]> git.proxmox.com Git - mirror_edk2.git/commit - MdeModulePkg/MdeModulePkg.dec
projects / mirror_edk2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f31c36c) | patch
MdeModulePkg: define PCD for DXE memory protection policy
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Thu, 23 Feb 2017 10:36:38 +0000 (10:36 +0000)
committerArd Biesheuvel <ard.biesheuvel@linaro.org>
Tue, 28 Feb 2017 14:59:50 +0000 (14:59 +0000)
commit973e388af2f8f35dce3aaa924a0372eedceeba96
tree5c164d3948e4ca07fb39759500810530d859ad2atree
parentf31c36c2938d5857008d674e913e3fc0783fab49commit | diff
MdeModulePkg: define PCD for DXE memory protection policy

Define a new fixed/patchable PCD that sets the DXE memory protection
policy: its primary use is to define which memory types should have
their executable permissions removed. Combined with the image protection
policy, this can be used to implement a strict W^X policy, i.e.. a policy
where no regions exist that are both executable and writable at the same
time.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
MdeModulePkg/MdeModulePkg.dec diff | blob | blame | history
EFI Development Kit II mirror for PVE