summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDionna Glaze <dionnaglaze@google.com>2023-01-26 21:17:40 +0000
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2023-01-26 23:00:51 +0000
commit0d129ef7c3a95d64f2f2cab4f8302318775f9933 (patch)
tree7013c3d7e4175f1014fc6c996dd2ad5294124681
parent466d8f65e3c7f748d52e7a0046a1f7c1febe5691 (diff)
downloadedk2-0d129ef7c3a95d64f2f2cab4f8302318775f9933.tar.gz
edk2-0d129ef7c3a95d64f2f2cab4f8302318775f9933.tar.bz2
edk2-0d129ef7c3a95d64f2f2cab4f8302318775f9933.zip
OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted
Instead of eagerly accepting all memory in PEI, only accept memory under the 4GB address. This allows a loaded image to use the MEMORY_ACCEPTANCE_PROTOCOL to disable the accept behavior and indicate that it can interpret the memory type accordingly. This classification is safe since ExitBootServices will accept and reclassify the memory as conventional if the disable protocol is not used. Cc: Ard Biescheuvel <ardb@kernel.org> Cc: "Min M. Xu" <min.m.xu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Tom Lendacky <Thomas.Lendacky@amd.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Erdem Aktas <erdemaktas@google.com> Signed-off-by: Dionna Glaze <dionnaglaze@google.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
-rw-r--r--OvmfPkg/PlatformPei/AmdSev.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e4e7b72e67..e6b602d79a 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,7 @@
#include <Library/MemEncryptSevLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Pi/PrePiHob.h>
#include <PiPei.h>
#include <Register/Amd/Msr.h>
#include <Register/Intel/SmramSaveStateMap.h>
@@ -65,6 +66,11 @@ AmdSevSnpInitialize (
ResourceHob = Hob.ResourceDescriptor;
if (ResourceHob->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) {
+ if (ResourceHob->PhysicalStart >= SIZE_4GB) {
+ ResourceHob->ResourceType = BZ3937_EFI_RESOURCE_MEMORY_UNACCEPTED;
+ continue;
+ }
+
MemEncryptSevSnpPreValidateSystemRam (
ResourceHob->PhysicalStart,
EFI_SIZE_TO_PAGES ((UINTN)ResourceHob->ResourceLength)