#include <Library/MemoryAllocationLib.h>\r
#include <Library/CpuLib.h>\r
#include <Library/BaseLib.h>\r
+#include <Guid/MigratedFvInfo.h>\r
\r
#include "CpuMpPei.h"\r
\r
IN VOID *Ppi\r
)\r
{\r
- EFI_STATUS Status;\r
- BOOLEAN InitStackGuard;\r
- BOOLEAN InterruptState;\r
+ EFI_STATUS Status;\r
+ BOOLEAN InitStackGuard;\r
+ BOOLEAN InterruptState;\r
+ EDKII_MIGRATED_FV_INFO *MigratedFvInfo;\r
+ EFI_PEI_HOB_POINTERS Hob;\r
\r
if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) {\r
InterruptState = SaveAndDisableInterrupts ();\r
// the task switch (for the sake of stack switch).\r
//\r
InitStackGuard = FALSE;\r
- if (IsIa32PaeSupported () && PcdGetBool (PcdCpuStackGuard)) {\r
+ Hob.Raw = NULL;\r
+ if (IsIa32PaeSupported ()) {\r
+ Hob.Raw = GetFirstGuidHob (&gEdkiiMigratedFvInfoGuid);\r
+ InitStackGuard = PcdGetBool (PcdCpuStackGuard);\r
+ }\r
+\r
+ if (InitStackGuard || Hob.Raw != NULL) {\r
EnablePaging ();\r
- InitStackGuard = TRUE;\r
}\r
\r
Status = InitializeCpuMpWorker ((CONST EFI_PEI_SERVICES **)PeiServices);\r
SetupStackGuardPage ();\r
}\r
\r
+ while (Hob.Raw != NULL) {\r
+ MigratedFvInfo = GET_GUID_HOB_DATA (Hob);\r
+\r
+ //\r
+ // Enable #PF exception, so if the code access SPI after disable NEM, it will generate\r
+ // the exception to avoid potential vulnerability.\r
+ //\r
+ ConvertMemoryPageAttributes (MigratedFvInfo->FvOrgBase, MigratedFvInfo->FvLength, 0);\r
+\r
+ Hob.Raw = GET_NEXT_HOB (Hob);\r
+ Hob.Raw = GetNextGuidHob (&gEdkiiMigratedFvInfoGuid, Hob.Raw);\r
+ }\r
+ CpuFlushTlb ();\r
+\r
return Status;\r
}\r
\r