> > Lee, > > Is 0x2000 sufficient for PcdMaxVariableSize with SECURE_BOOT_ENABLE? > > -Jordan
Yes, looks ok -----Original Message----- From: Gary Ching-Pang Lin [mailto:g...@suse.com] Sent: Wednesday, May 15, 2013 11:06 PM To: Jordan Justen Cc: Rosenbaum, Lee G; edk2-devel@lists.sourceforge.net Subject: Re: [edk2] Default PcdFlashNvStorageVariableSize crashed OVMF On Wed, May 15, 2013 at 11:28:23AM -0700, Jordan Justen wrote: > On Wed, May 15, 2013 at 2:03 AM, Gary Ching-Pang Lin <g...@suse.com> wrote: > > A variable store length check was introduced since r14252. After > > applying the patch, OVMF died in > > > > SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c > > > > ASSERT(MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 > > (PcdMaxHardwareErrorVariableSize)) < VariableStoreLength); > > > > The check is reasonable. However, in OvmfPkg/OvmfPkgX64.dsc: > > > > !if $(SECURE_BOOT_ENABLE) == TRUE > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x10000 > > Gary, > > It looks like this is set to 0x2000 in Nt32Pkg. Does that value work for you? Yes, the value works for me. Gary Lin > > Lee, > > Is 0x2000 sufficient for PcdMaxVariableSize with SECURE_BOOT_ENABLE? > > -Jordan > > > !else > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 > > !endif > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize|0x8000 > > gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xc000 > > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0xc000 > > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize|0x2000 > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x10000 > > > > When Secure Boot is enabled, PcdFlashNvStorageVariableSize is much > > smaller than PcdMaxVariableSize, not to mention VariableStoreLength > > which is derived from PcdFlashNvStorageVariableSize, so the check always fails. > > > > Any suggestion about the variable size? > > > > Cheers, > > > > Gary Lin > > > > -------------------------------------------------------------------- > > ---------- AlienVault Unified Security Management (USM) platform > > delivers complete security visibility with the essential security > > capabilities. Easily and efficiently configure, manage, and operate > > all of your security controls from a single console and one unified > > framework. Download a free trial. > > http://p.sf.net/sfu/alienvault_d2d > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/edk2-devel >
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ AlienVault Unified Security Management (USM) platform delivers complete security visibility with the essential security capabilities. Easily and efficiently configure, manage, and operate all of your security controls from a single console and one unified framework. Download a free trial. http://p.sf.net/sfu/alienvault_d2d
_______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
