public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Andrew Fish" <afish@apple.com>
To: edk2-devel-groups-io <devel@edk2.groups.io>,
	dbautista@newmexicoconsortium.org
Cc: Gerd Hoffmann <kraxel@redhat.com>,
	ardb+tianocore@kernel.org, jiewen.yao@intel.com,
	Jordan Justen <jordan.l.justen@intel.com>
Subject: Re: [edk2-devel] OVMF: NV Variable Store Layout of Larger Build Targets
Date: Mon, 30 Aug 2021 14:14:04 -0700	[thread overview]
Message-ID: <4E81CC01-5890-46A2-BBF6-2B3820492F3A@apple.com> (raw)
In-Reply-To: <be424ba8-9c37-bda0-a21b-21f43c135fca@newmexicoconsortium.org>

[-- Attachment #1: Type: text/plain, Size: 2994 bytes --]



> On Aug 30, 2021, at 10:52 AM, Devon Bautista <dbautista@newmexicoconsortium.org> wrote:
> 
> Hi Gerd,
> 
>>> The current maximum image size of an OVMF image is 4MB, which is
>>> insufficient for storing even a minimal and compressed kernel and initramfs.
>>> To get around this, we've been maintaining our own fork of EDK2 that adds
>>> 8MiB and 16MiB OVMF build targets that have enough room in the DXE volume to
>>> store a reasonably-sized kernel and initramfs. However, it would be
>>> convenient if upstream EDK2 supported these larger OVMF targets.
>> I'm wondering whenever it makes sense to have the 8M option.  I think
>> I'd tend to go straight to 16M (which is the max size we can do on x86).
> On the Linuxboot side, we really only need 16MiB. However, I think Laszlo justified an 8MiB target because the QEMU commit he pointed to (referenced in my initial post) increased the absolute firmware size limit to be 16MiB when setting the maximum (`pcms->max_fw_size`) in `pc_machine_set_max_fw_size()`, but the default maximum if not set is 8MiB.
> 
> So I understand why an 8MiB target is justified, but, like you, I am not sure if it's really needed.
> 
>>> However, as Laszlo mentioned, introducing a larger volume size is
>>> compatibility breaking, and so seizing the opportunity to come up
>>> with a larger non-volatile variable store layout is necessary.
>>> 
>>> That said, I would like to use this thread to discuss among hardware
>>> vendors an optimal variable store layout for these larger image sizes.
>> The 2M -> 4M switch happened because the varstore was too small.  It was
>> Confirm64KilobytesOfUnauthenticatedVariableStorage test of the the
>> Microsoft Hardware Certification failing.  I guess Microsoft has good
>> reasons to test for 64k varstore, probably they expect this is big
>> enough in practice.
>> 
>> The varstore size of the 4M layout is *way* above that (see 2M -> 4M
>> commit message):
>> 
>>   Variable store      56 ->   256 ( +200)
>>   Spare area          64 ->   264 ( +200)
>> 
>> Assuming 256k varstore is more than enough:  Sticking to the 4M variable
>> store layout for the 16M (and maybe 8M) builds looks like the best
>> option to me.  I think the varstore would be identical for 4M and 16M
>> builds then, so it should be possible to switch guests from 4M to 16M
>> while keeping the varstore.
> Keeping the 4MiB varstore layout would be the most compatible and straightforward option and is what I would want to go with.
> 
> But I also think that it might make sense when introducing a considerably larger build target to account for any possible increases in variable store size that vendors may expect in the future. I for one dismay any further size increase, but I suppose the more relevant question is, is 256KiB of varstore enough for vendors?
> 
I’m also in the 16 MiB camp and I’m OK with the 256KiB varstore. 

Thanks,

Andrew Fish

> -- 
> Best,
> Devon
> 


[-- Attachment #2: Type: text/html, Size: 7403 bytes --]

      reply	other threads:[~2021-08-30 21:14 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-21  1:10 OVMF: NV Variable Store Layout of Larger Build Targets Devon Bautista
2021-08-21  1:17 ` [edk2-devel] " Devon Bautista
2021-08-27 14:46 ` Ard Biesheuvel
2021-08-30  6:45 ` [edk2-devel] " Gerd Hoffmann
2021-08-30 17:52   ` Devon Bautista
2021-08-30 21:14     ` Andrew Fish [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E81CC01-5890-46A2-BBF6-2B3820492F3A@apple.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox