From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 90EB0740034 for ; Fri, 18 Aug 2023 22:58:14 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=hsVi4TAxcUtqPtKHhi+lfjGURCYRzw6H/C+3+1ODllk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1692399493; v=1; b=pcItB/iJ5gOOD7jOoZiXMCpGHdYaJEpYARGomNV3qnfTKAwZljvtNTQkhfM3INzHd1HKrRrL ZeTajJ0YlXCmJNWtYbVKhhbNaKWvgThdH8E+HhV6oEahXSlASCyqRISfeHvFeIp9P8VGTPKVrLd gWyoqwjbVTf2CI4st/n/xui8= X-Received: by 127.0.0.2 with SMTP id Ci7xYY7687511x5CAqVTMji2; Fri, 18 Aug 2023 15:58:13 -0700 X-Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.3194.1692397960614862384 for ; Fri, 18 Aug 2023 15:32:40 -0700 X-Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-68879c4cadeso1201241b3a.2 for ; Fri, 18 Aug 2023 15:32:40 -0700 (PDT) X-Gm-Message-State: mWpxre4xLnaz6mGSMkEJ2BkYx7686176AA= X-Google-Smtp-Source: AGHT+IFx9VHgvtWFdycUaOBZESJ1l1yu4p2SKRKmXHnh4a6VM0LV/HlB3Xj/rUMCKln9iZa94ZHZQQ== X-Received: by 2002:a05:6a00:18a8:b0:67e:bf65:ae61 with SMTP id x40-20020a056a0018a800b0067ebf65ae61mr532577pfh.28.1692397959803; Fri, 18 Aug 2023 15:32:39 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 7-20020aa79207000000b0068779015507sm1989330pfo.194.2023.08.18.15.32.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Aug 2023 15:32:39 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v2 24/25] ArmVirtPkg: Delete Memory Protection PCDs Date: Fri, 18 Aug 2023 15:31:56 -0700 Message-ID: <20230818223159.1073-25-taylor.d.beebe@gmail.com> In-Reply-To: <20230818223159.1073-1-taylor.d.beebe@gmail.com> References: <20230818223159.1073-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b="pcItB/iJ"; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann --- ArmVirtPkg/ArmVirt.dsc.inc | 15 --------------- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 ----- ArmVirtPkg/ArmVirtQemu.dsc | 5 ----- 3 files changed, 25 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 6de28d0e0d4e..2df479331ae6 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -360,21 +360,6 @@ [PcdsFixedAtBuild.common] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 - # - # Enable strict image permissions for all images. (This applies - # only to images that were built with >= 4 KB section alignment.) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 - - # - # Enable NX memory protection for all non-code regions, including OEM and OS - # reserved ones, with the exception of LoaderData regions, of which OS loaders - # (i.e., GRUB) may assume that its contents are executable. - # - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 - - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE - [Components.common] # # Ramdisk support diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index c975e139a216..c4c3e0da4491 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -140,11 +140,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 1e0225951aef..214e08b789eb 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -212,11 +212,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 -- 2.41.0.windows.3 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#107879): https://edk2.groups.io/g/devel/message/107879 Mute This Topic: https://groups.io/mt/100830928/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-