From: Ard Biesheuvel Date: Thu, 2 Mar 2017 10:36:16 +0000 (+0000) Subject: ArmVirtPkg: enable PE/COFF image and memory protection for ARM platforms X-Git-Tag: edk2-stable201903~4458 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=dfd85675f9cc2603f3f09ceb18ff4f01b025d27f ArmVirtPkg: enable PE/COFF image and memory protection for ARM platforms Like for AARCH64, enable PE/COFF image and NX memory protection for all 32-bit ARM virt platforms. Note that this does not [yet] protect EfiLoaderData regions, due to compatibility issues with GRUB. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index a91b27f13c..acfb71d3ff 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -18,7 +18,7 @@ DEFINE TTY_TERMINAL = FALSE [BuildOptions.common.EDKII.DXE_DRIVER,BuildOptions.common.EDKII.UEFI_DRIVER,BuildOptions.common.EDKII.UEFI_APPLICATION] - GCC:*_*_AARCH64_DLINK_FLAGS = -z common-page-size=0x1000 + GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000 [BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER] GCC:*_*_ARM_DLINK_FLAGS = -z common-page-size=0x1000 @@ -373,10 +373,6 @@ gArmVirtTokenSpaceGuid.PcdTerminalTypeGuidBuffer|{0x80, 0x6d, 0x91, 0x7d, 0xb1, 0x5b, 0x8c, 0x45, 0xa4, 0x8f, 0xe2, 0x5f, 0xdd, 0x51, 0xef, 0x94} !endif -[PcdsFixedAtBuild.ARM] - gEmbeddedTokenSpaceGuid.PcdPrePiCpuMemorySize|40 - -[PcdsFixedAtBuild.AARCH64] # # Enable strict image permissions for all images. (This applies # only to images that were built with >= 4 KB section alignment.) @@ -390,6 +386,9 @@ # gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1 +[PcdsFixedAtBuild.ARM] + gEmbeddedTokenSpaceGuid.PcdPrePiCpuMemorySize|40 + [Components.common] # # Networking stack