Discussion:
[edk2] [PATCH] ArmVirtPkg: increase memory preallocations for secure build
Ard Biesheuvel
2015-06-16 09:44:00 UTC
Permalink
This is a followup to r17554 ("ArmVirtPkg: increase memory
preallocations to reduce region count") that increases the sizes
of the preallocated regions to account for the footprint of the
crypto and authentication libraries. This is only done if secure
boot is enabled at build time, to prevent imposing a larger minimum
RAM size on non-secure builds.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <***@linaro.org>
---
ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 9c737712d45f..c6e684fd8512 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -329,9 +329,15 @@ [PcdsFixedAtBuild.common]
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|600
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|400
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1500
+!else
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|300
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|150
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1000
+!endif
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesData|20000
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0
--
1.9.1


------------------------------------------------------------------------------
Olivier Martin
2015-06-16 11:13:38 UTC
Permalink
Reviewed-By: Olivier Martin <***@arm.com>

-----Original Message-----
From: Ard Biesheuvel [mailto:***@linaro.org]
Sent: 16 June 2015 10:44
To: edk2-***@lists.sourceforge.net; ***@redhat.com
Cc: Olivier Martin; ***@linaro.org; Ard Biesheuvel
Subject: [PATCH] ArmVirtPkg: increase memory preallocations for secure build

This is a followup to r17554 ("ArmVirtPkg: increase memory preallocations to reduce region count") that increases the sizes of the preallocated regions to account for the footprint of the crypto and authentication libraries. This is only done if secure boot is enabled at build time, to prevent imposing a larger minimum RAM size on non-secure builds.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <***@linaro.org>
---
ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 9c737712d45f..c6e684fd8512 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -329,9 +329,15 @@ [PcdsFixedAtBuild.common]
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|600
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|400
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1500
+!else
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|300
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|150
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1000
+!endif
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesData|20000
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0
--
1.9.1


-- IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

ARM Limited, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2557590
ARM Holdings plc, Registered office 110 Fulbourn Road, Cambridge CB1 9NJ, Registered in England & Wales, Company No: 2548782


------------------------------------------------------------------------------
Laszlo Ersek
2015-06-16 14:23:19 UTC
Permalink
Post by Ard Biesheuvel
This is a followup to r17554 ("ArmVirtPkg: increase memory
preallocations to reduce region count") that increases the sizes
of the preallocated regions to account for the footprint of the
crypto and authentication libraries. This is only done if secure
boot is enabled at build time, to prevent imposing a larger minimum
RAM size on non-secure builds.
Contributed-under: TianoCore Contribution Agreement 1.0
---
ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 9c737712d45f..c6e684fd8512 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -329,9 +329,15 @@ [PcdsFixedAtBuild.common]
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|600
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|400
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1500
+!else
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|300
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|150
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1000
+!endif
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesData|20000
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0
Reviewed-by: Laszlo Ersek <***@redhat.com>

We should do something similar in OVMF as well -- the UEFI memmap looks
quite fragmented as dumped by the Linux guest -- but alas I'll have no
bandwidth for that in the near future I think.

Thanks
Laszlo

------------------------------------------------------------------------------
Ard Biesheuvel
2015-06-16 14:29:21 UTC
Permalink
Post by Laszlo Ersek
Post by Ard Biesheuvel
This is a followup to r17554 ("ArmVirtPkg: increase memory
preallocations to reduce region count") that increases the sizes
of the preallocated regions to account for the footprint of the
crypto and authentication libraries. This is only done if secure
boot is enabled at build time, to prevent imposing a larger minimum
RAM size on non-secure builds.
Contributed-under: TianoCore Contribution Agreement 1.0
---
ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index 9c737712d45f..c6e684fd8512 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -329,9 +329,15 @@ [PcdsFixedAtBuild.common]
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0
+!if $(SECURE_BOOT_ENABLE) == TRUE
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|600
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|400
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1500
+!else
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|300
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|150
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesCode|1000
+!endif
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiBootServicesData|20000
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0
Thanks guys. Committed as r17646
--
Ard.
Post by Laszlo Ersek
We should do something similar in OVMF as well -- the UEFI memmap looks
quite fragmented as dumped by the Linux guest -- but alas I'll have no
bandwidth for that in the near future I think.
Thanks
Laszlo
------------------------------------------------------------------------------
Loading...