From: "Taylor Beebe" <taylor.d.beebe@gmail.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>
Subject: [edk2-devel] [PATCH v2 25/25] MdeModulePkg: Delete Memory Protection PCDs
Date: Fri, 18 Aug 2023 15:31:57 -0700 [thread overview]
Message-ID: <20230818223159.1073-26-taylor.d.beebe@gmail.com> (raw)
In-Reply-To: <20230818223159.1073-1-taylor.d.beebe@gmail.com>
Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the memory protection PCDs
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.
Signed-off-by: Taylor Beebe <taylor.d.beebe@gmail.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/MdeModulePkg.dec | 169 --------------------
MdeModulePkg/MdeModulePkg.uni | 153 ------------------
2 files changed, 322 deletions(-)
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 50c26fedaf6f..c701173b9803 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -1004,119 +1004,12 @@ [PcdsFixedAtBuild]
# @ValidList 0x80000006 | 0x03058002
gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable|0x03058002|UINT32|0x30001040
- ## Mask to control the NULL address detection in code for different phases.
- # If enabled, accessing NULL address in UEFI or SMM code can be caught.<BR><BR>
- # BIT0 - Enable NULL pointer detection for UEFI.<BR>
- # BIT1 - Enable NULL pointer detection for SMM.<BR>
- # BIT2..5 - Reserved for future uses.<BR>
- # BIT6 - Enable non-stop mode.<BR>
- # BIT7 - Disable NULL pointer detection just after EndOfDxe. <BR>
- # This is a workaround for those unsolvable NULL access issues in
- # OptionROM, boot loader, etc. It can also help to avoid unnecessary
- # exception caused by legacy memory (0-4095) access after EndOfDxe,
- # such as Windows 7 boot on Qemu.<BR>
- # @Prompt Enable NULL address detection.
- gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask|0x0|UINT8|0x30001050
-
## Init Value in Temp Stack to be shared between SEC and PEI_CORE
# SEC fills the full temp stack with this values. When switch stack, PeiCore can check
# this value in the temp stack to know how many stack has been used.
# @Prompt Init Value in Temp Stack
gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack|0x5AA55AA5|UINT32|0x30001051
- ## Indicates which type allocation need guard page.
- #
- # If a bit is set, a head guard page and a tail guard page will be added just
- # before and after corresponding type of pages allocated if there's enough
- # free pages for all of them. The page allocation for the type related to
- # cleared bits keeps the same as ususal.
- #
- # This PCD is only valid if BIT0 and/or BIT2 are set in PcdHeapGuardPropertyMask.
- #
- # Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>
- # EfiReservedMemoryType 0x0000000000000001<BR>
- # EfiLoaderCode 0x0000000000000002<BR>
- # EfiLoaderData 0x0000000000000004<BR>
- # EfiBootServicesCode 0x0000000000000008<BR>
- # EfiBootServicesData 0x0000000000000010<BR>
- # EfiRuntimeServicesCode 0x0000000000000020<BR>
- # EfiRuntimeServicesData 0x0000000000000040<BR>
- # EfiConventionalMemory 0x0000000000000080<BR>
- # EfiUnusableMemory 0x0000000000000100<BR>
- # EfiACPIReclaimMemory 0x0000000000000200<BR>
- # EfiACPIMemoryNVS 0x0000000000000400<BR>
- # EfiMemoryMappedIO 0x0000000000000800<BR>
- # EfiMemoryMappedIOPortSpace 0x0000000000001000<BR>
- # EfiPalCode 0x0000000000002000<BR>
- # EfiPersistentMemory 0x0000000000004000<BR>
- # OEM Reserved 0x4000000000000000<BR>
- # OS Reserved 0x8000000000000000<BR>
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.<BR>
- # @Prompt The memory type mask for Page Guard.
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType|0x0|UINT64|0x30001052
-
- ## Indicates which type allocation need guard page.
- #
- # If a bit is set, a head guard page and a tail guard page will be added just
- # before and after corresponding type of pages which the allocated pool occupies,
- # if there's enough free memory for all of them. The pool allocation for the
- # type related to cleared bits keeps the same as ususal.
- #
- # This PCD is only valid if BIT1 and/or BIT3 are set in PcdHeapGuardPropertyMask.
- #
- # Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>
- # EfiReservedMemoryType 0x0000000000000001<BR>
- # EfiLoaderCode 0x0000000000000002<BR>
- # EfiLoaderData 0x0000000000000004<BR>
- # EfiBootServicesCode 0x0000000000000008<BR>
- # EfiBootServicesData 0x0000000000000010<BR>
- # EfiRuntimeServicesCode 0x0000000000000020<BR>
- # EfiRuntimeServicesData 0x0000000000000040<BR>
- # EfiConventionalMemory 0x0000000000000080<BR>
- # EfiUnusableMemory 0x0000000000000100<BR>
- # EfiACPIReclaimMemory 0x0000000000000200<BR>
- # EfiACPIMemoryNVS 0x0000000000000400<BR>
- # EfiMemoryMappedIO 0x0000000000000800<BR>
- # EfiMemoryMappedIOPortSpace 0x0000000000001000<BR>
- # EfiPalCode 0x0000000000002000<BR>
- # EfiPersistentMemory 0x0000000000004000<BR>
- # OEM Reserved 0x4000000000000000<BR>
- # OS Reserved 0x8000000000000000<BR>
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.<BR>
- # @Prompt The memory type mask for Pool Guard.
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType|0x0|UINT64|0x30001053
-
- ## This mask is to control Heap Guard behavior.
- #
- # Note:
- # a) Heap Guard is for debug purpose and should not be enabled in product
- # BIOS.
- # b) Due to the limit of pool memory implementation and the alignment
- # requirement of UEFI spec, BIT7 is a try-best setting which cannot
- # guarantee that the returned pool is exactly adjacent to head guard
- # page or tail guard page.
- # c) UEFI freed-memory guard and UEFI pool/page guard cannot be enabled
- # at the same time.
- #
- # BIT0 - Enable UEFI page guard.<BR>
- # BIT1 - Enable UEFI pool guard.<BR>
- # BIT2 - Enable SMM page guard.<BR>
- # BIT3 - Enable SMM pool guard.<BR>
- # BIT4 - Enable UEFI freed-memory guard (Use-After-Free memory detection).<BR>
- # BIT6 - Enable non-stop mode.<BR>
- # BIT7 - The direction of Guard Page for Pool Guard.
- # 0 - The returned pool is near the tail guard page.<BR>
- # 1 - The returned pool is near the head guard page.<BR>
- # @Prompt The Heap Guard feature mask
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x30001054
-
- ## Indicates if UEFI Stack Guard will be enabled.
- # If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.<BR><BR>
- # TRUE - UEFI Stack Guard will be enabled.<BR>
- # FALSE - UEFI Stack Guard will be disabled.<BR>
- # @Prompt Enable UEFI Stack Guard.
- gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055
-
## Indicate debug level of Trace Hub.
# 0x0 - TraceHubDebugLevelError.<BR>
# 0x1 - TraceHubDebugLevelErrorWarning.<BR>
@@ -1393,54 +1286,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule]
# @Prompt Memory profile driver path.
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath|{0x0}|VOID*|0x00001043
- ## Set image protection policy. The policy is bitwise.
- # If a bit is set, the image will be protected by DxeCore if it is aligned.
- # The code section becomes read-only, and the data section becomes non-executable.
- # If a bit is clear, nothing will be done to image code/data sections.<BR><BR>
- # BIT0 - Image from unknown device. <BR>
- # BIT1 - Image from firmware volume.<BR>
- # <BR>
- # Note: If a bit is cleared, the data section could be still non-executable if
- # PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderData, EfiBootServicesData
- # and/or EfiRuntimeServicesData.<BR>
- # <BR>
- # @Prompt Set image protection policy.
- # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F
- gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT32|0x00001047
-
- ## Set DXE memory protection policy. The policy is bitwise.
- # If a bit is set, memory regions of the associated type will be mapped
- # non-executable.<BR>
- # If a bit is cleared, nothing will be done to associated type of memory.<BR>
- # <BR>
- # Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>
- # EfiReservedMemoryType 0x0001<BR>
- # EfiLoaderCode 0x0002<BR>
- # EfiLoaderData 0x0004<BR>
- # EfiBootServicesCode 0x0008<BR>
- # EfiBootServicesData 0x0010<BR>
- # EfiRuntimeServicesCode 0x0020<BR>
- # EfiRuntimeServicesData 0x0040<BR>
- # EfiConventionalMemory 0x0080<BR>
- # EfiUnusableMemory 0x0100<BR>
- # EfiACPIReclaimMemory 0x0200<BR>
- # EfiACPIMemoryNVS 0x0400<BR>
- # EfiMemoryMappedIO 0x0800<BR>
- # EfiMemoryMappedIOPortSpace 0x1000<BR>
- # EfiPalCode 0x2000<BR>
- # EfiPersistentMemory 0x4000<BR>
- # OEM Reserved 0x4000000000000000<BR>
- # OS Reserved 0x8000000000000000<BR>
- #
- # NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServicesCode / EfiRuntimeServicesCode. <BR>
- # User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory. <BR>
- #
- # e.g. 0x7FD5 can be used for all memory except Code. <BR>
- # e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserved. <BR>
- #
- # @Prompt Set DXE memory protection policy.
- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0x0000000|UINT64|0x00001048
-
## PCI Serial Device Info. It is an array of Device, Function, and Power Management
# information that describes the path that contains zero or more PCI to PCI bridges
# followed by a PCI serial device. Each array entry is 4-bytes in length. The
@@ -2029,20 +1874,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
# @Prompt Default Creator Revision for ACPI table creation.
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision|0x01000013|UINT32|0x30001038
- ## Indicates if to set NX for stack.<BR><BR>
- # For the DxeIpl and the DxeCore are both X64, set NX for stack feature also require PcdDxeIplBuildPageTables be TRUE.<BR>
- # For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLongMode is FALSE), set NX for stack feature also require
- # IA32 PAE is supported and Execute Disable Bit is available.<BR>
- # <BR>
- # TRUE - Set NX for stack.<BR>
- # FALSE - Do nothing for stack.<BR>
- # <BR>
- # Note: If this PCD is set to FALSE, NX could be still applied to stack due to PcdDxeNxMemoryProtectionPolicy enabled for
- # EfiBootServicesData.<BR>
- # <BR>
- # @Prompt Set NX for stack.
- gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE|BOOLEAN|0x0001006f
-
## This PCD specifies the PCI-based SD/MMC host controller mmio base address.
# Define the mmio base address of the pci-based SD/MMC host controller. If there are multiple SD/MMC
# host controllers, their mmio base addresses are calculated one by one from this base address.
diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni
index a17d34d60b21..afbbc44761ca 100644
--- a/MdeModulePkg/MdeModulePkg.uni
+++ b/MdeModulePkg/MdeModulePkg.uni
@@ -330,16 +330,6 @@
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSerialRegisterStride_HELP #language en-US "The number of bytes between registers in serial device. The default is 1 byte."
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_PROMPT #language en-US "Set NX for stack"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_HELP #language en-US "Indicates if to set NX for stack.<BR><BR>"
- "For the DxeIpl and the DxeCore are both X64, set NX for stack feature also require PcdDxeIplBuildPageTables be TRUE.<BR>"
- "For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLongMode is FALSE), set NX for stack feature also require"
- "IA32 PAE is supported and Execute Disable Bit is available.<BR>"
- "TRUE - Set NX for stack.<BR>"
- "FALSE - Do nothing for stack.<BR>"
- "Note: If this PCD is set to FALSE, NX could be still applied to stack due to PcdDxeNxMemoryProtectionPolicy enabled for EfiBootServicesData.<BR>"
-
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_PROMPT #language en-US "ACPI S3 Enable"
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_HELP #language en-US "Indicates if ACPI S3 will be enabled.<BR><BR>"
@@ -1096,51 +1086,6 @@
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSmiHandlerProfilePropertyMask_HELP #language en-US "The mask is used to control SmiHandlerProfile behavior.<BR><BR>\n"
"BIT0 - Enable SmiHandlerProfile.<BR>"
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_PROMPT #language en-US "Set image protection policy."
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_HELP #language en-US "Set image protection policy. The policy is bitwise.\n"
- "If a bit is set, the image will be protected by DxeCore if it is aligned.\n"
- "The code section becomes read-only, and the data section becomes non-executable.\n"
- "If a bit is clear, nothing will be done to image code/data sections.<BR><BR>\n"
- "BIT0 - Image from unknown device. <BR>\n"
- "BIT1 - Image from firmware volume.<BR>"
- "Note: If a bit is cleared, the data section could be still non-executable if\n"
- "PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderData, EfiBootServicesData\n"
- "and/or EfiRuntimeServicesData.<BR>"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_PROMPT #language en-US "Set DXE memory protection policy."
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_HELP #language en-US "Set DXE memory protection policy. The policy is bitwise.\n"
- "If a bit is set, memory regions of the associated type will be mapped\n"
- "non-executable.<BR>\n"
- "If a bit is cleared, nothing will be done to associated type of memory.<BR><BR>\n"
- "\n"
- "Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
- "EfiReservedMemoryType 0x0001<BR>\n"
- "EfiLoaderCode 0x0002<BR>\n"
- "EfiLoaderData 0x0004<BR>\n"
- "EfiBootServicesCode 0x0008<BR>\n"
- "EfiBootServicesData 0x0010<BR>\n"
- "EfiRuntimeServicesCode 0x0020<BR>\n"
- "EfiRuntimeServicesData 0x0040<BR>\n"
- "EfiConventionalMemory 0x0080<BR>\n"
- "EfiUnusableMemory 0x0100<BR>\n"
- "EfiACPIReclaimMemory 0x0200<BR>\n"
- "EfiACPIMemoryNVS 0x0400<BR>\n"
- "EfiMemoryMappedIO 0x0800<BR>\n"
- "EfiMemoryMappedIOPortSpace 0x1000<BR>\n"
- "EfiPalCode 0x2000<BR>\n"
- "EfiPersistentMemory 0x4000<BR>\n"
- "OEM Reserved 0x4000000000000000<BR>\n"
- "OS Reserved 0x8000000000000000<BR>\n"
- "\n"
- "NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServicesCode / EfiRuntimeServicesCode. <BR>\n"
- "User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory. <BR>\n"
- "\n"
- "e.g. 0x7FD5 can be used for all memory except Code. <BR>\n"
- "e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserved. <BR>\n"
- ""
-
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_PROMPT #language en-US "The address mask when memory encryption is enabled."
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOrMask_HELP #language en-US "This PCD holds the address mask for page table entries when memory encryption is\n"
@@ -1186,110 +1131,12 @@
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCodRelocationDevPath_HELP #language en-US "Full device path of platform specific device to store Capsule On Disk temp relocation file.<BR>"
"If this PCD is set, Capsule On Disk temp relocation file will be stored in the device specified by this PCD, instead of the EFI System Partition that stores capsule image file."
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionPropertyMask_PROMPT #language en-US "Enable NULL pointer detection"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionPropertyMask_HELP #language en-US "Mask to control the NULL address detection in code for different phases.\n"
- " If enabled, accessing NULL address in UEFI or SMM code can be caught.\n\n"
- " BIT0 - Enable NULL pointer detection for UEFI.\n"
- " BIT1 - Enable NULL pointer detection for SMM.\n"
- " BIT2..6 - Reserved for future uses.\n"
- " BIT7 - Disable NULL pointer detection just after EndOfDxe."
- " This is a workaround for those unsolvable NULL access issues in"
- " OptionROM, boot loader, etc. It can also help to avoid unnecessary"
- " exception caused by legacy memory (0-4095) access after EndOfDxe,"
- " such as Windows 7 boot on Qemu.\n"
-
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_PROMPT #language en-US "Init Value in Temp Stack"
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_HELP #language en-US "Init Value in Temp Stack to be shared between SEC and PEI_CORE\n"
"SEC fills the full temp stack with this values. When switch stack, PeiCore can check\n"
"this value in the temp stack to know how many stack has been used.\n"
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_PROMPT #language en-US "The memory type mask for Page Guard"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_HELP #language en-US "Indicates which type allocation need guard page.\n\n"
- " If a bit is set, a head guard page and a tail guard page will be added just\n"
- " before and after corresponding type of pages allocated if there's enough\n"
- " free pages for all of them. The page allocation for the type related to\n"
- " cleared bits keeps the same as ususal.\n\n"
- " This PCD is only valid if BIT0 and/or BIT2 are set in PcdHeapGuardPropertyMask.\n\n"
- " Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
- " EfiReservedMemoryType 0x0000000000000001\n"
- " EfiLoaderCode 0x0000000000000002\n"
- " EfiLoaderData 0x0000000000000004\n"
- " EfiBootServicesCode 0x0000000000000008\n"
- " EfiBootServicesData 0x0000000000000010\n"
- " EfiRuntimeServicesCode 0x0000000000000020\n"
- " EfiRuntimeServicesData 0x0000000000000040\n"
- " EfiConventionalMemory 0x0000000000000080\n"
- " EfiUnusableMemory 0x0000000000000100\n"
- " EfiACPIReclaimMemory 0x0000000000000200\n"
- " EfiACPIMemoryNVS 0x0000000000000400\n"
- " EfiMemoryMappedIO 0x0000000000000800\n"
- " EfiMemoryMappedIOPortSpace 0x0000000000001000\n"
- " EfiPalCode 0x0000000000002000\n"
- " EfiPersistentMemory 0x0000000000004000\n"
- " OEM Reserved 0x4000000000000000\n"
- " OS Reserved 0x8000000000000000\n"
- " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.<BR>"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_PROMPT #language en-US "The memory type mask for Pool Guard"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_HELP #language en-US "Indicates which type allocation need guard page.\n\n"
- " If a bit is set, a head guard page and a tail guard page will be added just\n"
- " before and after corresponding type of pages which the allocated pool occupies,\n"
- " if there's enough free memory for all of them. The pool allocation for the\n"
- " type related to cleared bits keeps the same as ususal.\n\n"
- " This PCD is only valid if BIT1 and/or BIT3 are set in PcdHeapGuardPropertyMask.\n\n"
- " Below is bit mask for this PCD: (Order is same as UEFI spec)<BR>\n"
- " EfiReservedMemoryType 0x0000000000000001\n"
- " EfiLoaderCode 0x0000000000000002\n"
- " EfiLoaderData 0x0000000000000004\n"
- " EfiBootServicesCode 0x0000000000000008\n"
- " EfiBootServicesData 0x0000000000000010\n"
- " EfiRuntimeServicesCode 0x0000000000000020\n"
- " EfiRuntimeServicesData 0x0000000000000040\n"
- " EfiConventionalMemory 0x0000000000000080\n"
- " EfiUnusableMemory 0x0000000000000100\n"
- " EfiACPIReclaimMemory 0x0000000000000200\n"
- " EfiACPIMemoryNVS 0x0000000000000400\n"
- " EfiMemoryMappedIO 0x0000000000000800\n"
- " EfiMemoryMappedIOPortSpace 0x0000000000001000\n"
- " EfiPalCode 0x0000000000002000\n"
- " EfiPersistentMemory 0x0000000000004000\n"
- " OEM Reserved 0x4000000000000000\n"
- " OS Reserved 0x8000000000000000\n"
- " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are needed, 0x1E should be used.<BR>"
-
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_PROMPT #language en-US "The Heap Guard feature mask"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_HELP #language en-US "This mask is to control Heap Guard behavior.\n"
- " Note:\n"
- " a) Heap Guard is for debug purpose and should not be enabled in product"
- " BIOS.\n"
- " b) Due to the limit of pool memory implementation and the alignment"
- " requirement of UEFI spec, BIT7 is a try-best setting which cannot"
- " guarantee that the returned pool is exactly adjacent to head guard"
- " page or tail guard page.\n"
- " c) UEFI freed-memory guard and UEFI pool/page guard cannot be enabled"
- " at the same time.\n"
- " BIT0 - Enable UEFI page guard.<BR>\n"
- " BIT1 - Enable UEFI pool guard.<BR>\n"
- " BIT2 - Enable SMM page guard.<BR>\n"
- " BIT3 - Enable SMM pool guard.<BR>\n"
- " BIT4 - Enable UEFI freed-memory guard (Use-After-Free memory detection).<BR>\n"
- " BIT7 - The direction of Guard Page for Pool Guard.\n"
- " 0 - The returned pool is near the tail guard page.<BR>\n"
- " 1 - The returned pool is near the head guard page.<BR>"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_PROMPT #language en-US "Enable UEFI Stack Guard"
-
-#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_HELP #language en-US "Indicates if UEFI Stack Guard will be enabled.\n"
- " If enabled, stack overflow in UEFI can be caught, preventing chaotic consequences.<BR><BR>\n"
- " TRUE - UEFI Stack Guard will be enabled.<BR>\n"
- " FALSE - UEFI Stack Guard will be disabled.<BR>"
-
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_PROMPT #language en-US "Debug level of Trace Hub."
#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_HELP #language en-US "Indicate debug level of Trace Hub"
--
2.41.0.windows.3
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107880): https://edk2.groups.io/g/devel/message/107880
Mute This Topic: https://groups.io/mt/100830929/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-08-18 22:58 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-18 22:31 [edk2-devel] [PATCH v2 00/25] Implement Dynamic Memory Protections Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 01/25] MdeModulePkg: Add DXE and MM Memory Protection Settings Definitions Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 02/25] MdeModulePkg: Define SetMemoryProtectionsLib and GetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 03/25] MdeModulePkg: Add NULL Instances for Get/SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 04/25] MdeModulePkg: Implement SetMemoryProtectionsLib and GetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 05/25] MdeModulePkg: Apply Protections to the HOB List Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 06/25] MdeModulePkg: Check Print Level Before Dumping GCD Memory Map Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 07/25] UefiCpuPkg: Always Set Stack Guard in MpPei Init Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 08/25] ArmVirtPkg: Add Memory Protection Library Definitions to Platforms Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 09/25] OvmfPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 10/25] OvmfPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 11/25] OvmfPkg: Update PeilessStartupLib to use SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 12/25] UefiPayloadPkg: Update DXE Handoff " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 13/25] MdeModulePkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 14/25] ArmPkg: Use GetMemoryProtectionsLib instead of Memory Protection PCDs Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 15/25] EmulatorPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 16/25] OvmfPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 17/25] UefiCpuPkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 18/25] MdeModulePkg: " Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 19/25] MdeModulePkg: Add Additional Profiles to SetMemoryProtectionsLib Taylor Beebe
2023-08-29 10:46 ` Gerd Hoffmann
2023-08-29 16:08 ` Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 20/25] OvmfPkg: Enable Choosing Memory Protection Profile via QemuCfg Taylor Beebe
2023-08-29 11:17 ` Gerd Hoffmann
2023-08-29 16:26 ` Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 21/25] ArmVirtPkg: Apply Memory Protections via SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 22/25] MdeModulePkg: Delete PCD Profile from SetMemoryProtectionsLib Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 23/25] OvmfPkg: Delete Memory Protection PCDs Taylor Beebe
2023-08-18 22:31 ` [edk2-devel] [PATCH v2 24/25] ArmVirtPkg: " Taylor Beebe
2023-08-18 22:31 ` Taylor Beebe [this message]
2023-08-19 22:13 ` [edk2-devel] [PATCH v2 00/25] Implement Dynamic Memory Protections Pedro Falcato
2023-08-21 16:19 ` Taylor Beebe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230818223159.1073-26-taylor.d.beebe@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox