sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MdeModulePkg/DxeIpl: support more NX related PCDs

Browse Source 
BZ#1116: https://bugzilla.tianocore.org/show_bug.cgi?id=1116

Currently IA32_EFER.NXE is only set against PcdSetNxForStack. This
confuses developers because following two other PCDs also need NXE
to be set, but actually not.

    PcdDxeNxMemoryProtectionPolicy
    PcdImageProtectionPolicy

This patch solves this issue by adding logic to enable IA32_EFER.NXE
if any of those PCDs have anything enabled.

Cc: Star Zeng <star.zeng@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
Jian J Wang
2018-09-25 16:49:19 +08:00
parent b888c57a05
commit 5267926134
4 changed files with 76 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
View File

@@ -179,6 +179,18 @@ typedef struct {
UINTN FreePages;
} PAGE_TABLE_POOL;
/**
Check if Execute Disable Bit (IA32_EFER.NXE) should be enabled or not.
@retval TRUE IA32_EFER.NXE should be enabled.
@retval FALSE IA32_EFER.NXE should not be enabled.
**/
BOOLEAN
IsEnableNonExecNeeded (
VOID
);
/**
Enable Execute Disable Bit.