OvmfPkg/PlatformPei: SEV-SNP make >=4GB unaccepted

Instead of eagerly accepting all memory in PEI, only accept memory under
the 4GB address. This allows a loaded image to use the
MEMORY_ACCEPTANCE_PROTOCOL to disable the accept behavior and indicate
that it can interpret the memory type accordingly.

This classification is safe since ExitBootServices will accept and
reclassify the memory as conventional if the disable protocol is not
used.

Cc: Ard Biescheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

1 files changed, 6 insertions, 0 deletions

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e4e7b72e67..e6b602d79a 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,7 @@
 #include <Library/MemEncryptSevLib.h>

 #include <Library/MemoryAllocationLib.h>

 #include <Library/PcdLib.h>

+#include <Pi/PrePiHob.h>

 #include <PiPei.h>

 #include <Register/Amd/Msr.h>

 #include <Register/Intel/SmramSaveStateMap.h>

@@ -65,6 +66,11 @@ AmdSevSnpInitialize (
       ResourceHob = Hob.ResourceDescriptor;

 

       if (ResourceHob->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY) {

+        if (ResourceHob->PhysicalStart >= SIZE_4GB) {

+          ResourceHob->ResourceType = BZ3937_EFI_RESOURCE_MEMORY_UNACCEPTED;

+          continue;

+        }

+

         MemEncryptSevSnpPreValidateSystemRam (

           ResourceHob->PhysicalStart,

           EFI_SIZE_TO_PAGES ((UINTN)ResourceHob->ResourceLength)