From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web11.26522.1678727954654687008
 for <devel@edk2.groups.io>;
 Mon, 13 Mar 2023 10:19:14 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=qHzFXXdJ;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 30DA861365;
	Mon, 13 Mar 2023 17:19:14 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id C56E0C433A1;
	Mon, 13 Mar 2023 17:19:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1678727954;
	bh=VPdVVxcOl8asUzfqTqKWUMYXngN5TDdY71MKyNoMEBo=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=qHzFXXdJpkpI/AKVuOw77Pyx6mgjvGNfZp3Q8Wx7oWybE22IxY3rhDtTWTHGgRtY4
	 p19rMOpuBazTP5JR6wFUhYFtO6k7tyqqNQt98IKlLYy8drxBigyKT2qyvTBvuoAGqs
	 dsm/A19P8xtmnhtaexKgGTWMJxH1p8vzKRbOIimB0X0kccBsdGFQV0ZznFsWS/MVPz
	 crQEgpPoTuqWUqX2xAmCyuDOrNvVVR5BDGoUYfq8BHRKrJwd7WdIGhTfkl98mqThJy
	 0s8YvYuJMrnJbCnXOY4DB5bQJfaKZMbhJQn9ktMa9fvqMfVIJINNAsRriFcIWYOk0F
	 4GEyZ5E0MtDag==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>
Subject: [PATCH v5 38/38] MdeModulePkg DEC: Remove inaccurate comment
Date: Mon, 13 Mar 2023 18:17:14 +0100
Message-Id: <20230313171714.3866151-39-ardb@kernel.org>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230313171714.3866151-1-ardb@kernel.org>
References: <20230313171714.3866151-1-ardb@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

The comment regarding the configured image protection policy states that
data regions of a loaded image may be mapped NX based on the configured
NX memory policy for boot/runtime services or loader data regions.

This is inaccurate: all image sections will be covered by the same code
region in the memory map, so the NX protection policy for data regions
has no bearing on this whatsoever.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 MdeModulePkg/MdeModulePkg.dec | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 720dec58dfc4..b42af1faee25 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -1356,10 +1356,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
   #    BIT0       - Image from unknown device. <BR>=0D
   #    BIT1       - Image from firmware volume.<BR>=0D
   #  <BR>=0D
-  #  Note: If a bit is cleared, the data section could be still non-execut=
able if=0D
-  #  PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderData, EfiBootS=
ervicesData=0D
-  #  and/or EfiRuntimeServicesData.<BR>=0D
-  #  <BR>=0D
   # @Prompt Set image protection policy.=0D
   # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F=0D
   gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT3=
2|0x00001047=0D
--=20
2.39.2