From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+108889+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id CBD247803CF
	for <rebecca@openfw.io>; Wed, 20 Sep 2023 00:58:32 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=hAWs0QLeCx/nU58Wuw9C5HlMbx+AxSL2PXUJ/SuttTU=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1695171511; v=1;
 b=i01EnLnbN5uTUyntcuDhQlaWd+XnREWQcaf5ZNcMxOOrA76TEN8tVVWsIh620lyG/6GZAjmY
 rRzW5DMoPeM8w9i4BKkJ4DUNvpM6MxtPXOHxTb7vKzNg1pWpEOVBIZJfFVqoXHU2dhAb+DVnz/C
 LjTEjad2v/DTGnuNAIO0zICA=
X-Received: by 127.0.0.2 with SMTP id VGbNYY7687511x3mb6bGK6L8; Tue, 19 Sep 2023 17:58:31 -0700
X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169])
 by mx.groups.io with SMTP id smtpd.web11.26934.1695171503626976523
 for <devel@edk2.groups.io>;
 Tue, 19 Sep 2023 17:58:23 -0700
X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56349935ad.1
        for <devel@edk2.groups.io>; Tue, 19 Sep 2023 17:58:23 -0700 (PDT)
X-Gm-Message-State: 9lf68pgtB7SbFnnbppus1KZ7x7686176AA=
X-Google-Smtp-Source: AGHT+IEP6+gylEUExN30vi+ko3bd/3H0Bu6pL9QZrTtmebudf1c+TMdj80NuTHmlOUJ7bhx7bdUNNw==
X-Received: by 2002:a17:902:b710:b0:1c5:be64:2c86 with SMTP id d16-20020a170902b71000b001c5be642c86mr55794pls.10.1695171502967;
        Tue, 19 Sep 2023 17:58:22 -0700 (PDT)
X-Received: from localhost.localdomain ([50.46.253.1])
        by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.22
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Sep 2023 17:58:22 -0700 (PDT)
From: "Taylor Beebe" <taylor.d.beebe@gmail.com>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH v4 27/28] ArmVirtPkg: Delete Memory Protection PCDs
Date: Tue, 19 Sep 2023 17:57:50 -0700
Message-ID: <20230920005752.2041-28-taylor.d.beebe@gmail.com>
In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com>
References: <20230920005752.2041-1-taylor.d.beebe@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=i01EnLnb;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Now that the transition to use SetMemoryProtectionsLib and
GetMemoryProtectionsLib is complete, delete the memory protection PCDs
to avoid confusing the interface. All memory protection settings
will now be set and consumed via the libraries.

Signed-off-by: Taylor Beebe <taylor.d.beebe@gmail.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
---
 ArmVirtPkg/ArmVirt.dsc.inc    | 15 ---------------
 ArmVirtPkg/ArmVirtCloudHv.dsc |  5 -----
 ArmVirtPkg/ArmVirtQemu.dsc    |  5 -----
 3 files changed, 25 deletions(-)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index f76601503cd9..9b9d18a6e6c1 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -360,21 +360,6 @@ [PcdsFixedAtBuild.common]
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0
 
-  #
-  # Enable strict image permissions for all images. (This applies
-  # only to images that were built with >= 4 KB section alignment.)
-  #
-  gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3
-
-  #
-  # Enable NX memory protection for all non-code regions, including OEM and OS
-  # reserved ones, with the exception of LoaderData regions, of which OS loaders
-  # (i.e., GRUB) may assume that its contents are executable.
-  #
-  gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5
-
-  gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE
-
 [Components.common]
   #
   # Ramdisk support
diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc
index 2cb89ce10cf6..c87b71ccc28e 100644
--- a/ArmVirtPkg/ArmVirtCloudHv.dsc
+++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
@@ -140,11 +140,6 @@ [PcdsFixedAtBuild.common]
   #
   gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16
 
-  #
-  # Enable the non-executable DXE stack. (This gets set up by DxeIpl)
-  #
-  gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE
-
 !if $(SECURE_BOOT_ENABLE) == TRUE
   # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04
diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 30e3cfc8b9cc..7dedbd912b2c 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -212,11 +212,6 @@ [PcdsFixedAtBuild.common]
   #
   gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16
 
-  #
-  # Enable the non-executable DXE stack. (This gets set up by DxeIpl)
-  #
-  gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE
-
 !if $(SECURE_BOOT_ENABLE) == TRUE
   # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04
-- 
2.42.0.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108889): https://edk2.groups.io/g/devel/message/108889
Mute This Topic: https://groups.io/mt/101469967/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-