Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Ni, Ray
Hoffmann ; > Leif Lindholm ; Sami Mujawar > ; Andrew Fish ; Ni, Ray > ; Dong, Eric ; Kumar, Rahul R > ; Dong, Guo ; Rhodes, Sean > ; Lu, James ; Guo, Gua > > Subject: Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory > Protections > > On Mon, 17 Jul 2023 at 18

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Taylor Beebe
On 7/17/23 9:49 AM, Pedro Falcato wrote: On Mon, Jul 17, 2023 at 5:26 PM Ard Biesheuvel wrote: On Mon, 17 Jul 2023 at 18:15, Pedro Falcato wrote: On Wed, Jul 12, 2023 at 12:53 AM Taylor Beebe wrote: In the past, memory protection settings were configured via FixedAtBuild PCDs, which r

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Pedro Falcato
On Mon, Jul 17, 2023 at 5:26 PM Ard Biesheuvel wrote: > > On Mon, 17 Jul 2023 at 18:15, Pedro Falcato wrote: > > > > On Wed, Jul 12, 2023 at 12:53 AM Taylor Beebe wrote: > > > > > > In the past, memory protection settings were configured via FixedAtBuild > > > PCDs, > > > which resulted in a bu

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Ard Biesheuvel
On Mon, 17 Jul 2023 at 18:15, Pedro Falcato wrote: > > On Wed, Jul 12, 2023 at 12:53 AM Taylor Beebe wrote: > > > > In the past, memory protection settings were configured via FixedAtBuild > > PCDs, > > which resulted in a build-time configuration of memory mitigations. This > > approach limited

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Pedro Falcato
On Wed, Jul 12, 2023 at 12:53 AM Taylor Beebe wrote: > > In the past, memory protection settings were configured via FixedAtBuild PCDs, > which resulted in a build-time configuration of memory mitigations. This > approach limited the flexibility of applying mitigations to the > system and made it

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-17 Thread Gerd Hoffmann
Hi, > > Can we have both? > > > > Being able to adjust settings at runtime is great. But being able to > > set them at compile time on the command line (via build --pcd), without > > patching code, is very useful too. > > > > I'd suggest to keep the PCDs, create a profile from PCD settings an

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-12 Thread Taylor Beebe
On 7/12/2023 3:05 AM, Gerd Hoffmann wrote: On Tue, Jul 11, 2023 at 04:52:37PM -0700, Taylor Beebe wrote: In the past, memory protection settings were configured via FixedAtBuild PCDs, which resulted in a build-time configuration of memory mitigations. This approach limited the flexibility of

Re: [edk2-devel] [PATCH 00/14] Implement Dynamic Memory Protections

2023-07-12 Thread Gerd Hoffmann
On Tue, Jul 11, 2023 at 04:52:37PM -0700, Taylor Beebe wrote: > In the past, memory protection settings were configured via FixedAtBuild PCDs, > which resulted in a build-time configuration of memory mitigations. This > approach limited the flexibility of applying mitigations to the > system and ma