ArmVirtPkg: enable PE/COFF image and memory protection for ARM platforms
authorArd Biesheuvel <ard.biesheuvel@linaro.org>
Thu, 2 Mar 2017 10:36:16 +0000 (10:36 +0000)
committerArd Biesheuvel <ard.biesheuvel@linaro.org>
Tue, 7 Mar 2017 08:10:01 +0000 (09:10 +0100)
Like for AARCH64, enable PE/COFF image and NX memory protection for all
32-bit ARM virt platforms.

Note that this does not [yet] protect EfiLoaderData regions, due to
compatibility issues with GRUB.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
ArmVirtPkg/ArmVirt.dsc.inc

index a91b27f13cf274f6a69f4858948cc215eccd5836..acfb71d3ff6c7f3b9c99e2b8f32b9c27e3e34b82 100644 (file)
@@ -18,7 +18,7 @@
   DEFINE TTY_TERMINAL            = FALSE\r
 \r
 [BuildOptions.common.EDKII.DXE_DRIVER,BuildOptions.common.EDKII.UEFI_DRIVER,BuildOptions.common.EDKII.UEFI_APPLICATION]\r
-  GCC:*_*_AARCH64_DLINK_FLAGS = -z common-page-size=0x1000\r
+  GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000\r
 \r
 [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]\r
   GCC:*_*_ARM_DLINK_FLAGS = -z common-page-size=0x1000\r
   gArmVirtTokenSpaceGuid.PcdTerminalTypeGuidBuffer|{0x80, 0x6d, 0x91, 0x7d, 0xb1, 0x5b, 0x8c, 0x45, 0xa4, 0x8f, 0xe2, 0x5f, 0xdd, 0x51, 0xef, 0x94}\r
 !endif\r
 \r
-[PcdsFixedAtBuild.ARM]\r
-  gEmbeddedTokenSpaceGuid.PcdPrePiCpuMemorySize|40\r
-\r
-[PcdsFixedAtBuild.AARCH64]\r
   #\r
   # Enable strict image permissions for all images. (This applies\r
   # only to images that were built with >= 4 KB section alignment.)\r
   #\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1\r
 \r
+[PcdsFixedAtBuild.ARM]\r
+  gEmbeddedTokenSpaceGuid.PcdPrePiCpuMemorySize|40\r
+\r
 [Components.common]\r
   #\r
   # Networking stack\r