From 2c06e76bba06e58bd1a903c7c319dda722676a8e Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Fri, 8 May 2020 14:16:48 +0200 Subject: [PATCH] OvmfPkg/PlatformPei: don't track BS Code/Data in default MemTypeInfo HOB MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit In commit d42fdd6f8384 ("OvmfPkg: improve SMM comms security with adaptive MemoryTypeInformation", 2020-03-12), we enabled the boot-to-boot tracking of the usages of various UEFI memory types. Both whitepapers listed in that commit recommend that BS Code/Data type memory *not* be tracked. This recommendation was confirmed by Jiewen in the following two messages as well: [1] https://edk2.groups.io/g/devel/message/55741 http://mid.mail-archive.com/74D8A39837DF1E4DA445A8C0B3885C503F97B579@shsmsx102.ccr.corp.intel.com [2] https://edk2.groups.io/g/devel/message/55749 http://mid.mail-archive.com/74D8A39837DF1E4DA445A8C0B3885C503F97BDC5@shsmsx102.ccr.corp.intel.com While tracking BS Code/Data type memory has one benefit (it de-fragments the UEFI memory map), the downsides outweigh it. Spikes in BS Data type memory usage are not uncommon in particular, and they may have the following consequences: - such reboots during normal boot that look "spurious" to the end user, and have no SMM security benefit, - a large BS Data record in MemoryTypeInformation may cause issues when the DXE Core tries to prime the according bin(s), but the system's RAM size has been reduced meanwhile. Removing the BS Code/Data entries from MemoryTypeInformation leads to a bit more fragmentation in the UEFI memory map, but that should be harmless. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Philippe Mathieu-Daudé Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2706 Signed-off-by: Laszlo Ersek Message-Id: <20200508121651.16045-2-lersek@redhat.com> Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Ard Biesheuvel --- OvmfPkg/PlatformPei/MemTypeInfo.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/OvmfPkg/PlatformPei/MemTypeInfo.c b/OvmfPkg/PlatformPei/MemTypeInfo.c index 863c6f3826..8100a2db7d 100644 --- a/OvmfPkg/PlatformPei/MemTypeInfo.c +++ b/OvmfPkg/PlatformPei/MemTypeInfo.c @@ -31,8 +31,6 @@ STATIC EFI_MEMORY_TYPE_INFORMATION mDefaultMemoryTypeInformation[] = { { EfiReservedMemoryType, 0x004 }, { EfiRuntimeServicesData, 0x024 }, { EfiRuntimeServicesCode, 0x030 }, - { EfiBootServicesCode, 0x180 }, - { EfiBootServicesData, 0xF00 }, { EfiMaxMemoryType, 0x000 } }; -- 2.39.2