}\r
\r
//\r
- // The policy QUERY_USER_ON_SECURITY_VIOLATION violates the UEFI spec and has been removed.\r
+ // The policy QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION \r
+ // violates the UEFI spec and has been removed.\r
//\r
- ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION);\r
- if (Policy == QUERY_USER_ON_SECURITY_VIOLATION) {\r
+ ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION && Policy != ALLOW_EXECUTE_ON_SECURITY_VIOLATION);\r
+ if (Policy == QUERY_USER_ON_SECURITY_VIOLATION || Policy == ALLOW_EXECUTE_ON_SECURITY_VIOLATION) {\r
CpuDeadLoop ();\r
}\r
\r
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003\r
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004\r
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005 \r
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the UEFI specification and has been removed.\r
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since\r
+ # it violates the UEFI specification and has been removed.\r
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04|UINT32|0x00000001\r
\r
## Pcd for removable media.\r
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003\r
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004\r
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005\r
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the UEFI specification and has been removed.\r
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since\r
+ # it violates the UEFI specification and has been removed.\r
gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04|UINT32|0x00000002\r
\r
## Pcd for fixed media.\r
# DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003\r
# DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004\r
# QUERY_USER_ON_SECURITY_VIOLATION 0x00000005 \r
- # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION since it violates the UEFI specification and has been removed.\r
+ # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since\r
+ # it violates the UEFI specification and has been removed.\r
gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04|UINT32|0x00000003\r
\r
## Defer Image Load policy settings.\r