On Fri, Oct 07, 2022 at 10:45:33AM -0300, Guilherme G. Piccoli wrote: > On 07/10/2022 10:19, Ard Biesheuvel wrote: > > [...] > > > > OVMF has > > > > OvmfPkg/OvmfPkgX64.dsc: > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 > > OvmfPkg/OvmfPkgX64.dsc: > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400 > > > > where the first one is without secure boot and the second with secure boot. > > > > Interestingly, the default is > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400 > > > > so this is probably where this 1k number comes from. So perhaps it is > > better to leave it at 1k after all :-( > > > > Oh darn... > > So, let's stick with 1024 then? If so, no need for re-submitting right? Given OVMF showing this as a max, it doesn't seem right to also make this a minimum? Perhaps choose a different minimum to be enforced. Also, can you update the commit log with Ard's archeology on gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ? -- Kees Cook
