From nobody Sun Feb 8 12:37:58 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108890+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108890+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1695171505; cv=none; d=zohomail.com; s=zohoarc; b=fk/yBbL54b2N2BnihjiCQka4O4KTYl/mLHHTGo5g8/7zbKZA4+w4eO9wDgO4pN0zkIHp6Xhr3Vk9sfsYK32ntF0xBe173kkoMvWLNKwDka9fUg7q9QjDWcw+KR8OgfF+tTTx8MC8F157YWmCT1u4TfoNzjQHNin2vHcuoTdWeGg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1695171505; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=X8PHm2eZxbibzcAFr3fZh/0hMTaLEDMgDnIJdYTlur0=; b=NjMLAUxVqNnOplPCrI/IkGgZ9HMaYl8sV4ZdOY0XNwNYx6wwRt44W777GDUjU81xKxObvqV6WBWR7K/FluybfQMbSiikCdBF3u711iLVXRXwJb4lycuqFbHety5kBQA3IRZzzBiHBbjNUSqFQVn4mcDB6Bwv7WBvd4qUw8k3vVw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108890+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1695171505533433.0244517500148; Tue, 19 Sep 2023 17:58:25 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=KyamjO+/hWzpyGeGemo4on87yVbaXtGQSHxQw+lArBE=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1695171505; v=1; b=dn63XYqzWBufpL3kEjxFpsPKC2rTX190Ohp+515WJo/rwmrQfdW4TdUusvPdE9XPtfq3rBc4 LfWy4//l25VjIKu1I5XuaCFffgpQnVeMk8klvEOYf/fno6LNukdPpWFG8UUMaqhn1ze0gnzRllO yTattcnlKZQhuRNneHequXtQ= X-Received: by 127.0.0.2 with SMTP id 250nYY1788612xLOQ4bVGkTI; Tue, 19 Sep 2023 17:58:25 -0700 X-Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web11.26935.1695171504550013906 for ; Tue, 19 Sep 2023 17:58:24 -0700 X-Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-1c3cbfa40d6so56350085ad.1 for ; Tue, 19 Sep 2023 17:58:24 -0700 (PDT) X-Gm-Message-State: 7MmJRye9gXQptpcdcUaZueQ2x1787277AA= X-Google-Smtp-Source: AGHT+IGsrzvYDP16RnKwt17S9uEv2kbUXBUhOlEXVS0u5DRMIORC0OGYeA1laZIQPwykp/l5SDxQBg== X-Received: by 2002:a17:902:f688:b0:1bf:11ce:c6ae with SMTP id l8-20020a170902f68800b001bf11cec6aemr1266959plg.18.1695171503603; Tue, 19 Sep 2023 17:58:23 -0700 (PDT) X-Received: from localhost.localdomain ([50.46.253.1]) by smtp.gmail.com with ESMTPSA id 13-20020a170902c24d00b001bb988ac243sm10563576plg.297.2023.09.19.17.58.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 17:58:23 -0700 (PDT) From: "Taylor Beebe" To: devel@edk2.groups.io Cc: Jian J Wang , Liming Gao Subject: [edk2-devel] [PATCH v4 28/28] MdeModulePkg: Delete Memory Protection PCDs Date: Tue, 19 Sep 2023 17:57:51 -0700 Message-ID: <20230920005752.2041-29-taylor.d.beebe@gmail.com> In-Reply-To: <20230920005752.2041-1-taylor.d.beebe@gmail.com> References: <20230920005752.2041-1-taylor.d.beebe@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,taylor.d.beebe@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1695171506291100112 Content-Type: text/plain; charset="utf-8" Now that the transition to use SetMemoryProtectionsLib and GetMemoryProtectionsLib is complete, delete the memory protection PCDs to avoid confusing the interface. All memory protection settings will now be set and consumed via the libraries. Signed-off-by: Taylor Beebe Cc: Jian J Wang Cc: Liming Gao --- MdeModulePkg/MdeModulePkg.dec | 169 -------------------- MdeModulePkg/MdeModulePkg.uni | 153 ------------------ 2 files changed, 322 deletions(-) diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 6ad0902a1bff..5aed6a787739 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -1007,119 +1007,12 @@ [PcdsFixedAtBuild] # @ValidList 0x80000006 | 0x03058002 gEfiMdeModulePkgTokenSpaceGuid.PcdErrorCodeSetVariable|0x03058002|UINT32= |0x30001040 =20 - ## Mask to control the NULL address detection in code for different phas= es. - # If enabled, accessing NULL address in UEFI or SMM code can be caught.=

- # BIT0 - Enable NULL pointer detection for UEFI.
- # BIT1 - Enable NULL pointer detection for SMM.
- # BIT2..5 - Reserved for future uses.
- # BIT6 - Enable non-stop mode.
- # BIT7 - Disable NULL pointer detection just after EndOfDxe.
- # This is a workaround for those unsolvable NULL access iss= ues in - # OptionROM, boot loader, etc. It can also help to avoid un= necessary - # exception caused by legacy memory (0-4095) access after E= ndOfDxe, - # such as Windows 7 boot on Qemu.
- # @Prompt Enable NULL address detection. - gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask|0x0|U= INT8|0x30001050 - ## Init Value in Temp Stack to be shared between SEC and PEI_CORE # SEC fills the full temp stack with this values. When switch stack, Pei= Core can check # this value in the temp stack to know how many stack has been used. # @Prompt Init Value in Temp Stack gEfiMdeModulePkgTokenSpaceGuid.PcdInitValueInTempStack|0x5AA55AA5|UINT32= |0x30001051 =20 - ## Indicates which type allocation need guard page. - # - # If a bit is set, a head guard page and a tail guard page will be added= just - # before and after corresponding type of pages allocated if there's enou= gh - # free pages for all of them. The page allocation for the type related to - # cleared bits keeps the same as ususal. - # - # This PCD is only valid if BIT0 and/or BIT2 are set in PcdHeapGuardProp= ertyMask. - # - # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0000000000000001
- # EfiLoaderCode 0x0000000000000002
- # EfiLoaderData 0x0000000000000004
- # EfiBootServicesCode 0x0000000000000008
- # EfiBootServicesData 0x0000000000000010
- # EfiRuntimeServicesCode 0x0000000000000020
- # EfiRuntimeServicesData 0x0000000000000040
- # EfiConventionalMemory 0x0000000000000080
- # EfiUnusableMemory 0x0000000000000100
- # EfiACPIReclaimMemory 0x0000000000000200
- # EfiACPIMemoryNVS 0x0000000000000400
- # EfiMemoryMappedIO 0x0000000000000800
- # EfiMemoryMappedIOPortSpace 0x0000000000001000
- # EfiPalCode 0x0000000000002000
- # EfiPersistentMemory 0x0000000000004000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are neede= d, 0x1E should be used.
- # @Prompt The memory type mask for Page Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType|0x0|UINT64|0x30001052 - - ## Indicates which type allocation need guard page. - # - # If a bit is set, a head guard page and a tail guard page will be added= just - # before and after corresponding type of pages which the allocated pool = occupies, - # if there's enough free memory for all of them. The pool allocation for= the - # type related to cleared bits keeps the same as ususal. - # - # This PCD is only valid if BIT1 and/or BIT3 are set in PcdHeapGuardProp= ertyMask. - # - # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0000000000000001
- # EfiLoaderCode 0x0000000000000002
- # EfiLoaderData 0x0000000000000004
- # EfiBootServicesCode 0x0000000000000008
- # EfiBootServicesData 0x0000000000000010
- # EfiRuntimeServicesCode 0x0000000000000020
- # EfiRuntimeServicesData 0x0000000000000040
- # EfiConventionalMemory 0x0000000000000080
- # EfiUnusableMemory 0x0000000000000100
- # EfiACPIReclaimMemory 0x0000000000000200
- # EfiACPIMemoryNVS 0x0000000000000400
- # EfiMemoryMappedIO 0x0000000000000800
- # EfiMemoryMappedIOPortSpace 0x0000000000001000
- # EfiPalCode 0x0000000000002000
- # EfiPersistentMemory 0x0000000000004000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesData are neede= d, 0x1E should be used.
- # @Prompt The memory type mask for Pool Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType|0x0|UINT64|0x30001053 - - ## This mask is to control Heap Guard behavior. - # - # Note: - # a) Heap Guard is for debug purpose and should not be enabled in prod= uct - # BIOS. - # b) Due to the limit of pool memory implementation and the alignment - # requirement of UEFI spec, BIT7 is a try-best setting which cannot - # guarantee that the returned pool is exactly adjacent to head guard - # page or tail guard page. - # c) UEFI freed-memory guard and UEFI pool/page guard cannot be enabled - # at the same time. - # - # BIT0 - Enable UEFI page guard.
- # BIT1 - Enable UEFI pool guard.
- # BIT2 - Enable SMM page guard.
- # BIT3 - Enable SMM pool guard.
- # BIT4 - Enable UEFI freed-memory guard (Use-After-Free memory detecti= on).
- # BIT6 - Enable non-stop mode.
- # BIT7 - The direction of Guard Page for Pool Guard. - # 0 - The returned pool is near the tail guard page.
- # 1 - The returned pool is near the head guard page.
- # @Prompt The Heap Guard feature mask - gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask|0x0|UINT8|0x3000= 1054 - - ## Indicates if UEFI Stack Guard will be enabled. - # If enabled, stack overflow in UEFI can be caught, preventing chaotic = consequences.

- # TRUE - UEFI Stack Guard will be enabled.
- # FALSE - UEFI Stack Guard will be disabled.
- # @Prompt Enable UEFI Stack Guard. - gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|FALSE|BOOLEAN|0x30001055 - ## Indicate debug level of Trace Hub. # 0x0 - TraceHubDebugLevelError.
# 0x1 - TraceHubDebugLevelErrorWarning.
@@ -1396,54 +1289,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule] # @Prompt Memory profile driver path. gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath|{0x0}|VOID*|0x= 00001043 =20 - ## Set image protection policy. The policy is bitwise. - # If a bit is set, the image will be protected by DxeCore if it is alig= ned. - # The code section becomes read-only, and the data section becomes non= -executable. - # If a bit is clear, nothing will be done to image code/data sections.<= BR>
- # BIT0 - Image from unknown device.
- # BIT1 - Image from firmware volume.
- #
- # Note: If a bit is cleared, the data section could be still non-execut= able if - # PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderData, EfiBootS= ervicesData - # and/or EfiRuntimeServicesData.
- #
- # @Prompt Set image protection policy. - # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F - gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x00000002|UINT3= 2|0x00001047 - - ## Set DXE memory protection policy. The policy is bitwise. - # If a bit is set, memory regions of the associated type will be mapped - # non-executable.
- # If a bit is cleared, nothing will be done to associated type of memor= y.
- #
- # Below is bit mask for this PCD: (Order is same as UEFI spec)
- # EfiReservedMemoryType 0x0001
- # EfiLoaderCode 0x0002
- # EfiLoaderData 0x0004
- # EfiBootServicesCode 0x0008
- # EfiBootServicesData 0x0010
- # EfiRuntimeServicesCode 0x0020
- # EfiRuntimeServicesData 0x0040
- # EfiConventionalMemory 0x0080
- # EfiUnusableMemory 0x0100
- # EfiACPIReclaimMemory 0x0200
- # EfiACPIMemoryNVS 0x0400
- # EfiMemoryMappedIO 0x0800
- # EfiMemoryMappedIOPortSpace 0x1000
- # EfiPalCode 0x2000
- # EfiPersistentMemory 0x4000
- # OEM Reserved 0x4000000000000000
- # OS Reserved 0x8000000000000000
- # - # NOTE: User must NOT set NX protection for EfiLoaderCode / EfiBootServi= cesCode / EfiRuntimeServicesCode.
- # User MUST set the same NX protection for EfiBootServicesData and= EfiConventionalMemory.
- # - # e.g. 0x7FD5 can be used for all memory except Code.
- # e.g. 0x7BD4 can be used for all memory except Code and ACPINVS/Reserve= d.
- # - # @Prompt Set DXE memory protection policy. - gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0x0000000|= UINT64|0x00001048 - ## PCI Serial Device Info. It is an array of Device, Function, and Power= Management # information that describes the path that contains zero or more PCI to= PCI bridges # followed by a PCI serial device. Each array entry is 4-bytes in leng= th. The @@ -2032,20 +1877,6 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynami= c, PcdsDynamicEx] # @Prompt Default Creator Revision for ACPI table creation. gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision|0x01000013|= UINT32|0x30001038 =20 - ## Indicates if to set NX for stack.

- # For the DxeIpl and the DxeCore are both X64, set NX for stack feature= also require PcdDxeIplBuildPageTables be TRUE.
- # For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLongMo= de is FALSE), set NX for stack feature also require - # IA32 PAE is supported and Execute Disable Bit is available.
- #
- # TRUE - Set NX for stack.
- # FALSE - Do nothing for stack.
- #
- # Note: If this PCD is set to FALSE, NX could be still applied to stack= due to PcdDxeNxMemoryProtectionPolicy enabled for - # EfiBootServicesData.
- #
- # @Prompt Set NX for stack. - gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE|BOOLEAN|0x0001006f - ## This PCD specifies the PCI-based SD/MMC host controller mmio base add= ress. # Define the mmio base address of the pci-based SD/MMC host controller. = If there are multiple SD/MMC # host controllers, their mmio base addresses are calculated one by one = from this base address. diff --git a/MdeModulePkg/MdeModulePkg.uni b/MdeModulePkg/MdeModulePkg.uni index a17d34d60b21..afbbc44761ca 100644 --- a/MdeModulePkg/MdeModulePkg.uni +++ b/MdeModulePkg/MdeModulePkg.uni @@ -330,16 +330,6 @@ =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSerialRegisterStride_HELP #= language en-US "The number of bytes between registers in serial device. Th= e default is 1 byte." =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_PROMPT #langu= age en-US "Set NX for stack" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSetNxForStack_HELP #languag= e en-US "Indicates if to set NX for stack.

" - = "For the DxeIpl and the DxeCore are both X64, set NX for stack feat= ure also require PcdDxeIplBuildPageTables be TRUE.
" - = "For the DxeIpl and the DxeCore are both IA32 (PcdDxeIplSwitchToLon= gMode is FALSE), set NX for stack feature also require" - = "IA32 PAE is supported and Execute Disable Bit is available.
" - = "TRUE - Set NX for stack.
" - = "FALSE - Do nothing for stack.
" - = "Note: If this PCD is set to FALSE, NX could be still applied to st= ack due to PcdDxeNxMemoryProtectionPolicy enabled for EfiBootServicesData.<= BR>" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_PROMPT #langua= ge en-US "ACPI S3 Enable" =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdAcpiS3Enable_HELP #language= en-US "Indicates if ACPI S3 will be enabled.

" @@ -1096,51 +1086,6 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdSmiHandlerProfilePropertyMas= k_HELP #language en-US "The mask is used to control SmiHandlerProfile beha= vior.

\n" = "BIT0 - Enable SmiHandlerProfile.
" =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_PROMPT= #language en-US "Set image protection policy." - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdImageProtectionPolicy_HELP = #language en-US "Set image protection policy. The policy is bitwise.\n" - = "If a bit is set, the image will be protected by DxeCore if= it is aligned.\n" - = "The code section becomes read-only, and the data section b= ecomes non-executable.\n" - = "If a bit is clear, nothing will be done to image code/data= sections.

\n" - = "BIT0 - Image from unknown device.
\n" - = "BIT1 - Image from firmware volume.
" - = "Note: If a bit is cleared, the data section could be still= non-executable if\n" - = "PcdDxeNxMemoryProtectionPolicy is enabled for EfiLoaderDat= a, EfiBootServicesData\n" - = "and/or EfiRuntimeServicesData.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_= PROMPT #language en-US "Set DXE memory protection policy." - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdDxeNxMemoryProtectionPolicy_= HELP #language en-US "Set DXE memory protection policy. The policy is bitw= ise.\n" - = "If a bit is set, memory regions of the associated ty= pe will be mapped\n" - = "non-executable.
\n" - = "If a bit is cleared, nothing will be done to associa= ted type of memory.

\n" - = "\n" - = "Below is bit mask for this PCD: (Order is same as UE= FI spec)
\n" - = "EfiReservedMemoryType 0x0001
\n" - = "EfiLoaderCode 0x0002
\n" - = "EfiLoaderData 0x0004
\n" - = "EfiBootServicesCode 0x0008
\n" - = "EfiBootServicesData 0x0010
\n" - = "EfiRuntimeServicesCode 0x0020
\n" - = "EfiRuntimeServicesData 0x0040
\n" - = "EfiConventionalMemory 0x0080
\n" - = "EfiUnusableMemory 0x0100
\n" - = "EfiACPIReclaimMemory 0x0200
\n" - = "EfiACPIMemoryNVS 0x0400
\n" - = "EfiMemoryMappedIO 0x0800
\n" - = "EfiMemoryMappedIOPortSpace 0x1000
\n" - = "EfiPalCode 0x2000
\n" - = "EfiPersistentMemory 0x4000
\n" - = "OEM Reserved 0x4000000000000000
\n" - = "OS Reserved 0x8000000000000000
\n" - = "\n" - = "NOTE: User must NOT set NX protection for EfiLoaderC= ode / EfiBootServicesCode / EfiRuntimeServicesCode.
\n" - = "User MUST set the same NX protection for EfiBootServ= icesData and EfiConventionalMemory.
\n" - = "\n" - = "e.g. 0x7FD5 can be used for all memory except Code. =
\n" - = "e.g. 0x7BD4 can be used for all memory except Code a= nd ACPINVS/Reserved.
\n" - = "" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOr= Mask_PROMPT #language en-US "The address mask when memory encryption is en= abled." =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdPteMemoryEncryptionAddressOr= Mask_HELP #language en-US "This PCD holds the address mask for page table = entries when memory encryption is\n" @@ -1186,110 +1131,12 @@ #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCodRelocationDevPath_HELP #= language en-US "Full device path of platform specific device to store Cap= sule On Disk temp relocation file.
" = "If this PCD is set, Capsule On Disk temp relocation file = will be stored in the device specified by this PCD, instead of the EFI Syst= em Partition that stores capsule image file." =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionProperty= Mask_PROMPT #language en-US "Enable NULL pointer detection" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdNullPointerDetectionProperty= Mask_HELP #language en-US "Mask to control the NULL address detection in= code for different phases.\n" - = " If enabled, accessing NULL address in UEFI o= r SMM code can be caught.\n\n" - = " BIT0 - Enable NULL pointer detection fo= r UEFI.\n" - = " BIT1 - Enable NULL pointer detection fo= r SMM.\n" - = " BIT2..6 - Reserved for future uses.\n" - = " BIT7 - Disable NULL pointer detection j= ust after EndOfDxe." - = " This is a workaround for those unsolvable NU= LL access issues in" - = " OptionROM, boot loader, etc. It can also hel= p to avoid unnecessary" - = " exception caused by legacy memory (0-4095) a= ccess after EndOfDxe," - = " such as Windows 7 boot on Qemu.\n" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_PROMPT = #language en-US "Init Value in Temp Stack" =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdInitValueInTempStack_HELP = #language en-US "Init Value in Temp Stack to be shared between SEC and PEI= _CORE\n" = "SEC fills the full temp stack with this values. When swit= ch stack, PeiCore can check\n" = "this value in the temp stack to know how many stack has b= een used.\n" =20 -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_PROMPT #l= anguage en-US "The memory type mask for Page Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPageType_HELP #l= anguage en-US "Indicates which type allocation need guard page.\n\n" - = " If a bit is set, a head guard page and a tail guard page wi= ll be added just\n" - = " before and after corresponding type of pages allocated if t= here's enough\n" - = " free pages for all of them. The page allocation for the typ= e related to\n" - = " cleared bits keeps the same as ususal.\n\n" - = " This PCD is only valid if BIT0 and/or BIT2 are set in PcdHe= apGuardPropertyMask.\n\n" - = " Below is bit mask for this PCD: (Order is same as UEFI spec= )
\n" - = " EfiReservedMemoryType 0x0000000000000001\n" - = " EfiLoaderCode 0x0000000000000002\n" - = " EfiLoaderData 0x0000000000000004\n" - = " EfiBootServicesCode 0x0000000000000008\n" - = " EfiBootServicesData 0x0000000000000010\n" - = " EfiRuntimeServicesCode 0x0000000000000020\n" - = " EfiRuntimeServicesData 0x0000000000000040\n" - = " EfiConventionalMemory 0x0000000000000080\n" - = " EfiUnusableMemory 0x0000000000000100\n" - = " EfiACPIReclaimMemory 0x0000000000000200\n" - = " EfiACPIMemoryNVS 0x0000000000000400\n" - = " EfiMemoryMappedIO 0x0000000000000800\n" - = " EfiMemoryMappedIOPortSpace 0x0000000000001000\n" - = " EfiPalCode 0x0000000000002000\n" - = " EfiPersistentMemory 0x0000000000004000\n" - = " OEM Reserved 0x4000000000000000\n" - = " OS Reserved 0x8000000000000000\n" - = " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesDat= a are needed, 0x1E should be used.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_PROMPT #l= anguage en-US "The memory type mask for Pool Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPoolType_HELP #l= anguage en-US "Indicates which type allocation need guard page.\n\n" - = " If a bit is set, a head guard page and a tail guard page wi= ll be added just\n" - = " before and after corresponding type of pages which the allo= cated pool occupies,\n" - = " if there's enough free memory for all of them. The pool all= ocation for the\n" - = " type related to cleared bits keeps the same as ususal.\n\n" - = " This PCD is only valid if BIT1 and/or BIT3 are set in PcdHe= apGuardPropertyMask.\n\n" - = " Below is bit mask for this PCD: (Order is same as UEFI spec= )
\n" - = " EfiReservedMemoryType 0x0000000000000001\n" - = " EfiLoaderCode 0x0000000000000002\n" - = " EfiLoaderData 0x0000000000000004\n" - = " EfiBootServicesCode 0x0000000000000008\n" - = " EfiBootServicesData 0x0000000000000010\n" - = " EfiRuntimeServicesCode 0x0000000000000020\n" - = " EfiRuntimeServicesData 0x0000000000000040\n" - = " EfiConventionalMemory 0x0000000000000080\n" - = " EfiUnusableMemory 0x0000000000000100\n" - = " EfiACPIReclaimMemory 0x0000000000000200\n" - = " EfiACPIMemoryNVS 0x0000000000000400\n" - = " EfiMemoryMappedIO 0x0000000000000800\n" - = " EfiMemoryMappedIOPortSpace 0x0000000000001000\n" - = " EfiPalCode 0x0000000000002000\n" - = " EfiPersistentMemory 0x0000000000004000\n" - = " OEM Reserved 0x4000000000000000\n" - = " OS Reserved 0x8000000000000000\n" - = " e.g. LoaderCode+LoaderData+BootServicesCode+BootServicesDat= a are needed, 0x1E should be used.
" - - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_PROMPT= #language en-US "The Heap Guard feature mask" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdHeapGuardPropertyMask_HELP = #language en-US "This mask is to control Heap Guard behavior.\n" - = " Note:\n" - = " a) Heap Guard is for debug purpose and should not be = enabled in product" - = " BIOS.\n" - = " b) Due to the limit of pool memory implementation and= the alignment" - = " requirement of UEFI spec, BIT7 is a try-best setti= ng which cannot" - = " guarantee that the returned pool is exactly adjace= nt to head guard" - = " page or tail guard page.\n" - = " c) UEFI freed-memory guard and UEFI pool/page guard c= annot be enabled" - = " at the same time.\n" - = " BIT0 - Enable UEFI page guard.
\n" - = " BIT1 - Enable UEFI pool guard.
\n" - = " BIT2 - Enable SMM page guard.
\n" - = " BIT3 - Enable SMM pool guard.
\n" - = " BIT4 - Enable UEFI freed-memory guard (Use-After-Free= memory detection).
\n" - = " BIT7 - The direction of Guard Page for Pool Guard.\n" - = " 0 - The returned pool is near the tail guard p= age.
\n" - = " 1 - The returned pool is near the head guard p= age.
" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_PROMPT #langu= age en-US "Enable UEFI Stack Guard" - -#string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdCpuStackGuard_HELP #langu= age en-US "Indicates if UEFI Stack Guard will be enabled.\n" - = " If enabled, stack overflow in UEFI can be caught, preventing c= haotic consequences.

\n" - = " TRUE - UEFI Stack Guard will be enabled.
\n" - = " FALSE - UEFI Stack Guard will be disabled.
" - #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_PROMPT #= language en-US "Debug level of Trace Hub." =20 #string STR_gEfiMdeModulePkgTokenSpaceGuid_PcdTraceHubDebugLevel_HELP #= language en-US "Indicate debug level of Trace Hub" --=20 2.42.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108890): https://edk2.groups.io/g/devel/message/108890 Mute This Topic: https://groups.io/mt/101469968/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-