\r
[Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64]\r
gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ## SOMETIMES_CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ## SOMETIMES_CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ## SOMETIMES_CONSUMES\r
\r
[Depex]\r
gEfiPeiLoadFilePpiGuid AND gEfiPeiMasterBootModePpiGuid\r
return Ia32PaeSupport;\r
}\r
\r
-/**\r
- The function will check if Execute Disable Bit is available.\r
-\r
- @retval TRUE Execute Disable Bit is available.\r
- @retval FALSE Execute Disable Bit is not available.\r
-\r
-**/\r
-BOOLEAN\r
-IsExecuteDisableBitAvailable (\r
- VOID\r
- )\r
-{\r
- UINT32 RegEax;\r
- UINT32 RegEdx;\r
- BOOLEAN Available;\r
-\r
- Available = FALSE;\r
- AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r
- if (RegEax >= 0x80000001) {\r
- AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);\r
- if ((RegEdx & BIT20) != 0) {\r
- //\r
- // Bit 20: Execute Disable Bit available.\r
- //\r
- Available = TRUE;\r
- }\r
- }\r
-\r
- return Available;\r
-}\r
-\r
/**\r
The function will check if page table should be setup or not.\r
\r
return TRUE;\r
}\r
\r
- if (PcdGetBool (PcdSetNxForStack) && IsExecuteDisableBitAvailable ()) {\r
+ if (IsEnableNonExecNeeded ()) {\r
return TRUE;\r
}\r
\r
BuildPageTablesIa32Pae = ToBuildPageTable ();\r
if (BuildPageTablesIa32Pae) {\r
PageTables = Create4GPageTablesIa32Pae (BaseOfStack, STACK_SIZE);\r
- if (IsExecuteDisableBitAvailable ()) {\r
+ if (IsEnableNonExecNeeded ()) {\r
EnableExecuteDisableBit();\r
}\r
}\r
return ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) != 0);\r
}\r
\r
+/**\r
+ The function will check if Execute Disable Bit is available.\r
+\r
+ @retval TRUE Execute Disable Bit is available.\r
+ @retval FALSE Execute Disable Bit is not available.\r
+\r
+**/\r
+BOOLEAN\r
+IsExecuteDisableBitAvailable (\r
+ VOID\r
+ )\r
+{\r
+ UINT32 RegEax;\r
+ UINT32 RegEdx;\r
+ BOOLEAN Available;\r
+\r
+ Available = FALSE;\r
+ AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r
+ if (RegEax >= 0x80000001) {\r
+ AsmCpuid (0x80000001, NULL, NULL, NULL, &RegEdx);\r
+ if ((RegEdx & BIT20) != 0) {\r
+ //\r
+ // Bit 20: Execute Disable Bit available.\r
+ //\r
+ Available = TRUE;\r
+ }\r
+ }\r
+\r
+ return Available;\r
+}\r
+\r
+/**\r
+ Check if Execute Disable Bit (IA32_EFER.NXE) should be enabled or not.\r
+\r
+ @retval TRUE IA32_EFER.NXE should be enabled.\r
+ @retval FALSE IA32_EFER.NXE should not be enabled.\r
+\r
+**/\r
+BOOLEAN\r
+IsEnableNonExecNeeded (\r
+ VOID\r
+ )\r
+{\r
+ if (!IsExecuteDisableBitAvailable ()) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // XD flag (BIT63) in page table entry is only valid if IA32_EFER.NXE is set.\r
+ // Features controlled by Following PCDs need this feature to be enabled.\r
+ //\r
+ return (PcdGetBool (PcdSetNxForStack) ||\r
+ PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0 ||\r
+ PcdGet32 (PcdImageProtectionPolicy) != 0);\r
+}\r
+\r
/**\r
Enable Execute Disable Bit.\r
\r
//\r
EnablePageTableProtection ((UINTN)PageMap, TRUE);\r
\r
- if (PcdGetBool (PcdSetNxForStack)) {\r
+ //\r
+ // Set IA32_EFER.NXE if necessary.\r
+ //\r
+ if (IsEnableNonExecNeeded ()) {\r
EnableExecuteDisableBit ();\r
}\r
\r
UINTN FreePages;\r
} PAGE_TABLE_POOL;\r
\r
+/**\r
+ Check if Execute Disable Bit (IA32_EFER.NXE) should be enabled or not.\r
+\r
+ @retval TRUE IA32_EFER.NXE should be enabled.\r
+ @retval FALSE IA32_EFER.NXE should not be enabled.\r
+\r
+**/\r
+BOOLEAN\r
+IsEnableNonExecNeeded (\r
+ VOID\r
+ );\r
+\r
/**\r
Enable Execute Disable Bit.\r
\r