Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1436094rwb;
        Fri, 7 Oct 2022 12:34:58 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM68eH2ojkZ7r2F03diBKvZPkNDola053Em4f1VJNuz1EOi46wMrZ8EcqlFmS3KxR9XRbMMH
X-Received: by 2002:a17:907:1b03:b0:6ff:78d4:c140 with SMTP id mp3-20020a1709071b0300b006ff78d4c140mr5309734ejc.554.1665171298311;
        Fri, 07 Oct 2022 12:34:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1665171298; cv=none;
        d=google.com; s=arc-20160816;
        b=oVs38uItTNmo3IaaxLGZh//QZ+mgvyNDrS6uFAcQoKaJZZUlWM4i8d2QocqDYcgHIC
         6J4e1BPEipvQoW/SNSBYf/W8NJsQLy62omeU1+NCX3y16a4DHXmDdGz7/5IT79pzkNNj
         UW7FYsRkehQegEp2arY4NazW+dD8cYaC+mzVWcobocJcuIjb+9sT279H2ByD/mbjwAB8
         mNLM5JM7giuEtT0miqYEHq1Ojc79JTYhoTtvblBxIkKBNTCkM3aeFVir7fdBGpBcr8pT
         AewjbmFiEQ+NQR2kCssTkc15WZXoqbf6L+eGihaHEbdJwuz8L9AOfQgwSm4Yxr9iC2LQ
         7Zkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=eWIDooZIJ21SaT4AaqXCKaAk3JRTLPG/RdiaYdE09z4=;
        b=GKMwwXneQXI+cIAmn4hlXtaVtDJ4zHHs8+UOQwyKLLPhszaxHeAXJmjezG1esVzjZX
         zsYv/aGzPYW14QcItKzGaRVMm5HLqxjfsUQcHPRuA/kmzktOCAgI3RCTDMVTON99Dr2L
         3h8lSA1FPSze1wdSAoLMf46TgowREATEyy5ZQbIu9Vkz70uJyxsuqXuna/e2EIIKrGxJ
         JXO5Q1PceOjQYuwkeKbkswksY5pgQLwvQSv6JEpN0AODJY9xetmcPef1BJdzI+YTPm72
         a8hPWke0C/qZqmsn9ozPIK8SsdopOQo8TNjv+XUETrRAspVJ9gsYZzTa3XOGfKyWMXAk
         TzYg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b="nk0Tk/QQ";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id hb10-20020a170907160a00b00783602ab27bsi2935588ejc.33.2022.10.07.12.34.22;
        Fri, 07 Oct 2022 12:34:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b="nk0Tk/QQ";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229452AbiJGTcj (ORCPT <rfc822;ankurbansal210989@gmail.com>
        + 99 others); Fri, 7 Oct 2022 15:32:39 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48858 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229445AbiJGTch (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 7 Oct 2022 15:32:37 -0400
Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 40FDFB14F8
        for <linux-kernel@vger.kernel.org>; Fri,  7 Oct 2022 12:32:36 -0700 (PDT)
Received: by mail-pg1-x530.google.com with SMTP id 195so5515142pga.1
        for <linux-kernel@vger.kernel.org>; Fri, 07 Oct 2022 12:32:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=eWIDooZIJ21SaT4AaqXCKaAk3JRTLPG/RdiaYdE09z4=;
        b=nk0Tk/QQ8LsMSXY4egtXKpDJkrjrsNQTmEQ/ZfXiJaiybsz4nAiGpOPR1C9VlTXXEt
         lHrnJrqLxWHOIeEz2rIH9+ZlMj0lDCMoaSyrLqdtMox25q2ra6VHiwIDbhqbq/RhAseb
         wvOUzyqGhNBWllIJOgsM6OoVunnb/vvbUIeTg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=eWIDooZIJ21SaT4AaqXCKaAk3JRTLPG/RdiaYdE09z4=;
        b=FOh3wv5iOHpsOBTTYrt3oD/aV4cmCh4Rodbei2vZGBzasfnTpuLMZQk0hY9/SI2zAI
         w1Y6rcmyAUXIB66phFWRIYrS/Cf8lL3bTkwp74ALXaQNsMsD/cjTlxfNfDlqnoE/RNGI
         cwsmq1Iag8P4uu8AzjN7t3vBfxsE4Sy5n1+PrZAV7+uaMpKtYAj6QX6+ncDvq7ZZ+5SG
         Nup71vSFhINEcDqXhlmzxxEwxVyPTZRHVojLy/1eJjpDcVOJrUJ3Fxrg3SYJ7hEJmjXB
         FMyfuIY8b5JdHhOLlyA7IZWmKi4sN3qiYtIaDhJeeuuq0TBQiG8M1ZnSo3KgHFERJ9UD
         J4xA==
X-Gm-Message-State: ACrzQf1K+bZiT1buB9XVADoIzHrhyY2C10H7fNxcljBAyNGSQA/3tR7w
        py72YdxkjQDvJuXIZTeCLJ+ycg==
X-Received: by 2002:a63:145d:0:b0:44b:f115:f90f with SMTP id 29-20020a63145d000000b0044bf115f90fmr6036831pgu.157.1665171155674;
        Fri, 07 Oct 2022 12:32:35 -0700 (PDT)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id e6-20020a656886000000b0043b565cb57csm2064059pgt.73.2022.10.07.12.32.34
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 07 Oct 2022 12:32:35 -0700 (PDT)
Date:   Fri, 7 Oct 2022 12:32:34 -0700
From:   Kees Cook <keescook@chromium.org>
To:     "Guilherme G. Piccoli" <gpiccoli@igalia.com>
Cc:     Ard Biesheuvel <ardb@kernel.org>, linux-kernel@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, kernel-dev@igalia.com,
        kernel@gpiccoli.net, anton@enomsg.org, ccross@android.com,
        tony.luck@intel.com, linux-efi@vger.kernel.org
Subject: Re: [PATCH 8/8] efi: pstore: Add module parameter for setting the
 record size
Message-ID: <202210071230.63CF832@keescook>
References: <20221006224212.569555-1-gpiccoli@igalia.com>
 <20221006224212.569555-9-gpiccoli@igalia.com>
 <202210061614.8AA746094A@keescook>
 <CAMj1kXF4UyRMh2Y_KakeNBHvkHhTtavASTAxXinDO1rhPe_wYg@mail.gmail.com>
 <f857b97c-9fb5-8ef6-d1cb-3b8a02d0e655@igalia.com>
 <CAMj1kXFy-2KddGu+dgebAdU9v2sindxVoiHLWuVhqYw+R=kqng@mail.gmail.com>
 <2a341c4d-763e-cfa4-0537-93451d8614fa@igalia.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2a341c4d-763e-cfa4-0537-93451d8614fa@igalia.com>
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Oct 07, 2022 at 10:45:33AM -0300, Guilherme G. Piccoli wrote:
> On 07/10/2022 10:19, Ard Biesheuvel wrote:
> > [...]
> > 
> > OVMF has
> > 
> > OvmfPkg/OvmfPkgX64.dsc:
> > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
> > OvmfPkg/OvmfPkgX64.dsc:
> > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> > 
> > where the first one is without secure boot and the second with secure boot.
> > 
> > Interestingly, the default is
> > 
> > gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x400
> > 
> > so this is probably where this 1k number comes from. So perhaps it is
> > better to leave it at 1k after all :-(
> > 
> 
> Oh darn...
> 
> So, let's stick with 1024 then? If so, no need for re-submitting right?

Given OVMF showing this as a max, it doesn't seem right to also make
this a minimum? Perhaps choose a different minimum to be enforced.

Also, can you update the commit log with Ard's archeology on
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ?

-- 
Kees Cook