MdeModulePkg/DxeIpl: support more NX related PCDs
BZ#1116: https://bugzilla.tianocore.org/show_bug.cgi?id=1116 Currently IA32_EFER.NXE is only set against PcdSetNxForStack. This confuses developers because following two other PCDs also need NXE to be set, but actually not. PcdDxeNxMemoryProtectionPolicy PcdImageProtectionPolicy This patch solves this issue by adding logic to enable IA32_EFER.NXE if any of those PCDs have anything enabled. Cc: Star Zeng <star.zeng@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
@@ -179,6 +179,18 @@ typedef struct {
|
||||
UINTN FreePages;
|
||||
} PAGE_TABLE_POOL;
|
||||
|
||||
/**
|
||||
Check if Execute Disable Bit (IA32_EFER.NXE) should be enabled or not.
|
||||
|
||||
@retval TRUE IA32_EFER.NXE should be enabled.
|
||||
@retval FALSE IA32_EFER.NXE should not be enabled.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
IsEnableNonExecNeeded (
|
||||
VOID
|
||||
);
|
||||
|
||||
/**
|
||||
Enable Execute Disable Bit.
|
||||
|
||||
|
Reference in New Issue
Block a user