* [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
@ 2017-03-03 4:44 Dandan Bi
2017-03-03 4:44 ` [patch] MdeModulePkg/DxeCore: Fix coding style issues Dandan Bi
2017-03-07 2:09 ` [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Zeng, Star
0 siblings, 2 replies; 6+ messages in thread
From: Dandan Bi @ 2017-03-03 4:44 UTC (permalink / raw)
To: edk2-devel; +Cc: Brijesh Singh, Leo Duran, Ard Biesheuvel, Star Zeng
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Leo Duran <leo.duran@amd.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/MdeModulePkg.dec | 2 +-
MdeModulePkg/MdeModulePkg.uni | 38 ++++++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 356b3e1..626e479 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -1737,11 +1737,11 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x0}|VOID*|0x30001046
## This PCD holds the address mask for page table entries when memory encryption is
# enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.
# This mask should be applied when creating 1:1 virtual to physical mapping tables.
- #
+ # @Prompt The address mask when memory encryption is enabled.
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0|UINT64|0x30001047
[PcdsPatchableInModule]
## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled.
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni
index ff0d697..d6015de 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -1087,5 +1087,43 @@
"The code section becomes read-only, and the data section becomes non-executable.\n"
"If a bit is clear, the image will not be protected.<BR><BR>\n"
"BIT0 - Image from unknown device. <BR>\n"
"BIT1 - Image from firmware volume.<BR>"
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_PROMPT #language en-US "Set DXE memory protection policy."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_HELP #language en-US "Set DXE memory protection policy. The policy is bitwise.\n"
+ "If a bit is set, memory regions of the associated type will be mapped\n"
+ "non-executable.<BR><BR>\n"
+ "\n"
+ "Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
+ "EfiReservedMemoryType 0x0001<BR>\n"
+ "EfiLoaderCode 0x0002<BR>\n"
+ "EfiLoaderData 0x0004<BR>\n"
+ "EfiBootServicesCode 0x0008<BR>\n"
+ "EfiBootServicesData 0x0010<BR>\n"
+ "EfiRuntimeServicesCode 0x0020<BR>\n"
+ "EfiRuntimeServicesData 0x0040<BR>\n"
+ "EfiConventionalMemory 0x0080<BR>\n"
+ "EfiUnusableMemory 0x0100<BR>\n"
+ "EfiACPIReclaimMemory 0x0200<BR>\n"
+ "EfiACPIMemoryNVS 0x0400<BR>\n"
+ "EfiMemoryMappedIO 0x0800<BR>\n"
+ "EfiMemoryMappedIOPortSpace 0x1000<BR>\n"
+ "EfiPalCode 0x2000<BR>\n"
+ "EfiPersistentMemory 0x4000<BR>\n"
+ "OEM Reserved 0x4000000000000000<BR>\n"
+ "OS Reserved 0x8000000000000000<BR>\n"
+ "\n"
+ "NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServicesCode / EfiRuntimeServicesCode. <BR>\n"
+ "User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory. <BR>\n"
+ "\n"
+ "e.g. 0x7FD5 can be used for all memory except Code. <BR>\n"
+ "e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserved. <BR>\n"
+ ""
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_PROMPT #language en-US "The address mask when memory encryption is enabled."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_HELP #language en-US "This PCD holds the address mask for page table entries when memory encryption is\n"
+ "enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.\n"
+ "This mask should be applied when creating 1:1 virtual to physical mapping tables."
+
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [patch] MdeModulePkg/DxeCore: Fix coding style issues
2017-03-03 4:44 [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Dandan Bi
@ 2017-03-03 4:44 ` Dandan Bi
2017-03-07 2:10 ` Zeng, Star
2017-03-07 2:09 ` [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Zeng, Star
1 sibling, 1 reply; 6+ messages in thread
From: Dandan Bi @ 2017-03-03 4:44 UTC (permalink / raw)
To: edk2-devel; +Cc: Ard Biesheuvel, Star Zeng
Add comments for functions.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/Core/Dxe/Mem/Pool.c | 19 +++++++++++++++++++
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 6 ++++--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/Pool.c
index ced6444..1e37356 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Pool.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c
@@ -289,10 +289,21 @@ CoreAllocatePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Used by the pool functions to allocate pages
+ to back pool allocation requests.
+
+ @param PoolType The type of memory for the new pool pages
+ @param NoPages No of pages to allocate
+ @param Granularity Bits to align.
+
+ @return The allocated memory, or NULL
+
+**/
STATIC
VOID *
CoreAllocatePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN UINTN NoPages,
@@ -551,10 +562,18 @@ CoreFreePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Frees pool pages allocated via CoreAllocatePoolPagesI().
+
+ @param PoolType The type of memory for the pool pages
+ @param Memory The base address to free
+ @param NoPages The number of pages to free
+
+**/
STATIC
VOID
CoreFreePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN EFI_PHYSICAL_ADDRESS Memory,
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 45f360c..1c44148 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -655,10 +655,12 @@ UnprotectUefiImage (
}
/**
Return the EFI memory permission attribute associated with memory
type 'MemoryType' under the configured DXE memory protection policy.
+
+ @param MemoryType Memory type.
**/
STATIC
UINT64
GetPermissionAttributeForMemoryType (
IN EFI_MEMORY_TYPE MemoryType
@@ -786,11 +788,11 @@ MergeMemoryMapForProtectionPolicy (
}
/**
Remove exec permissions from all regions whose type is identified by
- PcdDxeNxMemoryProtectionPolicy
+ PcdDxeNxMemoryProtectionPolicy.
**/
STATIC
VOID
InitializeDxeNxMemoryProtectionPolicy (
VOID
@@ -1051,11 +1053,11 @@ CoreInitializeMemoryProtection (
}
return ;
}
/**
- Returns whether we are currently executing in SMM mode
+ Returns whether we are currently executing in SMM mode.
**/
STATIC
BOOLEAN
IsInSmm (
VOID
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
2017-03-03 4:44 [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Dandan Bi
2017-03-03 4:44 ` [patch] MdeModulePkg/DxeCore: Fix coding style issues Dandan Bi
@ 2017-03-07 2:09 ` Zeng, Star
2017-03-07 13:48 ` Zeng, Star
1 sibling, 1 reply; 6+ messages in thread
From: Zeng, Star @ 2017-03-07 2:09 UTC (permalink / raw)
To: Bi, Dandan, edk2-devel@lists.01.org
Cc: Brijesh Singh, Leo Duran, Ard Biesheuvel, Zeng, Star
Reviewed-by: Star Zeng <star.zeng@intel.com>
-----Original Message-----
From: Bi, Dandan
Sent: Friday, March 3, 2017 12:45 PM
To: edk2-devel@lists.01.org
Cc: Brijesh Singh <brijesh.singh@amd.com>; Leo Duran <leo.duran@amd.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Leo Duran <leo.duran@amd.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/MdeModulePkg.dec | 2 +-
MdeModulePkg/MdeModulePkg.uni | 38 ++++++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 356b3e1..626e479 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -1737,11 +1737,11 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x0}|VOID*|0x30001046
## This PCD holds the address mask for page table entries when memory encryption is
# enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.
# This mask should be applied when creating 1:1 virtual to physical mapping tables.
- #
+ # @Prompt The address mask when memory encryption is enabled.
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0|UINT64|0x30001047
[PcdsPatchableInModule]
## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled.
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index ff0d697..d6015de 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -1087,5 +1087,43 @@
"The code section becomes read-only, and the data section becomes non-executable.\n"
"If a bit is clear, the image will not be protected.<BR><BR>\n"
"BIT0 - Image from unknown device. <BR>\n"
"BIT1 - Image from firmware volume.<BR>"
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_PROMPT #language en-US "Set DXE memory protection policy."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_HELP #language en-US "Set DXE memory protection policy. The policy is bitwise.\n"
+ "If a bit is set, memory regions of the associated type will be mapped\n"
+ "non-executable.<BR><BR>\n"
+ "\n"
+ "Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
+ "EfiReservedMemoryType 0x0001<BR>\n"
+ "EfiLoaderCode 0x0002<BR>\n"
+ "EfiLoaderData 0x0004<BR>\n"
+ "EfiBootServicesCode 0x0008<BR>\n"
+ "EfiBootServicesData 0x0010<BR>\n"
+ "EfiRuntimeServicesCode 0x0020<BR>\n"
+ "EfiRuntimeServicesData 0x0040<BR>\n"
+ "EfiConventionalMemory 0x0080<BR>\n"
+ "EfiUnusableMemory 0x0100<BR>\n"
+ "EfiACPIReclaimMemory 0x0200<BR>\n"
+ "EfiACPIMemoryNVS 0x0400<BR>\n"
+ "EfiMemoryMappedIO 0x0800<BR>\n"
+ "EfiMemoryMappedIOPortSpace 0x1000<BR>\n"
+ "EfiPalCode 0x2000<BR>\n"
+ "EfiPersistentMemory 0x4000<BR>\n"
+ "OEM Reserved 0x4000000000000000<BR>\n"
+ "OS Reserved 0x8000000000000000<BR>\n"
+ "\n"
+ "NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServicesCode / EfiRuntimeServicesCode. <BR>\n"
+ "User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory. <BR>\n"
+ "\n"
+ "e.g. 0x7FD5 can be used for all memory except Code. <BR>\n"
+ "e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserved. <BR>\n"
+ ""
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_PROMPT #language en-US "The address mask when memory encryption is enabled."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_HELP #language en-US "This PCD holds the address mask for page table entries when memory encryption is\n"
+ "enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.\n"
+ "This mask should be applied when creating 1:1 virtual to physical mapping tables."
+
--
1.9.5.msysgit.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch] MdeModulePkg/DxeCore: Fix coding style issues
2017-03-03 4:44 ` [patch] MdeModulePkg/DxeCore: Fix coding style issues Dandan Bi
@ 2017-03-07 2:10 ` Zeng, Star
2017-03-07 13:49 ` Zeng, Star
0 siblings, 1 reply; 6+ messages in thread
From: Zeng, Star @ 2017-03-07 2:10 UTC (permalink / raw)
To: Bi, Dandan, edk2-devel@lists.01.org; +Cc: Ard Biesheuvel, Zeng, Star
Reviewed-by: Star Zeng <star.zeng@intel.com>
-----Original Message-----
From: Bi, Dandan
Sent: Friday, March 3, 2017 12:45 PM
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: [patch] MdeModulePkg/DxeCore: Fix coding style issues
Add comments for functions.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/Core/Dxe/Mem/Pool.c | 19 +++++++++++++++++++
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 6 ++++--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/Pool.c
index ced6444..1e37356 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Pool.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c
@@ -289,10 +289,21 @@ CoreAllocatePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Used by the pool functions to allocate pages
+ to back pool allocation requests.
+
+ @param PoolType The type of memory for the new pool pages
+ @param NoPages No of pages to allocate
+ @param Granularity Bits to align.
+
+ @return The allocated memory, or NULL
+
+**/
STATIC
VOID *
CoreAllocatePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN UINTN NoPages,
@@ -551,10 +562,18 @@ CoreFreePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Frees pool pages allocated via CoreAllocatePoolPagesI().
+
+ @param PoolType The type of memory for the pool pages
+ @param Memory The base address to free
+ @param NoPages The number of pages to free
+
+**/
STATIC
VOID
CoreFreePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN EFI_PHYSICAL_ADDRESS Memory,
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 45f360c..1c44148 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -655,10 +655,12 @@ UnprotectUefiImage ( }
/**
Return the EFI memory permission attribute associated with memory
type 'MemoryType' under the configured DXE memory protection policy.
+
+ @param MemoryType Memory type.
**/
STATIC
UINT64
GetPermissionAttributeForMemoryType (
IN EFI_MEMORY_TYPE MemoryType
@@ -786,11 +788,11 @@ MergeMemoryMapForProtectionPolicy ( }
/**
Remove exec permissions from all regions whose type is identified by
- PcdDxeNxMemoryProtectionPolicy
+ PcdDxeNxMemoryProtectionPolicy.
**/
STATIC
VOID
InitializeDxeNxMemoryProtectionPolicy (
VOID
@@ -1051,11 +1053,11 @@ CoreInitializeMemoryProtection (
}
return ;
}
/**
- Returns whether we are currently executing in SMM mode
+ Returns whether we are currently executing in SMM mode.
**/
STATIC
BOOLEAN
IsInSmm (
VOID
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
2017-03-07 2:09 ` [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Zeng, Star
@ 2017-03-07 13:48 ` Zeng, Star
0 siblings, 0 replies; 6+ messages in thread
From: Zeng, Star @ 2017-03-07 13:48 UTC (permalink / raw)
To: Bi, Dandan, edk2-devel@lists.01.org
Cc: Brijesh Singh, Leo Duran, Ard Biesheuvel, Zeng, Star
Patch has been pushed at 76081dfcc5b2ccec7ef88d4dc0f8eedca107c193.
-----Original Message-----
From: Zeng, Star
Sent: Tuesday, March 7, 2017 10:09 AM
To: Bi, Dandan <dandan.bi@intel.com>; edk2-devel@lists.01.org
Cc: Brijesh Singh <brijesh.singh@amd.com>; Leo Duran <leo.duran@amd.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
Reviewed-by: Star Zeng <star.zeng@intel.com>
-----Original Message-----
From: Bi, Dandan
Sent: Friday, March 3, 2017 12:45 PM
To: edk2-devel@lists.01.org
Cc: Brijesh Singh <brijesh.singh@amd.com>; Leo Duran <leo.duran@amd.com>; Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Leo Duran <leo.duran@amd.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/MdeModulePkg.dec | 2 +-
MdeModulePkg/MdeModulePkg.uni | 38 ++++++++++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 356b3e1..626e479 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -1737,11 +1737,11 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
gEfiMdeModulePkgTokenSpaceGuid.PcdSystemFmpCapsuleImageTypeIdGuid|{0x0}|VOID*|0x30001046
## This PCD holds the address mask for page table entries when memory encryption is
# enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.
# This mask should be applied when creating 1:1 virtual to physical mapping tables.
- #
+ # @Prompt The address mask when memory encryption is enabled.
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0|UINT64|0x30001047
[PcdsPatchableInModule]
## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled.
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index ff0d697..d6015de 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -1087,5 +1087,43 @@
"The code section becomes read-only, and the data section becomes non-executable.\n"
"If a bit is clear, the image will not be protected.<BR><BR>\n"
"BIT0 - Image from unknown device. <BR>\n"
"BIT1 - Image from firmware volume.<BR>"
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_PROMPT #language en-US "Set DXE memory protection policy."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_HELP #language en-US "Set DXE memory protection policy. The policy is bitwise.\n"
+ "If a bit is set, memory regions of the associated type will be mapped\n"
+ "non-executable.<BR><BR>\n"
+ "\n"
+ "Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
+ "EfiReservedMemoryType 0x0001<BR>\n"
+ "EfiLoaderCode 0x0002<BR>\n"
+ "EfiLoaderData 0x0004<BR>\n"
+ "EfiBootServicesCode 0x0008<BR>\n"
+ "EfiBootServicesData 0x0010<BR>\n"
+ "EfiRuntimeServicesCode 0x0020<BR>\n"
+ "EfiRuntimeServicesData 0x0040<BR>\n"
+ "EfiConventionalMemory 0x0080<BR>\n"
+ "EfiUnusableMemory 0x0100<BR>\n"
+ "EfiACPIReclaimMemory 0x0200<BR>\n"
+ "EfiACPIMemoryNVS 0x0400<BR>\n"
+ "EfiMemoryMappedIO 0x0800<BR>\n"
+ "EfiMemoryMappedIOPortSpace 0x1000<BR>\n"
+ "EfiPalCode 0x2000<BR>\n"
+ "EfiPersistentMemory 0x4000<BR>\n"
+ "OEM Reserved 0x4000000000000000<BR>\n"
+ "OS Reserved 0x8000000000000000<BR>\n"
+ "\n"
+ "NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServicesCode / EfiRuntimeServicesCode. <BR>\n"
+ "User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory. <BR>\n"
+ "\n"
+ "e.g. 0x7FD5 can be used for all memory except Code. <BR>\n"
+ "e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserved. <BR>\n"
+ ""
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_PROMPT #language en-US "The address mask when memory encryption is enabled."
+
+#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_HELP #language en-US "This PCD holds the address mask for page table entries when memory encryption is\n"
+ "enabled on AMD processors supporting the Secure Encrypted Virtualization (SEV) feature.\n"
+ "This mask should be applied when creating 1:1 virtual to physical mapping tables."
+
--
1.9.5.msysgit.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch] MdeModulePkg/DxeCore: Fix coding style issues
2017-03-07 2:10 ` Zeng, Star
@ 2017-03-07 13:49 ` Zeng, Star
0 siblings, 0 replies; 6+ messages in thread
From: Zeng, Star @ 2017-03-07 13:49 UTC (permalink / raw)
To: Bi, Dandan, edk2-devel@lists.01.org; +Cc: Ard Biesheuvel, Zeng, Star
Patch has been pushed at 7babb4372e6a34cbbc54249b25056272a5a9924c.
-----Original Message-----
From: Zeng, Star
Sent: Tuesday, March 7, 2017 10:10 AM
To: Bi, Dandan <dandan.bi@intel.com>; edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [patch] MdeModulePkg/DxeCore: Fix coding style issues
Reviewed-by: Star Zeng <star.zeng@intel.com>
-----Original Message-----
From: Bi, Dandan
Sent: Friday, March 3, 2017 12:45 PM
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>; Zeng, Star <star.zeng@intel.com>
Subject: [patch] MdeModulePkg/DxeCore: Fix coding style issues
Add comments for functions.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/Core/Dxe/Mem/Pool.c | 19 +++++++++++++++++++
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 6 ++++--
2 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/Pool.c
index ced6444..1e37356 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Pool.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c
@@ -289,10 +289,21 @@ CoreAllocatePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Used by the pool functions to allocate pages
+ to back pool allocation requests.
+
+ @param PoolType The type of memory for the new pool pages
+ @param NoPages No of pages to allocate
+ @param Granularity Bits to align.
+
+ @return The allocated memory, or NULL
+
+**/
STATIC
VOID *
CoreAllocatePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN UINTN NoPages,
@@ -551,10 +562,18 @@ CoreFreePool (
InstallMemoryAttributesTableOnMemoryAllocation (PoolType);
}
return Status;
}
+/**
+ Internal function. Frees pool pages allocated via CoreAllocatePoolPagesI().
+
+ @param PoolType The type of memory for the pool pages
+ @param Memory The base address to free
+ @param NoPages The number of pages to free
+
+**/
STATIC
VOID
CoreFreePoolPagesI (
IN EFI_MEMORY_TYPE PoolType,
IN EFI_PHYSICAL_ADDRESS Memory,
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 45f360c..1c44148 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -655,10 +655,12 @@ UnprotectUefiImage ( }
/**
Return the EFI memory permission attribute associated with memory
type 'MemoryType' under the configured DXE memory protection policy.
+
+ @param MemoryType Memory type.
**/
STATIC
UINT64
GetPermissionAttributeForMemoryType (
IN EFI_MEMORY_TYPE MemoryType
@@ -786,11 +788,11 @@ MergeMemoryMapForProtectionPolicy ( }
/**
Remove exec permissions from all regions whose type is identified by
- PcdDxeNxMemoryProtectionPolicy
+ PcdDxeNxMemoryProtectionPolicy.
**/
STATIC
VOID
InitializeDxeNxMemoryProtectionPolicy (
VOID
@@ -1051,11 +1053,11 @@ CoreInitializeMemoryProtection (
}
return ;
}
/**
- Returns whether we are currently executing in SMM mode
+ Returns whether we are currently executing in SMM mode.
**/
STATIC
BOOLEAN
IsInSmm (
VOID
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
end of thread, other threads:[~2017-03-07 13:49 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-03-03 4:44 [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Dandan Bi
2017-03-03 4:44 ` [patch] MdeModulePkg/DxeCore: Fix coding style issues Dandan Bi
2017-03-07 2:10 ` Zeng, Star
2017-03-07 13:49 ` Zeng, Star
2017-03-07 2:09 ` [patch] MdeModulePkg: Add PROMPT&HELP string of pcd to UNI file Zeng, Star
2017-03-07 13:48 ` Zeng, Star
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox