gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable|FALSE|BOOLEAN|3\r
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderPciTranslation|TRUE|BOOLEAN|0x1c\r
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderMmioTranslation|FALSE|BOOLEAN|0x1d\r
+\r
+ ## This feature flag enables SMM/SMRAM support. Note that it also requires\r
+ # such support from the underlying QEMU instance; if that support is not\r
+ # present, the firmware will reject continuing after a certain point.\r
+ #\r
+ # The flag also acts as a general "security switch"; when TRUE, many\r
+ # components will change behavior, with the goal of preventing a malicious\r
+ # runtime OS from tampering with firmware structures (special memory ranges\r
+ # used by OVMF, the varstore pflash chip, LockBox etc).\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire|FALSE|BOOLEAN|0x1e\r
projects / mirror_edk2.git / blobdiff