From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 0FDCAD8018D for ; Mon, 9 Oct 2023 00:08:22 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=1IaM86UbckgNH2haJijnU3UmTFquV70Qeh2sr83om8E=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1696810101; v=1; b=CqKOr+jTsubNvN/kKaHhaFm7ioHXi5c4qAg4ZV9MR3Du58mnmk1UxWe1bcVjsieAHg/wpaqm lJtmlRM7r+xXHH17rXi5jLm79hOFYbISBV2kH5BRwrBmlbQgcHb1t60ZImEKzvS5o54B0NWEz7R /TcmvrOfp1Twww9XrpCLO7uQ= X-Received: by 127.0.0.2 with SMTP id zyiOYY7687511xgBHv1rPE5N; Sun, 08 Oct 2023 17:08:21 -0700 X-Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.50056.1696810093962303207 for ; Sun, 08 Oct 2023 17:08:14 -0700 X-Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6910ea9cddbso3298812b3a.0 for ; Sun, 08 Oct 2023 17:08:13 -0700 (PDT) X-Gm-Message-State: GeQTmFxqF8ChTcDDlLxqcxBQx7686176AA= X-Google-Smtp-Source: AGHT+IHZR6JDggAz/j/iKXckZ0D26L9iDjch1FRist6TDVc1kxc/ouQSxBOlY7da/gAmPePXnyWUXw== X-Received: by 2002:a05:6a20:8e0e:b0:16b:bd0f:ad0d with SMTP id y14-20020a056a208e0e00b0016bbd0fad0dmr9962778pzj.28.1696810093315; Sun, 08 Oct 2023 17:08:13 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id t20-20020a62ea14000000b0068fcc7f6b00sm5048320pfh.74.2023.10.08.17.08.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 Oct 2023 17:08:12 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v5 27/28] ArmVirtPkg: Delete Memory Protection PCDs Date: Sun, 8 Oct 2023 17:07:39 -0700 Message-ID: <20231009000742.1792-28-taylor.d.beebe@gmail.com> In-Reply-To: <20231009000742.1792-1-taylor.d.beebe@gmail.com> References: <20231009000742.1792-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=CqKOr+jT; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none) Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann --- ArmVirtPkg/ArmVirt.dsc.inc | 15 --------------- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 ----- ArmVirtPkg/ArmVirtQemu.dsc | 5 ----- 3 files changed, 25 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index f76601503cd9..9b9d18a6e6c1 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -360,21 +360,6 @@ [PcdsFixedAtBuild.common] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 - # - # Enable strict image permissions for all images. (This applies - # only to images that were built with >= 4 KB section alignment.) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 - - # - # Enable NX memory protection for all non-code regions, including OEM and OS - # reserved ones, with the exception of LoaderData regions, of which OS loaders - # (i.e., GRUB) may assume that its contents are executable. - # - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5 - - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE - [Components.common] # # Ramdisk support diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index 2cb89ce10cf6..c87b71ccc28e 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -140,11 +140,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 30e3cfc8b9cc..7dedbd912b2c 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -212,11 +212,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) == TRUE # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 -- 2.42.0.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109432): https://edk2.groups.io/g/devel/message/109432 Mute This Topic: https://groups.io/mt/101843371/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-