From nobody Sun Feb 8 17:21:13 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108889+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108889+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171504; cv=none; d=zohomail.com; s=zohoarc; b=kQlJu8i3/eAFCF89WWHKKOKi1eOyn5Gjrazuh5Uk6DzeXwJITv63VTIl5cpZP+rAg4n+MOk+Cp6fnHla2UeCAXR15UOjfJDow6wlISGFsxVOtqyjuyT1HoESHgiqoVjdGa3i2jcJ27FDFv/gkMGzbwHOODklRGJ9Lm2mlOFaWB4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171504; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=TA+ay0NQMpxTpiuwyrGlYsKLNR4v0rxSgV3OqgLHsmY=; b=E/DAfJVy84BasIbrSaaQW+Nas8vDEupUCWKlY8PqSnOgr7bvj9TQfunsT5MwdjTX15Ckg23V2On1xn0MKo/FiOzYvBW40D8tiEwKzq1uFfz/Z/4HKbZLxo6nCTXo8ikgk9W8qOQ6LyCLmrngWdpczi4Orq9Nbbzxz4fekrJdJwE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108889+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171504487953.550287393578; Tue, 19 Sep 2023 17:58:24 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=z90ab16z4hKu8l2epu1ESTAoQ6hmJUDvxTVKtpY6zhs=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171504; v=1; b=QJa6N4tc4DQ3Kk5s5A2YTghGqPPgnKfZ7DJ2eFtNj2Ah4DtSQts9zu0jV8NveIzzbpdoj3n3 B8AqeZPmob/Cr9T1B2pP5kj78k9HV2h68HApnHWPHbNsSAE2JEeIvzmjMTeWG2XoJONpwEMI5Im Dzpm3F8x86HWVUJpf6/gLF0U= X-Received: by 127.0.0.2 with SMTP id mfSGYY1788612xyrUTOnhJYe; Tue, 19 Sep 2023 17:58:24 -0700 X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.26934.1695171503626976523 for ; Tue, 19 Sep 2023 17:58:23 -0700 X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56349935ad.1 for ; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) X-Gm-Message-State: 37k5ULSZFVLynEJ8kZOmTR9Tx1787277AA= X-Google-Smtp-Source: AGHT+IEP6+gylEUExN30vi+ko3bd/3H0Bu6pL9QZrTtmebudf1c+TMdj80NuTHmlOUJ7bhx7bdUNNw== X-Received: by 2002:a17:902:b710:b0:1c5:be64:2c86 with SMTP id d16-20020a170902b71000b001c5be642c86mr55794pls.10.1695171502967; Tue, 19 Sep 2023 17:58:22 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:22 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Leif Lindholm , Sami Mujawar , Gerd Hoffmann Subject: [edk2-devel] [PATCH v4 27/28] ArmVirtPkg: Delete Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:50 -0700 Message-ID: <20230920005752.2041-28-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171506506100115 Content-Type: text/plain; charset="utf-8" Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Sami Mujawar Cc: Gerd Hoffmann --- ArmVirtPkg/ArmVirt.dsc.inc | 15 --------------- ArmVirtPkg/ArmVirtCloudHv.dsc | 5 ----- ArmVirtPkg/ArmVirtQemu.dsc | 5 ----- 3 files changed, 25 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index f76601503cd9..9b9d18a6e6c1 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -360,21 +360,6 @@ [PcdsFixedAtBuild.common] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderCode|20 gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiLoaderData|0 =20 - # - # Enable strict image permissions for all images. (This applies - # only to images that were built with >=3D 4 KB section alignment.) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3 - - # - # Enable NX memory protection for all non-code regions, including OEM an= d OS - # reserved ones, with the exception of LoaderData regions, of which OS l= oaders - # (i.e., GRUB) may assume that its contents are executable. - # - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC0000000= 00007FD5 - - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE - [Components.common] # # Ramdisk support diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc index 2cb89ce10cf6..c87b71ccc28e 100644 --- a/ArmVirtPkg/ArmVirtCloudHv.dsc +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc @@ -140,11 +140,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 =20 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE # override the default values from SecurityPkg to ensure images from all= sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc index 30e3cfc8b9cc..7dedbd912b2c 100644 --- a/ArmVirtPkg/ArmVirtQemu.dsc +++ b/ArmVirtPkg/ArmVirtQemu.dsc @@ -212,11 +212,6 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 =20 - # - # Enable the non-executable DXE stack. (This gets set up by DxeIpl) - # - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE - !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE # override the default values from SecurityPkg to ensure images from all= sources are verified in secure boot gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04 --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108889): https://edk2.groups.io/g/devel/message/108889 Mute This Topic: https://groups.io/mt/101469967/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-