecurityPkg/RngDxe: Check before advertising Cpu Rng algo
SecurityPkg/RngDxe: Add debug warning for NULL
PcdCpuRngSupportedAlgorithm
SecurityPkg/RngDxe: Rename AArch64/RngDxe.c
SecurityPkg/RngDxe: Add Arm support of RngDxe
Sami Mujawar (8):
ArmPkg: PCD to select conduit for monitor calls
MdePkg/TrngLib: Definition for TRNG library class interface
MdePkg/TrngLib: Add NULL instance of TRNG Library
ArmPkg: Add FID definitions for Firmware TRNG
ArmPkg/TrngLib: Add Arm Firmware TRNG library
SecurityPkg/RngDxe: Rename RdRandGenerateEntropy to generic name
SecurityPkg/RngDxe: Add AArch64 RawAlgorithm support through TrngLib
ArmVirtPkg: Kvmtool: Add RNG support using FW-TRNG interface
ArmPkg/ArmPkg.dec | 12 +-
ArmPkg/ArmPkg.dsc | 5 +-
ArmPkg/Include/IndustryStandard/ArmStdSmc.h | 109 ++++-
ArmPkg/Include/Library/ArmMonitorLib.h | 42 ++
ArmPkg/Library/ArmFwTrngLib/ArmFwTrngDefs.h | 50 +++
ArmPkg/Library/ArmFwTrngLib/ArmFwTrngLib.c | 388 ++++++++++++++++++
ArmPkg/Library/ArmFwTrngLib/ArmFwTrngLib.inf | 29 ++
ArmPkg/Library/ArmHvcLibNull/ArmHvcLibNull.c | 29 ++
.../Library/ArmHvcLibNull/ArmHvcLibNull.inf | 22 +
ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c | 34 ++
.../Library/ArmMonitorLib/ArmMonitorLib.inf | 29 ++
ArmVirtPkg/ArmVirtKvmTool.dsc | 10 +
ArmVirtPkg/ArmVirtKvmTool.fdf | 5 +
MdePkg/Include/Library/TrngLib.h | 103 +++++
.../Library/BaseTrngLibNull/BaseTrngLibNull.c | 117 ++++++
.../BaseTrngLibNull/BaseTrngLibNull.inf | 30 ++
.../BaseTrngLibNull/BaseTrngLibNull.uni | 12 +
MdePkg/MdePkg.dec | 5 +
MdePkg/MdePkg.dsc | 1 +
.../RngDxe/AArch64/AArch64Algo.c | 72 ++++
.../RngDxe/Arm/ArmAlgo.c | 51 +++
.../RngDxe/{AArch64/RngDxe.c => ArmRngDxe.c} | 81 +++-
.../RandomNumberGenerator/RngDxe/ArmTrng.c | 71 ++++
.../RngDxe/Rand/RdRand.c | 14 +-
.../RngDxe/Rand/RdRand.h | 43 --
.../RngDxe/Rand/RngDxe.c | 62 ++-
.../RandomNumberGenerator/RngDxe/RngDxe.c | 90 ++--
.../RandomNumberGenerator/RngDxe/RngDxe.inf | 18 +-
.../RngDxe/RngDxeInternals.h | 71 ++--
SecurityPkg/SecurityPkg.dsc | 5 +-
30 files changed, 1454 insertions(+), 156 deletions(-)
create mode 100644 ArmPkg/Include/Library/ArmMonitorLib.h
create mode 100644 ArmPkg/Library/ArmFwTrngLib/ArmFwTrngDefs.h
create mode 100644 ArmPkg/Library/ArmFwTrngLib/ArmFwTrngLib.c
create mode 100644 ArmPkg/Library/ArmFwTrngLib/ArmFwTrngLib.inf
create mode 100644 ArmPkg/Library/ArmHvcLibNull/ArmHvcLibNull.c
create mode 100644 ArmPkg/Library/ArmHvcLibNull/ArmHvcLibNull.inf
create mode 100644 ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c
create mode 100644 ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.inf
create mode 100644 MdePkg/Include/Library/TrngLib.h
create mode 100644 MdePkg/Library/BaseTrngLibNull/BaseTrngLibNull.c
create mode 100644 MdePkg/Library/BaseTrngLibNull/BaseTrngLibNull.inf
create mode 100644 MdePkg/Library/BaseTrngLibNull/BaseTrngLibNull.uni
create mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/AArch64/AArch64Algo.c
create mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/Arm/ArmAlgo.c
rename SecurityPkg/RandomNumberGenerator/RngDxe/{AArch64/RngDxe.c => ArmRngDxe.c} (64%)
create mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/ArmTrng.c
delete mode 100644 SecurityPkg/RandomNumberGenerator/RngDxe/Rand/RdRand.h


Re: [PATCH v4] UefiPayloadPkg: Remove deprecate Crypto Service

Lu, James
 

Reviewed-by: James Lu <james.lu@...>

-----Original Message-----
From: Guo, Gua <gua.guo@...>
Sent: Thursday, October 6, 2022 6:12 AM
To: devel@edk2.groups.io
Cc: Guo, Gua <gua.guo@...>; Dong, Guo <guo.dong@...>; Ni, Ray <ray.ni@...>; Lu, James <james.lu@...>
Subject: [PATCH v4] UefiPayloadPkg: Remove deprecate Crypto Service

From: Gua Guo <gua.guo@...>

REF : https://bugzilla.tianocore.org/show_bug.cgi?id=4096

TDES and ARC4 services are deprecated so set it as disable.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: James Lu <james.lu@...>
Signed-off-by: Gua Guo <gua.guo@...>
---
UefiPayloadPkg/UefiPayloadPkg.dsc | 2 --
1 file changed, 2 deletions(-)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 8f23802199..1150be6acd 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -459,12 +459,10 @@
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE

- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY

--
2.31.1.windows.1


[PATCH] edk2Platforms-Silicon:Add VAB FIT record types support in FitGen.c

Hv, Pavamana
 

Hi All,

Attached is the patch for the issue reported here.

https://bugzilla.tianocore.org/show_bug.cgi?id=4086

Request you all to please review and provide feedback.

Let me know if you need any more details from me.

 

Regards,

Pavamana

 


[PATCH v4] UefiPayloadPkg: Remove deprecate Crypto Service

Guo, Gua
 

From: Gua Guo <gua.guo@...>

REF : https://bugzilla.tianocore.org/show_bug.cgi?id=3D4096

TDES and ARC4 services are deprecated so set it as disable.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: James Lu <james.lu@...>
Signed-off-by: Gua Guo <gua.guo@...>
---
UefiPayloadPkg/UefiPayloadPkg.dsc | 2 --
1 file changed, 2 deletions(-)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayload=
Pkg.dsc
index 8f23802199..1150be6acd 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -459,12 +459,10 @@
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge=
tContextSize | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In=
it | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb=
cEncrypt | TRUE=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb=
cDecrypt | TRUE=0D
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family =
| PCD_CRYPTO_SERVICE_ENABLE_FAMILY=0D
--=20
2.31.1.windows.1


Re: [PATCH v7 7/7] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

Lendacky, Thomas
 

On 10/5/22 15:33, Dionna Glaze wrote:
Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and
indicate that it can interpret the memory type accordingly.
This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.
Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
Reviewed-by: Tom Lendacky <thomas.lendacky@...>

---


Re: [PATCH v7 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices

Dionna Glaze
 

Ard told me it should still work this way.
Let me clarify that I've also tested the new code and it does still work.


--
-Dionna Glaze, PhD (she/her)


Re: [PATCH v7 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices

Dionna Glaze
 

The specification says that disabling the timer should happen right
after. Ard told me it should still work this way.

On Wed, Oct 5, 2022 at 1:50 PM Tom Lendacky <thomas.lendacky@...> wrote:

On 10/5/22 15:33, Dionna Glaze wrote:
Location of notification is has been specified in UEFI v2.9.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>
Cc: Ray Ni <ray.ni@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++
2 files changed, 7 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
index e4bca89577..35d5bf0dee 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -100,6 +100,7 @@
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
+ gEfiEventBeforeExitBootServicesGuid
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 5733f0c8ec..4683016ed7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -763,6 +763,12 @@ CoreExitBootServices (
{
EFI_STATUS Status;

+ //
+ // Notify other drivers of their last chance to use boot services
+ // before the memory map is terminated.
+ //
+ CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid);
Isn't this supposed to be after disabling the timer?

Thanks,
Tom

+
//
// Disable Timer
//
--
-Dionna Glaze, PhD (she/her)


Re: [PATCH v7 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices

Lendacky, Thomas
 

On 10/5/22 15:33, Dionna Glaze wrote:
Location of notification is has been specified in UEFI v2.9.
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>
Cc: Ray Ni <ray.ni@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++
2 files changed, 7 insertions(+)
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
index e4bca89577..35d5bf0dee 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -100,6 +100,7 @@
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
+ gEfiEventBeforeExitBootServicesGuid
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 5733f0c8ec..4683016ed7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -763,6 +763,12 @@ CoreExitBootServices (
{
EFI_STATUS Status;
+ //
+ // Notify other drivers of their last chance to use boot services
+ // before the memory map is terminated.
+ //
+ CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid);
Isn't this supposed to be after disabling the timer?

Thanks,
Tom

+
//
// Disable Timer
//


Re: [PATCH v7 1/7] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe

Lendacky, Thomas
 

On 10/5/22 15:33, Dionna Glaze wrote:
From: Sophia Wolf <phiawolf@...>
When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.
EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
Reviewed-by: Tom Lendacky <thomas.lendacky@...>

---


[PATCH v7 7/7] OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

Dionna Glaze
 

Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL to disable the accept behavior and
indicate that it can interpret the memory type accordingly.

This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/PlatformPei/AmdSev.c | 5 +++++
1 file changed, 5 insertions(+)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 385562b44c..2a52d6f491 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,7 @@
#include <Library/MemEncryptSevLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Pi/PrePiHob.h>
#include <PiPei.h>
#include <Register/Amd/Msr.h>
#include <Register/Intel/SmramSaveStateMap.h>
@@ -63,6 +64,10 @@ AmdSevSnpInitialize (
for (Hob.Raw = GetHobList (); !END_OF_HOB_LIST (Hob); Hob.Raw = GET_NEXT_HOB (Hob)) {
if ((Hob.Raw != NULL) && (GET_HOB_TYPE (Hob) == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR)) {
ResourceHob = Hob.ResourceDescriptor;
+ if (ResourceHob->PhysicalStart >= SIZE_4GB) {
+ ResourceHob->ResourceType = EFI_RESOURCE_MEMORY_UNACCEPTED;
+ continue;
+ }

if (ResourceHob->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) {
MemEncryptSevSnpPreValidateSystemRam (
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 6/7] OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe

Dionna Glaze
 

This protocol implementation disables the accept-all-memory behavior
of the BeforeExitBootServices event this driver adds.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/CocoDxe/CocoDxe.c | 25 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 1 +
2 files changed, 26 insertions(+)

diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
index ae64fbf28e..a7c54b36a3 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.c
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -16,6 +16,7 @@
#include <Library/UefiBootServicesTableLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/MemEncryptTdxLib.h>
+#include <Protocol/Bz3987AcceptAllUnacceptedMemory.h>
#include <Protocol/ExitBootServicesCallback.h>
#include <Protocol/MemoryAccept.h>

@@ -105,6 +106,21 @@ ResolveUnacceptedMemory (
ASSERT_EFI_ERROR (Status);
}

+STATIC
+EFI_STATUS
+EFIAPI
+DisableAcceptAllUnacceptedMemory (
+ IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This
+ )
+{
+ mAcceptAllUnacceptedMemoryEnabled = FALSE;
+ return EFI_SUCCESS;
+}
+
+STATIC
+BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+mAcceptAllUnacceptedMemoryProtocol = {DisableAcceptAllUnacceptedMemory};
+
EFI_STATUS
EFIAPI
CocoDxeEntryPoint (
@@ -136,5 +152,14 @@ CocoDxeEntryPoint (
DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for EventBeforeExitBootServices failed.\n"));
}

+ Status = gBS->InstallProtocolInterface (&mCocoDxeHandle,
+ &gBz3987AcceptAllUnacceptedMemoryProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mAcceptAllUnacceptedMemoryProtocol
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Install Bz3987AcceptAllUnacceptedMemoryProtocol failed.\n"));
+ }
+
return EFI_SUCCESS;
}
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
index 3bbb5fc9cc..e24188147a 100644
--- a/OvmfPkg/CocoDxe/CocoDxe.inf
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -42,4 +42,5 @@
gEfiEventBeforeExitBootServicesGuid

[Protocols]
+ gBz3987AcceptAllUnacceptedMemoryProtocolGuid
gEfiMemoryAcceptProtocolGuid
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 5/7] MdePkg: Introduce the AcceptAllUnacceptedMemory protocol

Dionna Glaze
 

The default behavior for unaccepted memory is to accept all memory
when ExitBootServices is called. An OS loader can use this protocol to
Disable this behavior to assume responsibility for memory acceptance and
to affirm that the OS can handle the unaccepted memory type.

This is a candidate for standardization.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 ++++++++++++++++++++
MdePkg/MdePkg.dec | 3 ++
2 files changed, 43 insertions(+)

diff --git a/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h b/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
new file mode 100644
index 0000000000..e50831836c
--- /dev/null
+++ b/MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
@@ -0,0 +1,40 @@
+/** @file
+ The file provides the protocol that disables the behavior that all memory
+ gets accepted at ExitBootServices(). This protocol is only meant to be called
+ by the OS loader, and not EDK2 itself.
+
+ Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#ifndef _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+#define _ACCEPT_ALL_UNACCEPTED_MEMORY_H_
+
+#define BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL_GUID \
+ {0xc5a010fe, \
+ 0x38a7, \
+ 0x4531, \
+ {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49}}
+
+typedef struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL
+ BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL;
+
+/**
+ @param This A pointer to a BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY)(
+ IN BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL *This
+ );
+
+///
+/// The BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL allows the OS loader to
+/// indicate to EDK2 that ExitBootServices should not accept all memory.
+///
+struct _BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL {
+ BZ3987_DISABLE_ACCEPT_ALL_UNACCEPTED_MEMORY Disable;
+};
+
+extern EFI_GUID gBz3987AcceptAllUnacceptedMemoryProtocolGuid;
+
+#endif
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 32c3501e66..a453b67b7e 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -1022,6 +1022,9 @@
gEfiPeiDelayedDispatchPpiGuid = { 0x869c711d, 0x649c, 0x44fe, { 0x8b, 0x9e, 0x2c, 0xbb, 0x29, 0x11, 0xc3, 0xe6 }}

[Protocols]
+ ## Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
+ gBz3987AcceptAllUnacceptedMemoryProtocolGuid = { 0xc5a010fe, 0x38a7, 0x4531, {0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49 }}
+
## Include/Protocol/MemoryAccept.h
gEfiMemoryAcceptProtocolGuid = { 0x38c74800, 0x5590, 0x4db4, { 0xa0, 0xf3, 0x67, 0x5d, 0x9b, 0x8e, 0x80, 0x26 }}

--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 4/7] OvmfPkg: Introduce CocoDxe driver

Dionna Glaze
 

This driver is meant as a join point for all Confidential Compute
technologies to put shared behavior that doesn't belong anywhere else.

The first behavior added here is to accept all unaccepted memory at
ExitBootServices if the behavior is not disabled. This allows safe
upgrades for OS loaders to affirm their support for the unaccepted
memory type.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
OvmfPkg/CocoDxe/CocoDxe.c | 140 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 45 +++++++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 +
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/OvmfPkgX64.fdf | 1 +
10 files changed, 193 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 90e8a213ef..ad6b73ca4a 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -747,6 +747,7 @@
<LibraryClasses>
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
}
+ OvmfPkg/CocoDxe/CocoDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

#
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 4658e1d30e..3717ec9094 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -302,6 +302,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf


diff --git a/OvmfPkg/CocoDxe/CocoDxe.c b/OvmfPkg/CocoDxe/CocoDxe.c
new file mode 100644
index 0000000000..ae64fbf28e
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.c
@@ -0,0 +1,140 @@
+/** @file
+
+ Confidential Compute Dxe driver. This driver installs protocols that are
+ generic over confidential compute techonology.
+
+ Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/MemEncryptSevLib.h>
+#include <Library/MemEncryptTdxLib.h>
+#include <Protocol/ExitBootServicesCallback.h>
+#include <Protocol/MemoryAccept.h>
+
+STATIC BOOLEAN mAcceptAllUnacceptedMemoryEnabled = TRUE;
+
+STATIC EFI_EVENT mAcceptAllUnacceptedMemoryEvent = NULL;
+
+STATIC
+EFI_STATUS
+AcceptAllUnacceptedMemory (
+ IN EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory
+ )
+{
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;
+ UINTN NumEntries;
+ UINTN Index;
+ EFI_STATUS Status;
+
+ DEBUG ((DEBUG_INFO, "Accepting all memory\n"));
+ /*
+ * Get a copy of the memory space map to iterate over while
+ * changing the map.
+ */
+ Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ for (Index = 0; Index < NumEntries; Index++) {
+ CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;
+
+ Desc = &AllDescMap[Index];
+ if (Desc->GcdMemoryType != EfiGcdMemoryTypeUnaccepted) {
+ continue;
+ }
+
+ Status = AcceptMemory->AcceptMemory (
+ AcceptMemory,
+ Desc->BaseAddress,
+ Desc->Length
+ );
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+
+ Status = gDS->RemoveMemorySpace(Desc->BaseAddress, Desc->Length);
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+
+ Status = gDS->AddMemorySpace (
+ EfiGcdMemoryTypeSystemMemory,
+ Desc->BaseAddress,
+ Desc->Length,
+ EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_XP | EFI_MEMORY_RO | EFI_MEMORY_RP
+ );
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+ }
+
+ gBS->FreePool (AllDescMap);
+ return Status;
+}
+
+VOID
+EFIAPI
+ResolveUnacceptedMemory (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EFI_MEMORY_ACCEPT_PROTOCOL *AcceptMemory;
+ EFI_STATUS Status;
+
+ if (!mAcceptAllUnacceptedMemoryEnabled) {
+ return;
+ }
+
+ Status = gBS->LocateProtocol (&gEfiMemoryAcceptProtocolGuid, NULL,
+ (VOID **)&AcceptMemory);
+ if (Status == EFI_NOT_FOUND) {
+ return;
+ }
+ ASSERT_EFI_ERROR (Status);
+
+ Status = AcceptAllUnacceptedMemory(AcceptMemory);
+ ASSERT_EFI_ERROR (Status);
+}
+
+EFI_STATUS
+EFIAPI
+CocoDxeEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Do nothing when confidential compute technologies that require memory
+ // acceptance are not enabled.
+ //
+ if (!MemEncryptSevSnpIsEnabled () &&
+ !MemEncryptTdxIsEnabled ()) {
+ return EFI_UNSUPPORTED;
+ }
+
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ ResolveUnacceptedMemory,
+ NULL,
+ &gEfiEventBeforeExitBootServicesGuid,
+ &mAcceptAllUnacceptedMemoryEvent
+ );
+
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "AcceptAllUnacceptedMemory event creation for EventBeforeExitBootServices failed.\n"));
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/OvmfPkg/CocoDxe/CocoDxe.inf b/OvmfPkg/CocoDxe/CocoDxe.inf
new file mode 100644
index 0000000000..3bbb5fc9cc
--- /dev/null
+++ b/OvmfPkg/CocoDxe/CocoDxe.inf
@@ -0,0 +1,45 @@
+#/** @file
+#
+# Driver installs shared protocols needed for confidential compute
+# technologies.
+#
+# Copyright (c) 2022, Google LLC. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#**/
+
+[Defines]
+ INF_VERSION = 1.25
+ BASE_NAME = CocoDxe
+ FILE_GUID = 08162f1e-5147-4d3e-b5a9-fa48c9808419
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = CocoDxeEntryPoint
+
+[Sources]
+ CocoDxe.c
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ DebugLib
+ DxeServicesTableLib
+ MemEncryptSevLib
+ MemEncryptTdxLib
+ MemoryAllocationLib
+ UefiDriverEntryPoint
+
+[Depex]
+ TRUE
+
+[Guids]
+ gEfiEventBeforeExitBootServicesGuid
+
+[Protocols]
+ gEfiMemoryAcceptProtocolGuid
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index c0c1a15b09..8136d50eb2 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -753,6 +753,7 @@
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

OvmfPkg/TdxDxe/TdxDxe.inf
+ OvmfPkg/CocoDxe/CocoDxe.inf

#
# Variable driver stack (non-SMM)
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
index 6923eb8831..e612608c0c 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
@@ -269,6 +269,7 @@ INF ShellPkg/Application/Shell/Shell.inf
INF MdeModulePkg/Logo/LogoDxe.inf

INF OvmfPkg/TdxDxe/TdxDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf

#
# Usb Support
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index af566b953f..2cfb3fbc6b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -965,6 +965,7 @@
<LibraryClasses>
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
}
+ OvmfPkg/CocoDxe/CocoDxe.inf
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 80de4fa2c0..2ab7f3b95b 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -343,6 +343,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f39d9cd117..3ead476b61 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -1036,6 +1036,7 @@
OvmfPkg/IoMmuDxe/IoMmuDxe.inf

OvmfPkg/TdxDxe/TdxDxe.inf
+ OvmfPkg/CocoDxe/CocoDxe.inf

!if $(SMM_REQUIRE) == TRUE
OvmfPkg/SmmAccess/SmmAccess2Dxe.inf
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index c0f5a1ef3c..5dd452f42b 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -370,6 +370,7 @@ INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
INF OvmfPkg/PlatformDxe/Platform.inf
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/CocoDxe/CocoDxe.inf
INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf

!if $(SMM_REQUIRE) == TRUE
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 3/7] MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices

Dionna Glaze
 

Location of notification is has been specified in UEFI v2.9.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Ard Biesheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>
Cc: Ray Ni <ray.ni@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 ++++++
2 files changed, 7 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf b/MdeModulePkg/Core/Dxe/DxeMain.inf
index e4bca89577..35d5bf0dee 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -100,6 +100,7 @@
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
## CONSUMES ## Event
## PRODUCES ## Event
+ gEfiEventBeforeExitBootServicesGuid
gEfiEventExitBootServicesGuid
gEfiHobMemoryAllocModuleGuid ## SOMETIMES_CONSUMES ## HOB
gEfiFirmwareFileSystem2Guid ## CONSUMES ## GUID # Used to compare with FV's file system guid and get the FV's file system format
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 5733f0c8ec..4683016ed7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -763,6 +763,12 @@ CoreExitBootServices (
{
EFI_STATUS Status;

+ //
+ // Notify other drivers of their last chance to use boot services
+ // before the memory map is terminated.
+ //
+ CoreNotifySignalList (&gEfiEventBeforeExitBootServicesGuid);
+
//
// Disable Timer
//
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 2/7] MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID

Dionna Glaze
 

Event group as defined in UEFI standard v2.9.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
MdePkg/Include/Guid/EventGroup.h | 5 +++++
MdePkg/MdePkg.dec | 5 ++++-
2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Guid/EventGroup.h b/MdePkg/Include/Guid/EventGroup.h
index 063d1f7157..64bfd4bab9 100644
--- a/MdePkg/Include/Guid/EventGroup.h
+++ b/MdePkg/Include/Guid/EventGroup.h
@@ -14,6 +14,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

extern EFI_GUID gEfiEventExitBootServicesGuid;

+#define EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES \
+ { 0x8be0e274, 0x3970, 0x4b44, { 0x80, 0xc5, 0x1a, 0xb9, 0x50, 0x2f, 0x3b, 0xfc } }
+
+extern EFI_GUID gEfiEventBeforeExitBootServicesGuid;
+
#define EFI_EVENT_GROUP_VIRTUAL_ADDRESS_CHANGE \
{ 0x13fa7698, 0xc831, 0x49c7, { 0x87, 0xea, 0x8f, 0x43, 0xfc, 0xc2, 0x51, 0x96 } }

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index de3c56758b..32c3501e66 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -408,7 +408,10 @@
gEfiEventMemoryMapChangeGuid = { 0x78BEE926, 0x692F, 0x48FD, { 0x9E, 0xDB, 0x01, 0x42, 0x2E, 0xF0, 0xD7, 0xAB }}

## Include/Guid/EventGroup.h
- gEfiEventVirtualAddressChangeGuid = { 0x13FA7698, 0xC831, 0x49C7, { 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }}
+ gEfiEventVirtualAddressChangeGuid = { 0x13FA7698, 0xC831, 0x49C7, { 0x87, 0xEA, 0x8F, 0x43, 0xFC, 0xC2, 0x51, 0x96 }}
+
+ ## Include/Guid/EventGroup.h
+ gEfiEventBeforeExitBootServicesGuid = { 0x8BE0E274, 0x3970, 0x4B44, { 0x80, 0xC5, 0x1A, 0xB9, 0x50, 0x2F, 0x3B, 0xFC }}

## Include/Guid/EventGroup.h
gEfiEventExitBootServicesGuid = { 0x27ABF055, 0xB1B8, 0x4C26, { 0x80, 0x48, 0x74, 0x8F, 0x37, 0xBA, 0xA2, 0xDF }}
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 1/7] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe

Dionna Glaze
 

From: Sophia Wolf <phiawolf@...>

When a guest OS does not support unaccepted memory, the unaccepted
memory must be accepted before returning a memory map to the caller.

EfiMemoryAcceptProtocol is defined in MdePkg and is implemented /
Installed in AmdSevDxe for AMD SEV-SNP memory acceptance.

Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Dionna Glaze <dionnaglaze@...>
---
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++++++++++++++--
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++
OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 +++++++--
3 files changed, 74 insertions(+), 8 deletions(-)

diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
index 662d3c4ccb..5f68a56315 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@@ -20,6 +20,7 @@
#include <Library/UefiBootServicesTableLib.h>
#include <Guid/ConfidentialComputingSevSnpBlob.h>
#include <Library/PcdLib.h>
+#include <Protocol/MemoryAccept.h>

STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
SIGNATURE_32 ('A', 'M', 'D', 'E'),
@@ -31,6 +32,40 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {
FixedPcdGet32 (PcdOvmfCpuidSize),
};

+STATIC EFI_HANDLE mAmdSevDxeHandle = NULL;
+
+#define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) == 0))
+
+STATIC
+EFI_STATUS
+EFIAPI
+AmdSevMemoryAccept (
+ IN EFI_MEMORY_ACCEPT_PROTOCOL *This,
+ IN EFI_PHYSICAL_ADDRESS StartAddress,
+ IN UINTN Size
+)
+{
+ //
+ // The StartAddress must be page-aligned, and the Size must be a positive
+ // multiple of SIZE_4KB. Use an assert instead of returning an erros since
+ // this is an EDK2-internal protocol.
+ //
+ ASSERT (IS_ALIGNED (StartAddress, SIZE_4KB));
+ ASSERT (IS_ALIGNED (Size, SIZE_4KB));
+ ASSERT (Size != 0);
+
+ MemEncryptSevSnpPreValidateSystemRam (
+ StartAddress,
+ EFI_SIZE_TO_PAGES (Size)
+ );
+
+ return EFI_SUCCESS;
+}
+
+STATIC EFI_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = {
+ AmdSevMemoryAccept
+};
+
EFI_STATUS
EFIAPI
AmdSevDxeEntryPoint (
@@ -147,11 +182,23 @@ AmdSevDxeEntryPoint (
}
}

- //
- // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
- // It contains the location for both the Secrets and CPUID page.
- //
if (MemEncryptSevSnpIsEnabled ()) {
+ //
+ // Memory acceptance began being required in SEV-SNP, so install the
+ // memory accept protocol implementation for a SEV-SNP active guest.
+ //
+ Status = gBS->InstallProtocolInterface (
+ &mAmdSevDxeHandle,
+ &gEfiMemoryAcceptProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ &mMemoryAcceptProtocol
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
+ // It contains the location for both the Secrets and CPUID page.
+ //
return gBS->InstallConfigurationTable (
&gConfidentialComputingSevSnpBlobGuid,
&mSnpBootDxeTable
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
index 9acf860cf2..5ddddabc32 100644
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@@ -47,6 +47,9 @@
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize

+[Protocols]
+ gEfiMemoryAcceptProtocolGuid
+
[Guids]
gConfidentialComputingSevSnpBlobGuid

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index d3a95e4913..ee3710f7b3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -14,6 +14,7 @@
#include <Library/MemEncryptSevLib.h>

#include "SnpPageStateChange.h"
+#include "VirtualMemory.h"

/**
Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
@@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam (
IN UINTN NumPages
)
{
+ EFI_STATUS Status;
+
if (!MemEncryptSevSnpIsEnabled ()) {
return;
}

- //
- // All the pre-validation must be completed in the PEI phase.
- //
- ASSERT (FALSE);
+ // DXE pre-validation may happen with the memory accept protocol.
+ // The protocol should only be called outside the prevalidated ranges
+ // that the PEI stage code explicitly skips. Specifically, only memory
+ // ranges that are classified as unaccepted.
+ if (BaseAddress >= SIZE_4GB) {
+ Status = InternalMemEncryptSevCreateIdentityMap1G (
+ 0,
+ BaseAddress,
+ EFI_PAGES_TO_SIZE (NumPages)
+ );
+ if (EFI_ERROR (Status)) {
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+ }
+ }
+
+ InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
}
--
2.38.0.rc1.362.ged0d419d3c-goog


[PATCH v7 0/7] Add safe unaccepted memory behavior

Dionna Glaze
 

These seven patches build on the lazy-accept patch series

"Introduce Lazy-accept for Tdx guest"

by adding SEV-SNP support for the MemoryAccept protocol, and
importantly making eager memory acceptance the default behavior.

We implement a standardized event group from UEFI v2.9,
EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES, since it provides exactly
the right invocation point for eagerly accepting memory if eager
acceptance has not been disabled.

To make use of this event group, we add a new driver that is meant to
carry behavior that is needed for all confidential compute technologies,
not just specific platforms, CocoDxe. In CocoDxe we implement the
default safe behavior to accept all unaccepted memory and invalidate
the MemoryMap on ExitBootServices.

To allow the OS loader to prevent the eager acceptance, we add a new
protocol, up for standardization, AcceptAllUnacceptedMemoryProtocol.
This protocol has one interface, Disable(). The OS loader can inform the
UEFI that it supports the unaccepted memory type and accepts the
responsibility to accept it.

All images that support unaccepted memory must now locate and call this
new BZ3987_ACCEPT_ALL_UNACCEPTED_MEMORY_PROTOCOL and call the Disable
function.

Changes since v6:
- Added implementation of EFI_EVENT_GROUP_BEFORE_EXIT_BOOT_SERVICES.
- Changed callback protocol of v5 to instead use the standardized event
group for before_exit_boot_services.

Changes since v5:
- Generic callback protocol moved to MdeModulePkg
- Removed use of EFI_WARN_STALE_DATA and added comment that the callback
should only return EFI_SUCCESS or EFI_INVALID_PARAMETER.
- Removed errant log statement and fixed formatting.

Changes since v4:
- Commit message wording
- Replaced direct change to DxeMain with a more generic callback
protocol.
- Implemented the direct change as an instance of the callback protocol
from a new CocoDxe driver.
- Replaced "enable" protocol with a "disable" protocol, since the name
was confusing. The AcceptAllUnacceptedMemory protocol directly names
the behavior that is disabling.

Changes since v3:
- "DxeMain accepts all memory" patch split into 3 to make each patch
affect only one package at a time.

Changes since v2:
- Removed the redundant memory accept interface and added the accept
behavior to the DXE implementation of
MemEncryptSevSnpPreValidateSystemRam.
- Fixed missing #include in >=4GB patch.

Changes since v1:
- Added a patch to classify SEV-SNP memory above 4GB unaccepted.
- Fixed style problems in EfiMemoryAcceptProtocol implementation.

Cc: Ard Biescheuvel <ardb@...>
Cc: "Min M. Xu" <min.m.xu@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: James Bottomley <jejb@...>
Cc: Tom Lendacky <Thomas.Lendacky@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: Andrew Fish <afish@...>
Cc: "Michael D. Kinney" <michael.d.kinney@...>

Signed-off-by: Dionna Glaze <dionnaglaze@...>

Dionna Glaze (7):
OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe
MdePkg: Add EFI_EVENT_BEFORE_EXIT_BOOT_SERVICES_GUID
MdeModulePkg: Notify BeforeExitBootServices in CoreExitBootServices
OvmfPkg: Introduce CocoDxe driver
MdePkg: Introduce the AcceptAllUnacceptedMemory protocol
OvmfPkg: Implement AcceptAllUnacceptedMemory in CocoDxe
OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

MdeModulePkg/Core/Dxe/DxeMain.inf | 1 +
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 6 +
MdePkg/Include/Guid/EventGroup.h | 5 +
MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h | 40 +++++
MdePkg/MdePkg.dec | 8 +-
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++-
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 +
OvmfPkg/CocoDxe/CocoDxe.c | 165 ++++++++++++++++++++
OvmfPkg/CocoDxe/CocoDxe.inf | 46 ++++++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
OvmfPkg/IntelTdx/IntelTdxX64.fdf | 1 +
OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 ++-
OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
OvmfPkg/OvmfPkgIa32X64.fdf | 1 +
OvmfPkg/OvmfPkgX64.dsc | 1 +
OvmfPkg/OvmfPkgX64.fdf | 1 +
OvmfPkg/PlatformPei/AmdSev.c | 5 +
19 files changed, 357 insertions(+), 9 deletions(-)
create mode 100644 MdePkg/Include/Protocol/Bz3987AcceptAllUnacceptedMemory.h
create mode 100644 OvmfPkg/CocoDxe/CocoDxe.c
create mode 100644 OvmfPkg/CocoDxe/CocoDxe.inf

--
2.38.0.rc1.362.ged0d419d3c-goog


Re: Python368.efi failed to run in shell environment

Michael D Kinney
 

+JP

 

Mike

 

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yoshinoya
Sent: Wednesday, October 5, 2022 4:32 AM
To: devel@edk2.groups.io
Subject: [edk2-devel] Python368.efi failed to run in shell environment

 

Hi

I tried to run Python368.efi in shell environment.

but failed, the tips was;

Fatal Python error: Py_Initialize: can't initialize sys standard streams

 

Does anybody have ever met this error?

 

Python368.efi is a sample python app in AppPkg\Applications\Python\Python-3.6.8

 

Thanks