Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp1555206rwb;
        Fri, 13 Jan 2023 14:05:54 -0800 (PST)
X-Google-Smtp-Source: AMrXdXtUmlERn9P4WzkOimCmTnBwveG1Kg1DVO4U7I7lPWwPjVjzJl3ugGyA//iUkUJXcV06SdUB
X-Received: by 2002:a17:906:85d9:b0:842:1627:77b4 with SMTP id i25-20020a17090685d900b00842162777b4mr70790511ejy.3.1673647554238;
        Fri, 13 Jan 2023 14:05:54 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1673647554; cv=none;
        d=google.com; s=arc-20160816;
        b=qDlhBWmYvlAuZlCAj4/cR32lHbGMbL3NeefoY7dT5ZBLOHcTK68J7yrqPVHaTkGL4R
         8tk7xLbRyiscCooJOQUU7z6n459GRYGtIJHbE3s2+NcvYxLc5rCMoh6L66JoFJRaa3EX
         Te7YdzIwXX/QDMTyh9EgLE26WjAlvswVahhQl9q0zstG+Wd2mxa3cTmDY1GaaZjUdxQy
         STyPsZ3ClgKmQRBscXpORZ0n1uQCqf4jjnhYHV0aFM0L394inkzWNC4W6mH68rD9W8Tj
         pu4o9oPxBEUvLFLsNGZB8WtnzhTqcrKk21rg+Pcyx0/0M+fksnoubbkdX2zTyuTIKfpx
         3I0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date
         :dkim-signature;
        bh=L6JMs+vv0Y8b3m+JQom4X+Xtk6qATobid/EnFCyXyOM=;
        b=ysFWvtJ1VFVmq9xkq+PScjK4Q4EfyJVLlLuPeWfynpzqLlMV36Jbf5sY0hpPxRpYD7
         glR9pAJPNQ2LPJEquP9tiP2e6WZ82MvflIbmpO+vxqJyGta7eeCWO5qtUm/ZX49IODX/
         ca/GpWx31HFg0ZRcoHLyAsUDN1L1KFF5AJyaZt0pB+31seuPhXWe+UZPFDl9kGLnCIGe
         SgfXEDfhy4p3u++6iika8f86hjPn7VXnrLRpnn61HVnNI2U4ywFqTvZcOj/w3qUuv9Ug
         9P4malkiDK/43EnF3wPDyAssKmGDD2P5YZNW8euyGtN3ZXD1nqR5ZF8D0DRCVXvfrShu
         gm+Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=k5gES+OY;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id l24-20020aa7cad8000000b0048772a84504si9700728edt.591.2023.01.13.14.05.41;
        Fri, 13 Jan 2023 14:05:54 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=k5gES+OY;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230356AbjAMVbq (ORCPT <rfc822;aaronngray.lists@gmail.com>
        + 52 others); Fri, 13 Jan 2023 16:31:46 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36074 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230251AbjAMVbn (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 13 Jan 2023 16:31:43 -0500
Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDC55CFA
        for <linux-kernel@vger.kernel.org>; Fri, 13 Jan 2023 13:30:59 -0800 (PST)
Received: by mail-pj1-x104a.google.com with SMTP id q9-20020a17090a304900b00226e84c4880so9994331pjl.4
        for <linux-kernel@vger.kernel.org>; Fri, 13 Jan 2023 13:30:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject
         :date:message-id:reply-to;
        bh=L6JMs+vv0Y8b3m+JQom4X+Xtk6qATobid/EnFCyXyOM=;
        b=k5gES+OYQ33yZJbqj6EICTT/1+3F+ewBr5o1mDRPJcxeYe4eyVjUNmgTMOfEi3ctVr
         l0yIbSuHeQo8DfUsgXRVGzSkAk0q72JNEUFMPoCERObxULD6UJ2BRE6Yt6k6Xw/M5N5S
         l9tDBXC7w+uByJ9jNhqliIS2ClP1y5k87kuJuxSe5Ky4uAdQD9kZUrqf/7i2vZACwa3u
         HrvoVYADmB4zoxyqPhHeFYovU5pm2y+UkRKEdEC3ugzXzDZrNmXDJ4BUKJORoWJ/O1fn
         4RFyJRPKXg9cTuvGoOhWM5F55GbMoLk5OgD0XUXT3Ol/QKQ4boyd6yMIfurFY6yMEjia
         Olrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=L6JMs+vv0Y8b3m+JQom4X+Xtk6qATobid/EnFCyXyOM=;
        b=3agwKO/CddhsbIgPviAMUTUFkqYp/E9h99TAZLAdfx6y3v3ODIB0GCCWpGdB6a8wUI
         SxiFCmbed83sDBnxQOQF7Ya3oWNEZuisNuaeyQOJf4d9oSRwLAd9nHYiq1eXoysXsN7T
         qWvAzhrzJpkvJfFS/al9xm1C6jLjf5NslRFDl746UXy7/OOQGulhbhMK0vmGD7dhOq5k
         9W5DL+hHlhrVwcUKhRrIS8mOMl8bkySBsnO2bjZ7l4XxKTQzozlu9cPSKrp0SCDu0jwX
         sT7ca6tHYXsZ8RWsgwEcxA9cC2uXmuZi0VVVFxvmOoaNBOSt7xKZiXWJ7+4DihxSZlOZ
         gseg==
X-Gm-Message-State: AFqh2kq0H4Hs0O4TiebvujJNFks0woa+U8iyjq/+/lK68S+D6FqlJv6U
        9W4oz5QoxjVr8c53gayYI1keTDJ+9HdPoFg1z0oeE1fS85YajwQrxKck1mAH85wUmXdAIoOfZm9
        vuNvoPzHcWMSzWgF2ZwWz+z/i1zwYcwiW7dXyDIib0z3Ia8lNO/mOKqVcykpAMcysMYaZj/kInQ
        xH5yMKCxI=
X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6])
 (user=dionnaglaze job=sendgmr) by 2002:a17:90b:4ac5:b0:229:36cd:4ab8 with
 SMTP id mh5-20020a17090b4ac500b0022936cd4ab8mr227511pjb.114.1673645459173;
 Fri, 13 Jan 2023 13:30:59 -0800 (PST)
Date:   Fri, 13 Jan 2023 21:29:26 +0000
Mime-Version: 1.0
X-Mailer: git-send-email 2.39.0.314.g84b9a713c41-goog
Message-ID: <20230113212926.2904735-1-dionnaglaze@google.com>
Subject: [PATCH v2] x86/efi: Safely enable unaccepted memory in UEFI
From:   Dionna Glaze <dionnaglaze@google.com>
To:     linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
        x86@kernel.org
Cc:     jiewen.yao@intel.com, devel@edk2.groups.io,
        Dionna Glaze <dionnaglaze@google.com>,
        Ard Biescheuvel <ardb@kernel.org>,
        "Min M. Xu" <min.m.xu@intel.org>,
        Gerd Hoffmann <kraxel@redhat.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Tom Lendacky <Thomas.Lendacky@amd.com>,
        Erdem Aktas <erdemaktas@google.com>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

This patch depends on Kirill A. Shutemov's series

[PATCHv8 00/14] mm, x86/cc: Implement support for unaccepted memory

The UEFI v2.9 specification includes a new memory type to be used in
environments where the OS must accept memory that is provided from its
host. Before the introduction of this memory type, all memory was
accepted eagerly in the firmware. In order for the firmware to safely
stop accepting memory on the OS's behalf, the OS must affirmatively
indicate support to the firmware.

Enabling unaccepted memory requires calling a 0-argument enablement
protocol before ExitBootServices. This call is only made if the kernel
is compiled with UNACCEPTED_MEMORY=y

The naming of the protocol guid is dependent on the standardization of
the protocol, which is being discussed. Acceptance is contingent on
the kernel community's approval.

Cc: Ard Biescheuvel <ardb@kernel.org>
Cc: "Min M. Xu" <min.m.xu@intel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>

Signed-off-by: Dionna Glaze <dionnaglaze@google.com>
---
 drivers/firmware/efi/libstub/x86-stub.c | 37 +++++++++++++++++++++++++
 include/linux/efi.h                     |  1 +
 2 files changed, 38 insertions(+)

diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
index a0bfd31358ba..abf31e5ade55 100644
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -26,6 +26,17 @@ const efi_dxe_services_table_t *efi_dxe_table;
 u32 image_offset __section(".data");
 static efi_loaded_image_t *image = NULL;
 
+typedef union memory_acceptance_protocol memory_acceptance_protocol_t;
+union memory_acceptance_protocol {
+	struct {
+		efi_status_t (__efiapi *allow_unaccepted_memory)(
+			memory_acceptance_protocol_t *);
+	};
+	struct {
+		u32 allow_unaccepted_memory;
+	} mixed_mode;
+};
+
 static efi_status_t
 preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom)
 {
@@ -310,6 +321,30 @@ setup_memory_protection(unsigned long image_base, unsigned long image_size)
 #endif
 }
 
+
+static void setup_unaccepted_memory(void)
+{
+	efi_guid_t mem_acceptance_proto = EFI_MEMORY_ACCEPTANCE_PROTOCOL_GUID;
+	memory_acceptance_protocol_t *proto;
+	efi_status_t status;
+
+	if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY))
+		return;
+
+	/*
+	 * Enable unaccepted memory before calling exit boot services in order
+	 * for the UEFI to not accept all memory on EBS.
+	 */
+	status = efi_bs_call(locate_protocol, &mem_acceptance_proto, NULL,
+			     (void **)&proto);
+	if (status != EFI_SUCCESS)
+		return;
+
+	status = efi_call_proto(proto, allow_unaccepted_memory);
+	if (status != EFI_SUCCESS)
+		efi_err("Memory acceptance protocol failed\n");
+}
+
 static const efi_char16_t apple[] = L"Apple";
 
 static void setup_quirks(struct boot_params *boot_params,
@@ -899,6 +934,8 @@ asmlinkage unsigned long efi_main(efi_handle_t handle,
 
 	setup_quirks(boot_params, bzimage_addr, buffer_end - buffer_start);
 
+	setup_unaccepted_memory();
+
 	status = exit_boot(boot_params, handle);
 	if (status != EFI_SUCCESS) {
 		efi_err("exit_boot() failed!\n");
diff --git a/include/linux/efi.h b/include/linux/efi.h
index 4b27519143f5..bfc0e4f2aba5 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -391,6 +391,7 @@ void efi_native_runtime_setup(void);
 #define EFI_RT_PROPERTIES_TABLE_GUID		EFI_GUID(0xeb66918a, 0x7eef, 0x402a,  0x84, 0x2e, 0x93, 0x1d, 0x21, 0xc3, 0x8a, 0xe9)
 #define EFI_DXE_SERVICES_TABLE_GUID		EFI_GUID(0x05ad34ba, 0x6f02, 0x4214,  0x95, 0x2e, 0x4d, 0xa0, 0x39, 0x8e, 0x2b, 0xb9)
 #define EFI_SMBIOS_PROTOCOL_GUID		EFI_GUID(0x03583ff6, 0xcb36, 0x4940,  0x94, 0x7e, 0xb9, 0xb3, 0x9f, 0x4a, 0xfa, 0xf7)
+#define EFI_MEMORY_ACCEPTANCE_PROTOCOL_GUID	EFI_GUID(0xc5a010fe, 0x38a7, 0x4531,  0x8a, 0x4a, 0x05, 0x00, 0xd2, 0xfd, 0x16, 0x49)
 
 #define EFI_IMAGE_SECURITY_DATABASE_GUID	EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
 #define EFI_SHIM_LOCK_GUID			EFI_GUID(0x605dab50, 0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
-- 
2.39.0.314.g84b9a713c41-goog