On Wed, May 15, 2013 at 2:03 AM, Gary Ching-Pang Lin <g...@suse.com> wrote: > A variable store length check was introduced since r14252. After applying the > patch, OVMF died in > > SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c > > ASSERT(MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 > (PcdMaxHardwareErrorVariableSize)) < VariableStoreLength); > > The check is reasonable. However, in OvmfPkg/OvmfPkgX64.dsc: > > !if $(SECURE_BOOT_ENABLE) == TRUE > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000
Gary, It looks like this is set to 0x2000 in Nt32Pkg. Does that value work for you? Lee, Is 0x2000 sufficient for PcdMaxVariableSize with SECURE_BOOT_ENABLE? -Jordan > !else > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 > !endif > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000 > gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000 > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000 > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize|0x2000 > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x10000 > > When Secure Boot is enabled, PcdFlashNvStorageVariableSize is much smaller > than > PcdMaxVariableSize, not to mention VariableStoreLength which is derived from > PcdFlashNvStorageVariableSize, so the check always fails. > > Any suggestion about the variable size? > > Cheers, > > Gary Lin > > ------------------------------------------------------------------------------ > AlienVault Unified Security Management (USM) platform delivers complete > security visibility with the essential security capabilities. Easily and > efficiently configure, manage, and operate all of your security controls > from a single console and one unified framework. Download a free trial. > http://p.sf.net/sfu/alienvault_d2d > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/edk2-devel ------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
