From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 83F14221786A3 for ; Thu, 30 Nov 2017 08:26:25 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7A729C04DBF3; Thu, 30 Nov 2017 16:30:50 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-19.rdu2.redhat.com [10.10.120.19]) by smtp.corp.redhat.com (Postfix) with ESMTP id 986035D9C7; Thu, 30 Nov 2017 16:30:48 +0000 (UTC) From: Laszlo Ersek To: edk2-devel-01 Cc: Anthony Perard , Ard Biesheuvel , Jordan Justen , Julien Grall Date: Thu, 30 Nov 2017 17:30:29 +0100 Message-Id: <20171130163029.19743-9-lersek@redhat.com> In-Reply-To: <20171130163029.19743-1-lersek@redhat.com> References: <20171130163029.19743-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 30 Nov 2017 16:30:50 +0000 (UTC) Subject: [PATCH v2 8/8] OvmfPkg/README: document MEM_VARSTORE_EMU_ENABLE and memmap defrag X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Nov 2017 16:26:25 -0000 Cc: Anthony Perard Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Julien Grall Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek --- OvmfPkg/README | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/OvmfPkg/README b/OvmfPkg/README index 00fb71848200..cdd8dbea7f18 100644 --- a/OvmfPkg/README +++ b/OvmfPkg/README @@ -68,13 +68,21 @@ https://github.com/tianocore/tianocore.github.io/wiki/How%20to%20build%20OVMF * Run qemu with: -pflash path/to/OVMF.fd * Note that this option is required for running SecureBoot-enabled builds (-D SECURE_BOOT_ENABLE). + * When a commitment to this option (i.e., -pflash) can be made, it is + recommended to build OVMF with -D MEM_VARSTORE_EMU_ENABLE=FALSE. Said + build setting enables UEFI memory map defragmentation across boots of the + virtual machine. - Option 2: Use QEMU -bios parameter * Note that UEFI variables will be partially emulated, and non-volatile variables may lose their contents after a reboot + * The build option -D MEM_VARSTORE_EMU_ENABLE=FALSE is incompatible with + the QEMU -bios option. * Run qemu with: -bios path/to/OVMF.fd - Option 3: Use QEMU -L parameter * Note that UEFI variables will be partially emulated, and non-volatile variables may lose their contents after a reboot + * The build option -D MEM_VARSTORE_EMU_ENABLE=FALSE is incompatible with + the QEMU -L option. * Either copy, rename or symlink OVMF.fd => bios.bin * Use the QEMU -L parameter to specify the directory where the bios.bin file is located. @@ -139,6 +147,8 @@ during boot (even in RELEASE builds). Both the naming of the flag (SMM_REQUIRE, instead of SMM_ENABLE), and this behavior are consistent with the goal described above: this is supposed to be a security feature, and fallbacks are not allowed. Similarly, a pflash-backed variable store is a requirement. +(Accordingly, SMM_REQUIRE automatically enables all benefits of +MEM_VARSTORE_EMU_ENABLE=FALSE). QEMU should be started with the options listed below (in addition to any other guest-specific flags). The command line should be gradually composed from the -- 2.14.1.3.gb7cf6e02401b