OvmfPkg: Implement AcceptAllUnacceptedMemory in AmdSevDxe

This protocol implementation disables the accept-all-memory behavior of the BeforeExitBootServices event this driver adds. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb@kernel.org> Cc: "Min M. Xu" <min.m.xu@intel.com> Cc: Andrew Fish <afish@apple.com> Cc: "Michael D. Kinney" <michael.d.kinney@intel.com> Signed-off-by: Dionna Glaze <dionnaglaze@google.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
2025-07-28 08:04:07 +02:00 · 2023-01-26 21:17:39 +00:00 · 2023-01-26 21:17:39 +00:00 · 466d8f65e3
commit 466d8f65e3
parent 26847fb6be
2 changed files with 22 additions and 3 deletions
--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c
@ -21,6 +21,7 @@
 #include <Guid/ConfidentialComputingSevSnpBlob.h>
 #include <Library/PcdLib.h>
 #include <Pi/PrePiDxeCis.h>
+#include <Protocol/SevMemoryAcceptance.h>
 #include <Protocol/MemoryAccept.h>

 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
@ -143,6 +144,21 @@ ResolveUnacceptedMemory (
  ASSERT_EFI_ERROR (Status);
 }

+STATIC
+EFI_STATUS
+EFIAPI
+AllowUnacceptedMemory (
+  IN  OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL  *This
+  )
+{
+  mAcceptAllMemoryAtEBS = FALSE;
+  return EFI_SUCCESS;
+}
+
+STATIC
+OVMF_SEV_MEMORY_ACCEPTANCE_PROTOCOL
+  mMemoryAcceptanceProtocol = { AllowUnacceptedMemory };
+
 STATIC EDKII_MEMORY_ACCEPT_PROTOCOL  mMemoryAcceptProtocol = {
  AmdSevMemoryAccept
 };
@ -268,11 +284,13 @@ AmdSevDxeEntryPoint (
    // Memory acceptance began being required in SEV-SNP, so install the
    // memory accept protocol implementation for a SEV-SNP active guest.
    //
-    Status = gBS->InstallProtocolInterface (
+    Status = gBS->InstallMultipleProtocolInterfaces (
                    &mAmdSevDxeHandle,
                    &gEdkiiMemoryAcceptProtocolGuid,
-                    EFI_NATIVE_INTERFACE,
-                    &mMemoryAcceptProtocol
+                    &mMemoryAcceptProtocol,
+                    &gOvmfSevMemoryAcceptanceProtocolGuid,
+                    &mMemoryAcceptanceProtocol,
+                    NULL
                    );
    ASSERT_EFI_ERROR (Status);

--- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf
@ -49,6 +49,7 @@

 [Protocols]
  gEdkiiMemoryAcceptProtocolGuid
+  gOvmfSevMemoryAcceptanceProtocolGuid

 [Guids]
  gConfidentialComputingSevSnpBlobGuid