From: "Taylor Beebe" <taylor.d.beebe@gmail.com>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: devel@edk2.groups.io,
"Ard Biesheuvel" <ardb+tianocore@kernel.org>,
"Jiewen Yao" <jiewen.yao@intel.com>,
"Jordan Justen" <jordan.l.justen@intel.com>,
"Rebecca Cran" <rebecca@bsdio.com>,
"Peter Grehan" <grehan@freebsd.org>,
"Corvin Köhne" <corvink@freebsd.org>
Subject: Re: [edk2-devel] [PATCH v2 20/25] OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg
Date: Tue, 29 Aug 2023 09:26:30 -0700 [thread overview]
Message-ID: <80414988-a569-4c5e-a250-48c9e6cc7c4a@gmail.com> (raw)
In-Reply-To: <qsac3mqwcklgaz2bmpgpquphl54d6xkpx2dy4rrcuzw3rmd32p@snfiftg6qeea>
On 8/29/23 4:17 AM, Gerd Hoffmann wrote:
> Hi,
>
>> - SetDxeMemoryProtectionSettings (&DxeSettings, DxeMemoryProtectionSettingsPcd);
>> - SetMmMemoryProtectionSettings (&MmSettings, MmMemoryProtectionSettingsPcd);
>> + Status = QemuFwCfgParseString (DXE_MEMORY_PROTECTION_PROFILE_FWCFG_FILE, &StringSize, String);
>> + if (!EFI_ERROR (Status)) {
>> + DEBUG ((DEBUG_INFO, "Setting DXE Memory Protection Profile: %a\n", String));
>> + if (AsciiStriCmp (String, "debug") == 0) {
>> + DxeSettings = DxeMemoryProtectionProfiles[DxeMemoryProtectionSettingsDebug].Settings;
> I'd suggest to just loop over DxeMemoryProtectionProfiles and compare
> String with .Name, so we don't have to touch this in case we add or
> remove profiles.
Sounds good -- will update in v3
>> + DxeSettings = DxeMemoryProtectionProfiles[DxeMemoryProtectionSettingsDebug].Settings;
> I'd prefer to use DxeMemoryProtectionSettingsPcd by default.
The PCDs are still removed in this patch series. The PCD profile is
included in the earlier patches of this series to ensure the memory
protections are consistent as each patch transitions the references to
use the library interface. I opted to to remove the PCDs for a couple of
reasons:
1. The PCDs are the legacy interface, and keeping legacy interfaces
around is sometimes necessary for compatibility but not in this case.
Keeping the PCDs would disrupt maintainability, clarity, and
extensibility of memory protections. I am also not confident the legacy
interface would ever be removed in the future.
2. Removing the PCDs will cause a build failure for platforms which
reference them. This outcome is desirable in this case because action
needs to be taken to ensure the platform protection meets expectations
with this new system. If the PCDs were kept, platform creators may try
updating the PCDs and be confused when the changes are not reflected in
the state of the system because the PCD profile is not in use. This
nuance helps identify a confusing interface.
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108098): https://edk2.groups.io/g/devel/message/108098
Mute This Topic: https://groups.io/mt/100830924/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-08-29 16:26 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-18 22:31 [edk2-devel] [PATCH v2 00/25] Implement Dynamic Memory Protections Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 01/25] MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 02/25] MdeModulePkg: Define SetMemoryProtectionsLib and GetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 03/25] MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 04/25] MdeModulePkg: Implement SetMemoryProtectionsLib and GetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 05/25] MdeModulePkg: Apply Protections to the HOB List Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 06/25] MdeModulePkg: Check Print Level Before Dumping GCD Memory Map Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 07/25] UefiCpuPkg: Always Set Stack Guard in MpPei Init Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 08/25] ArmVirtPkg: Add Memory Protection Library Definitions to Platforms Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 09/25] OvmfPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 10/25] OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 11/25] OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 12/25] UefiPayloadPkg: Update DXE Handoff " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 13/25] MdeModulePkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 14/25] ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 15/25] EmulatorPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 16/25] OvmfPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 17/25] UefiCpuPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 18/25] MdeModulePkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 19/25] MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib Taylor Beebe
2023-08-29 10:46 ` Gerd Hoffmann
2023-08-29 16:08 ` Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 20/25] OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg Taylor Beebe
2023-08-29 11:17 ` Gerd Hoffmann
2023-08-29 16:26 ` Taylor Beebe [this message]
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 21/25] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 22/25] MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 23/25] OvmfPkg: Delete Memory Protection PCDs Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 24/25] ArmVirtPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 25/25] MdeModulePkg: " Taylor Beebe
2023-08-19 22:13 ` [edk2-devel] [PATCH v2 00/25] Implement Dynamic Memory Protections Pedro Falcato
2023-08-21 16:19 ` Taylor Beebe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=80414988-a569-4c5e-a250-48c9e6cc7c4a@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox