Re: [PATCH v2 4/5] OvmfPkg: raise max variable size (auth & non-auth) to 33KB for FD_SIZE_4MB

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Jordan Justen <jordan.l.justen@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
	edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Gary Ching-Pang Lin <glin@suse.com>
Subject: Re: [PATCH v2 4/5] OvmfPkg: raise max variable size (auth & non-auth) to 33KB for FD_SIZE_4MB
Date: Thu, 04 May 2017 09:36:10 -0700	[thread overview]
Message-ID: <149391577010.7999.17667669342464390958@jljusten-skl.jf.intel.com> (raw)
In-Reply-To: <20170503213947.32290-5-lersek@redhat.com>

On 2017-05-03 14:39:46, Laszlo Ersek wrote:
> The "ConfirmSetOfLargeVariable" test case of the Secure Boot Logo Test
> ("Microsoft.UefiSecureBootLogo.Tests") suite in the Microsoft Hardware
> Certification Kit sets a 32 KB large non-authenticated variable.

According to
http://www.uefi.org/sites/default/files/resources/UEFI_Plugfest_Security_Microsoft_Fall_2016.pdf

"The maximum supported variable size must be at least 64kB"

Should we just bump the size to match this? We should be able to make
this change later once it is in a test/spec, but for some reason I
thought the requirement was already 64k.

Aside from this question:

Series Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>

> In the FD_SIZE_4MB build, our live varstore is now 256 KB big, so we can
> accommodate this. Set both PcdMaxVariableSize and PcdMaxAuthVariableSize
> to 0x8400 -- beyond DataSize=0x8000 from the HCK test, we need some room
> for the variable name and attributes as well.
> 
> Cc: Gary Ching-Pang Lin <glin@suse.com>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Laszlo Ersek <lersek@redhat.com>
> ---
> 
> Notes:
>     v2:
>     - adjust to FD_SIZE_IN_KB
>     - update commit msg to state 256 KB for the varstore [Jordan]
> 
>  OvmfPkg/OvmfPkgIa32.dsc    | 6 ++++++
>  OvmfPkg/OvmfPkgIa32X64.dsc | 6 ++++++
>  OvmfPkg/OvmfPkgX64.dsc     | 6 ++++++
>  3 files changed, 18 insertions(+)
> 
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index 26b807dde9fa..e0779ddaa426 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -404,28 +404,34 @@ [PcdsFeatureFlag]
>    gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
>  !endif
>  !if $(SMM_REQUIRE) == TRUE
>    gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection|FALSE
>  !endif
>  
>  [PcdsFixedAtBuild]
>    gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1
>    gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE
>    gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
> +!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
> +!endif
> +!if $(FD_SIZE_IN_KB) == 4096
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
> +!endif
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
>  
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
>  
>    gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
>  
>    # DEBUG_INIT      0x00000001  // Initialization
>    # DEBUG_WARN      0x00000002  // Warnings
>    # DEBUG_LOAD      0x00000004  // Load events
>    # DEBUG_FS        0x00000008  // EFI File system
>    # DEBUG_POOL      0x00000010  // Alloc & Free (pool)
>    # DEBUG_PAGE      0x00000020  // Alloc & Free (page)
>    # DEBUG_INFO      0x00000040  // Informational debug messages
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index 41f06a6b6a66..bbe26e2cf452 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -409,28 +409,34 @@ [PcdsFeatureFlag]
>    gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
>  !endif
>  !if $(SMM_REQUIRE) == TRUE
>    gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection|FALSE
>  !endif
>  
>  [PcdsFixedAtBuild]
>    gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1
>    gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE
>    gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
> +!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
> +!endif
> +!if $(FD_SIZE_IN_KB) == 4096
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
> +!endif
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
>  
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
>  
>    gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
>  
>    # DEBUG_INIT      0x00000001  // Initialization
>    # DEBUG_WARN      0x00000002  // Warnings
>    # DEBUG_LOAD      0x00000004  // Load events
>    # DEBUG_FS        0x00000008  // EFI File system
>    # DEBUG_POOL      0x00000010  // Alloc & Free (pool)
>    # DEBUG_PAGE      0x00000020  // Alloc & Free (page)
>    # DEBUG_INFO      0x00000040  // Informational debug messages
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index 053c84b685c5..ff795815f65f 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -409,28 +409,34 @@ [PcdsFeatureFlag]
>    gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|TRUE
>  !endif
>  !if $(SMM_REQUIRE) == TRUE
>    gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|TRUE
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmEnableBspElection|FALSE
>  !endif
>  
>  [PcdsFixedAtBuild]
>    gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1
>    gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE
>    gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported|6
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxPeimPerFv|32
> +!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
>    gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
> +!endif
> +!if $(FD_SIZE_IN_KB) == 4096
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
> +!endif
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
>  
>    gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
>  
>    gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
>  
>    # DEBUG_INIT      0x00000001  // Initialization
>    # DEBUG_WARN      0x00000002  // Warnings
>    # DEBUG_LOAD      0x00000004  // Load events
>    # DEBUG_FS        0x00000008  // EFI File system
>    # DEBUG_POOL      0x00000010  // Alloc & Free (pool)
>    # DEBUG_PAGE      0x00000020  // Alloc & Free (page)
>    # DEBUG_INFO      0x00000040  // Informational debug messages
> -- 
> 2.9.3
> 
>

next prev parent reply	other threads:[~2017-05-04 16:36 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-03 21:39 [PATCH v2 0/5] OvmfPkg: add FD_SIZE_4MB for Windows HCK SB tests, and for future proofing Laszlo Ersek
2017-05-03 21:39 ` [PATCH v2 1/5] OvmfPkg: introduce the FD_SIZE_IN_KB macro / build flag Laszlo Ersek
2017-05-03 21:39 ` [PATCH v2 2/5] OvmfPkg/OvmfPkg.fdf.inc: extract VARS_LIVE_SIZE and VARS_SPARE_SIZE macros Laszlo Ersek
2017-05-03 21:39 ` [PATCH v2 3/5] OvmfPkg: introduce 4MB flash image (mainly) for Windows HCK Laszlo Ersek
2017-05-05  4:07   ` Laszlo Ersek
2017-05-05  8:57     ` Jordan Justen
2017-05-05 12:07       ` Laszlo Ersek
2017-05-05 15:43         ` Jordan Justen
2017-05-05 16:46           ` Laszlo Ersek
2017-05-03 21:39 ` [PATCH v2 4/5] OvmfPkg: raise max variable size (auth & non-auth) to 33KB for FD_SIZE_4MB Laszlo Ersek
2017-05-04 16:36   ` Jordan Justen [this message]
2017-05-04 16:52     ` Laszlo Ersek
2017-05-04 18:50       ` Jordan Justen
2017-05-04 19:27         ` Laszlo Ersek
2017-05-04 19:30           ` Laszlo Ersek
2017-05-04 23:00       ` Laszlo Ersek
2017-05-03 21:39 ` [PATCH v2 5/5] OvmfPkg: make the 4MB flash size the default Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=149391577010.7999.17667669342464390958@jljusten-skl.jf.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox