From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.2036.1689120112380377612 for ; Tue, 11 Jul 2023 17:01:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@taylorbeebe.com header.s=google header.b=VjBukWSg; spf=pass (domain: taylorbeebe.com, ip: 209.85.210.178, mailfrom: t@taylorbeebe.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-666ed230c81so5587208b3a.0 for ; Tue, 11 Jul 2023 17:01:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=taylorbeebe.com; s=google; t=1689120112; x=1691712112; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=+voUczY3oTVJX9fkdf/EN97CWZP+724vTpae8wSrGHE=; b=VjBukWSgqTZaMwmmgoUe2e7CFoJT+Vd1A9e2AYCSAom51EjU9qtkNFgMvcdVmuP+yN OGdm9JPKNXtmQ2okNZZYDZiF2CmKelivHe0yUFWR8LEiuTDa6vk4Dy804Fss3CaW6gAA u9Pu2YWk2jeznQbAT6Z0Vm76yI+l7mFsd04b4m7GdTJ53FX7wUjKIFsUh20m15TXQ8Kq xcYX7Lx0wlPMi+fysahxk1bnJ9aABqZuw6B0N6F91cWsgnD8FrSZvQEdgOBBXoKcheZ2 KfeUaEkU8TiN93ZhD8g5rdfvhQV8ytyTtejjT0EoPi6i5wboStoEhcwtNPwHrCNOQxT4 wSiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689120112; x=1691712112; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+voUczY3oTVJX9fkdf/EN97CWZP+724vTpae8wSrGHE=; b=LVJpG6FSm407QSfJjOjM/HBzIZ1jQ1wH2maW62ExALLiFJh6u2s+/D75Y8WsT7pWkZ 3ZCxzWyGuJQDb6I7qFryGHq/fXk+8VeAEw00+I7/Hhl58xkBjFxiC00pKL1JHUPw2zih QPAq86sVUqXRqYhwq+SHvT7BPp6tLJespohdLCg5oxCguyFyyRo7DQoK6JedXUC7sswi QXyPly+EJ3uY1MSx0sthMmn+BEIVNqCRf0Z/s7C+2cuMOY9GVSj80imiXBuxEqPh+ajR fMTAKVnxC38By+C4S8mSGGkB/IYhuETKWHkbRpf0hdqjDjNzcfJD/bLypcI9Bc4C6ieB 9lWg== X-Gm-Message-State: ABy/qLbZvuaHd2ygXWwumrUiahjFb3EV3bn+UsVmg39wKaQyJwSJ8nfR 7cNDoWArw1HEk9nScoTOxizCqDp91Wymh21zcULbsQ== X-Google-Smtp-Source: APBJJlFHiAe8zhiKBpeWw3kJrvUjkBO13a4dhl9Fzb8MaOCGh2o7G7Ta5pxCXtRfgTTC4tMHC6ErAg== X-Received: by 2002:a05:6a00:1a12:b0:676:ad06:29d7 with SMTP id g18-20020a056a001a1200b00676ad0629d7mr21796074pfv.15.1689120111696; Tue, 11 Jul 2023 17:01:51 -0700 (PDT) Return-Path: Received: from [192.168.50.162] ([50.46.230.135]) by smtp.gmail.com with ESMTPSA id r18-20020a62e412000000b0065d2f009f9esm2256392pfh.115.2023.07.11.17.01.51 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Jul 2023 17:01:51 -0700 (PDT) Message-ID: <134fb9db-b0c0-bfd7-3c64-710635315925@taylorbeebe.com> Date: Tue, 11 Jul 2023 17:01:50 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 Subject: Re: [edk2-devel] [PATCH 14/14] MdeModulePkg: Delete Memory Protection PCDs To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann References: <1770F551E2E594C0.16575@groups.io> From: "Taylor Beebe" In-Reply-To: <1770F551E2E594C0.16575@groups.io> Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Looks like the title of this patch in the series was mixed up with the title of the following patch. I'll wait for feedback before sending out a v2, but the title of this patch should be: [PATCH 13/14] ArmVirtPkg: Delete Memory Protection PCDs On 7/11/2023 4:52 PM, Taylor Beebe via groups.io wrote: > From: Taylor Beebe > > Now that references in the rest of the codebase have been updated > to reference the memory protection HOB, delete the memory protection PCDs. > > Signed-off-by: Taylor Beebe > Cc: Ard Biesheuvel > Cc: Leif Lindholm > Cc: Sami Mujawar > Cc: Gerd Hoffmann > --- > ArmVirtPkg/ArmVirt.dsc.inc | 15 --------------- > ArmVirtPkg/ArmVirtCloudHv.dsc | 5 ----- > ArmVirtPkg/ArmVirtQemu.dsc | 5 ----- > 3 files changed, 25 deletions(-) > > diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc > index 3174b19e51..e1eb189077 100644 > --- a/ArmVirtPkg/ArmVirt.dsc.inc > +++ b/ArmVirtPkg/ArmVirt.dsc.inc > @@ -363,21 +363,6 @@ > gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 > gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 > > - # > - # Enable strict image permissions for all images. (This applies > - # only to images that were built with >= 4 KB section alignment.) > - # > - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 > - > - # > - # Enable NX memory protection for all non-code regions, including OEM and OS > - # reserved ones, with the exception of LoaderData regions, of which OS loaders > - # (i.e., GRUB) may assume that its contents are executable. > - # > - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 > - > - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE > - > [Components.common] > # > # Ramdisk support > diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc > index c975e139a2..c4c3e0da44 100644 > --- a/ArmVirtPkg/ArmVirtCloudHv.dsc > +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc > @@ -140,11 +140,6 @@ > # > gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 > > - # > - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) > - # > - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE > - > !if $(SECURE_BOOT_ENABLE) == TRUE > # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 > diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc > index 1e0225951a..214e08b789 100644 > --- a/ArmVirtPkg/ArmVirtQemu.dsc > +++ b/ArmVirtPkg/ArmVirtQemu.dsc > @@ -212,11 +212,6 @@ > # > gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 > > - # > - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) > - # > - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE > - > !if $(SECURE_BOOT_ENABLE) == TRUE > # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 -- Taylor Beebe Software Engineer @ Microsoft