Re: [edk2-devel] [PATCH 1/4] OvmfPkg: remove handling of properties table

Laszlo Ersek Fri, 27 Mar 2020 07:01:40 -0700

On 03/26/20 11:24, Ard Biesheuvel wrote:
> The UEFI properties table and the associated memory protection feature was
> severely broken from the start, and has been deprecated for a while. Let's
> drop all references to it from OVMF so we can safely remove it from the
> DXE core as well.
> 
> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=2633
> Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
> ---
>  OvmfPkg/OvmfPkgIa32.dsc             | 1 -
>  OvmfPkg/OvmfPkgIa32X64.dsc          | 1 -
>  OvmfPkg/OvmfPkgX64.dsc              | 1 -
>  OvmfPkg/OvmfXen.dsc                 | 1 -
>  OvmfPkg/PlatformPei/Platform.c      | 1 -
>  OvmfPkg/PlatformPei/PlatformPei.inf | 1 -
>  6 files changed, 6 deletions(-)
> 
> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> index 02ca17db8b2a..47926ac9e235 100644
> --- a/OvmfPkg/OvmfPkgIa32.dsc
> +++ b/OvmfPkg/OvmfPkgIa32.dsc
> @@ -570,7 +570,6 @@ [PcdsDynamicDefault]
>  
>    # Noexec settings for DXE.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
> -  gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable|FALSE
>  
>    # UefiCpuPkg PCDs related to initial AP bringup and general AP management.
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
> index d08cf558c6aa..37943624dc72 100644
> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> @@ -581,7 +581,6 @@ [PcdsDynamicDefault]
>  
>    # Noexec settings for DXE.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
> -  gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable|FALSE
>  
>    # UefiCpuPkg PCDs related to initial AP bringup and general AP management.
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> index b2dccc40a865..f41ebb95d717 100644
> --- a/OvmfPkg/OvmfPkgX64.dsc
> +++ b/OvmfPkg/OvmfPkgX64.dsc
> @@ -580,7 +580,6 @@ [PcdsDynamicDefault]
>  
>    # Noexec settings for DXE.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
> -  gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable|FALSE
>  
>    # UefiCpuPkg PCDs related to initial AP bringup and general AP management.
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
> diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
> index 85fe39f7896c..67b95d7b788c 100644
> --- a/OvmfPkg/OvmfXen.dsc
> +++ b/OvmfPkg/OvmfXen.dsc
> @@ -483,7 +483,6 @@ [PcdsDynamicDefault]
>  
>    # Noexec settings for DXE.
>    gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
> -  gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable|FALSE
>  
>    # Set memory encryption mask
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
> diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
> index 587ca68fc210..088e616a980c 100644
> --- a/OvmfPkg/PlatformPei/Platform.c
> +++ b/OvmfPkg/PlatformPei/Platform.c
> @@ -315,7 +315,6 @@ NoexecDxeInitialization (
>    VOID
>    )
>  {
> -  UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdPropertiesTableEnable);
>    UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdSetNxForStack);
>  }
>  
> diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf 
> b/OvmfPkg/PlatformPei/PlatformPei.inf
> index 8531c63995c1..19f2424981bc 100644
> --- a/OvmfPkg/PlatformPei/PlatformPei.inf
> +++ b/OvmfPkg/PlatformPei/PlatformPei.inf
> @@ -94,7 +94,6 @@ [Pcd]
>    gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
>    gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable
>    gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack
> -  gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable
>    gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable
>    gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
>    gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy
>


Given that the DEC default for PcdPropertiesTableEnable is FALSE, this
change is safe, regarding a bisection on a virtual machine configuration
where the PCD is not enabled explicitly. (IOW, if a VM configuration
does not care about this knob, then building OVMF right after this patch
will not cause the PCD to flip on.)

Reviewed-by: Laszlo Ersek <ler...@redhat.com>

Thanks!
Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#56496): https://edk2.groups.io/g/devel/message/56496
Mute This Topic: https://groups.io/mt/72560882/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/4] OvmfPkg: remove handling of properties table

Reply via email to