Replace references to the memory protection PCDs to instead
check the platform protections via GetMemoryProtectionsLib.
Because the protection profile is equivalent to the PCD settings,
this updated does not cause a torn state.
Signed-off-by: Taylor Beebe <taylor.d.be...@gmail.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Cc: Dandan Bi <dandan...@intel.com>
---
MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c | 4 +-
MdeModulePkg/Core/Dxe/Mem/HeapGuard.c | 46 ++++++++------
MdeModulePkg/Core/Dxe/Mem/Page.c | 2 +-
MdeModulePkg/Core/Dxe/Mem/Pool.c | 4 +-
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 67 +++++++++++---------
MdeModulePkg/Core/PiSmmCore/HeapGuard.c | 29 ++++-----
MdeModulePkg/Core/PiSmmCore/Pool.c | 4 +-
MdeModulePkg/Core/Dxe/DxeMain.h | 1 +
MdeModulePkg/Core/Dxe/DxeMain.inf | 8 +--
MdeModulePkg/Core/PiSmmCore/PiSmmCore.h | 1 +
MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf | 4 +-
11 files changed, 87 insertions(+), 83 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
index 0e0f9769b99d..66cb2fcf2ff7 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
+++ b/MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c
@@ -256,10 +256,12 @@ DxeMain (
Status = InitializeCpuExceptionHandlers (VectorInfoList);
ASSERT_EFI_ERROR (Status);
+ PopulateMpsGlobal ();
+
//
// Setup Stack Guard
//
- if (PcdGetBool (PcdCpuStackGuard)) {
+ if (gMps.Dxe.CpuStackGuardEnabled) {
Status = InitializeSeparateExceptionStacks (NULL, NULL);
ASSERT_EFI_ERROR (Status);
}
diff --git a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
index 0c0ca61872b4..59d8f36c89b7 100644
--- a/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
+++ b/MdeModulePkg/Core/Dxe/Mem/HeapGuard.c
@@ -553,7 +553,7 @@ UnsetGuardPage (
// memory.
//
Attributes = 0;
- if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & (1 <<
EfiConventionalMemory)) != 0) {
+ if (gMps.Dxe.ExecutionProtection.EnabledForType[EfiConventionalMemory]) {
Attributes |= EFI_MEMORY_XP;
}
@@ -590,38 +590,48 @@ IsMemoryTypeToGuard (
IN UINT8 PageOrPool
)
{
- UINT64 TestBit;
+ UINT32 MpsMemoryType;
UINT64 ConfigBit;
if (AllocateType == AllocateAddress) {
return FALSE;
}
- if ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) == 0) {
+ ConfigBit = gMps.Dxe.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAGE : 0;
+ ConfigBit |= gMps.Dxe.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POOL : 0;
+ ConfigBit |= gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled ?
GUARD_HEAP_TYPE_FREED : 0;
+
+ if ((PageOrPool & ConfigBit) == 0) {
return FALSE;
}
- if (PageOrPool == GUARD_HEAP_TYPE_POOL) {
- ConfigBit = PcdGet64 (PcdHeapGuardPoolType);
- } else if (PageOrPool == GUARD_HEAP_TYPE_PAGE) {
- ConfigBit = PcdGet64 (PcdHeapGuardPageType);
- } else {
- ConfigBit = (UINT64)-1;
+ if (((PageOrPool & GUARD_HEAP_TYPE_FREED) != 0) &&
gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled) {
+ return TRUE;
}
if ((UINT32)MemoryType >= MEMORY_TYPE_OS_RESERVED_MIN) {
- TestBit = BIT63;
+ MpsMemoryType = OS_RESERVED_MPS_MEMORY_TYPE;
} else if ((UINT32)MemoryType >= MEMORY_TYPE_OEM_RESERVED_MIN) {
- TestBit = BIT62;
+ MpsMemoryType = OEM_RESERVED_MPS_MEMORY_TYPE;
} else if (MemoryType < EfiMaxMemoryType) {
- TestBit = LShiftU64 (1, MemoryType);
+ MpsMemoryType = MemoryType;
} else if (MemoryType == EfiMaxMemoryType) {
- TestBit = (UINT64)-1;
+ return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) != 0) &&
IS_DXE_PAGE_GUARD_ACTIVE) ||
+ (((PageOrPool & GUARD_HEAP_TYPE_POOL) != 0) &&
IS_DXE_POOL_GUARD_ACTIVE) ||
+ (((PageOrPool & GUARD_HEAP_TYPE_FREED) != 0) &&
gMps.Dxe.HeapGuard.FreedMemoryGuardEnabled);
} else {
- TestBit = 0;
+ return FALSE;
}
- return ((ConfigBit & TestBit) != 0);
+ if (((PageOrPool & GUARD_HEAP_TYPE_PAGE) != 0) &&
gMps.Dxe.PageGuard.EnabledForType[MpsMemoryType]) {
+ return TRUE;
+ }
+
+ if (((PageOrPool & GUARD_HEAP_TYPE_POOL) != 0) &&
gMps.Dxe.PoolGuard.EnabledForType[MpsMemoryType]) {
+ return TRUE;
+ }
+
+ return FALSE;
}
/**
@@ -835,7 +845,7 @@ AdjustMemoryS (
// indicated to put the pool near the Tail Guard, we need extra bytes to
// make sure alignment of the returned pool address.
//
- if ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0) {
+ if (gMps.Dxe.HeapGuard.GuardAlignedToTail) {
SizeRequested = ALIGN_VALUE (SizeRequested, 8);
}
@@ -1019,7 +1029,7 @@ AdjustPoolHeadA (
IN UINTN Size
)
{
- if ((Memory == 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0)) {
+ if ((Memory == 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) {
//
// Pool head is put near the head Guard
//
@@ -1050,7 +1060,7 @@ AdjustPoolHeadF (
IN UINTN Size
)
{
- if ((Memory == 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0)) {
+ if ((Memory == 0) || (!gMps.Dxe.HeapGuard.GuardAlignedToTail)) {
//
// Pool head is put near the head Guard
//
diff --git a/MdeModulePkg/Core/Dxe/Mem/Page.c b/MdeModulePkg/Core/Dxe/Mem/Page.c
index 6497af573353..05c18a413b80 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Page.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Page.c
@@ -181,7 +181,7 @@ CoreAddRange (
// used for other purposes.
//
if ((Type == EfiConventionalMemory) && (Start == 0) && (End >= EFI_PAGE_SIZE
- 1)) {
- if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & BIT0) == 0) {
+ if (!gMps.Dxe.NullPointerDetection.Enabled) {
SetMem ((VOID *)(UINTN)Start, EFI_PAGE_SIZE, 0);
}
}
diff --git a/MdeModulePkg/Core/Dxe/Mem/Pool.c b/MdeModulePkg/Core/Dxe/Mem/Pool.c
index 716dd045f9fd..ae1e8b67db10 100644
--- a/MdeModulePkg/Core/Dxe/Mem/Pool.c
+++ b/MdeModulePkg/Core/Dxe/Mem/Pool.c
@@ -385,7 +385,7 @@ CoreAllocatePoolI (
//
HasPoolTail = !(NeedGuard &&
- ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0));
+ gMps.Dxe.HeapGuard.GuardAlignedToTail);
PageAsPool = (IsHeapGuardEnabled (GUARD_HEAP_TYPE_FREED) && !mOnGuarding);
//
@@ -717,7 +717,7 @@ CoreFreePoolI (
IsGuarded = IsPoolTypeToGuard (Head->Type) &&
IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)Head);
HasPoolTail = !(IsGuarded &&
- ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0));
+ gMps.Dxe.HeapGuard.GuardAlignedToTail);
PageAsPool = (Head->Signature == POOLPAGE_HEAD_SIGNATURE);
if (HasPoolTail) {
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 94ed3111688b..215a9f254065 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -9,7 +9,7 @@
2) This policy is applied only if the UEFI image meets the page alignment
requirement.
3) This policy is applied only if the Source UEFI image matches the
- PcdImageProtectionPolicy definition.
+ Image Protection Policy definition.
4) This policy is not applied to the non-PE image region.
The DxeCore calls CpuArchProtocol->SetMemoryAttributes() to protect
@@ -60,7 +60,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#define PREVIOUS_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \
((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) - (Size)))
-UINT32 mImageProtectionPolicy;
+STATIC BOOLEAN mIsExecutionProtectionActive = FALSE;
+
+STATIC BOOLEAN mIsPageOrPoolGuardActive = FALSE;
extern LIST_ENTRY mGcdMemorySpaceMap;
@@ -149,11 +151,13 @@ GetProtectionPolicyFromImageType (
IN UINT32 ImageType
)
{
- if ((ImageType & mImageProtectionPolicy) == 0) {
- return DO_NOT_PROTECT;
- } else {
+ if (((ImageType == IMAGE_UNKNOWN) &&
gMps.Dxe.ImageProtection.ProtectImageFromUnknown) ||
+ ((ImageType == IMAGE_FROM_FV) &&
gMps.Dxe.ImageProtection.ProtectImageFromFv))
+ {
return PROTECT_IF_ALIGNED_ELSE_ALLOW;
}
+
+ return DO_NOT_PROTECT;
}
/**
@@ -611,7 +615,7 @@ UnprotectUefiImage (
IMAGE_PROPERTIES_RECORD *ImageRecord;
LIST_ENTRY *ImageRecordLink;
- if (PcdGet32 (PcdImageProtectionPolicy) != 0) {
+ if (IS_DXE_IMAGE_PROTECTION_ACTIVE) {
for (ImageRecordLink = mProtectedImageRecordList.ForwardLink;
ImageRecordLink != &mProtectedImageRecordList;
ImageRecordLink = ImageRecordLink->ForwardLink)
@@ -648,21 +652,23 @@ GetPermissionAttributeForMemoryType (
IN EFI_MEMORY_TYPE MemoryType
)
{
- UINT64 TestBit;
+ UINT32 TestMemoryType;
if ((UINT32)MemoryType >= MEMORY_TYPE_OS_RESERVED_MIN) {
- TestBit = BIT63;
+ TestMemoryType = OS_RESERVED_MPS_MEMORY_TYPE;
} else if ((UINT32)MemoryType >= MEMORY_TYPE_OEM_RESERVED_MIN) {
- TestBit = BIT62;
+ TestMemoryType = OEM_RESERVED_MPS_MEMORY_TYPE;
+ } else if (MemoryType >= EfiMaxMemoryType) {
+ return EFI_MEMORY_XP;
} else {
- TestBit = LShiftU64 (1, MemoryType);
+ TestMemoryType = MemoryType;
}
- if ((PcdGet64 (PcdDxeNxMemoryProtectionPolicy) & TestBit) != 0) {
+ if (gMps.Dxe.ExecutionProtection.EnabledForType[TestMemoryType]) {
return EFI_MEMORY_XP;
- } else {
- return 0;
}
+
+ return 0;
}
/**
@@ -772,7 +778,7 @@ MergeMemoryMapForProtectionPolicy (
/**
Remove exec permissions from all regions whose type is identified by
- PcdDxeNxMemoryProtectionPolicy.
+ the DXE Execution Protection Policy.
**/
STATIC
VOID
@@ -827,7 +833,7 @@ InitializeDxeNxMemoryProtectionPolicy (
ASSERT_EFI_ERROR (Status);
StackBase = 0;
- if (PcdGetBool (PcdCpuStackGuard)) {
+ if (gMps.Dxe.CpuStackGuardEnabled) {
//
// Get the base of stack from Hob.
//
@@ -885,7 +891,7 @@ InitializeDxeNxMemoryProtectionPolicy (
// enabled.
//
if ((MemoryMapEntry->PhysicalStart == 0) &&
- (PcdGet8 (PcdNullPointerDetectionPropertyMask) != 0))
+ (gMps.Dxe.NullPointerDetection.Enabled))
{
ASSERT (MemoryMapEntry->NumberOfPages > 0);
SetUefiImageMemoryAttributes (
@@ -903,7 +909,7 @@ InitializeDxeNxMemoryProtectionPolicy (
((StackBase >= MemoryMapEntry->PhysicalStart) &&
(StackBase < MemoryMapEntry->PhysicalStart +
LShiftU64 (MemoryMapEntry->NumberOfPages, EFI_PAGE_SHIFT))) &&
- PcdGetBool (PcdCpuStackGuard))
+ gMps.Dxe.CpuStackGuardEnabled)
{
SetUefiImageMemoryAttributes (
StackBase,
@@ -1024,7 +1030,7 @@ MemoryProtectionCpuArchProtocolNotify (
//
// Apply the memory protection policy on non-BScode/RTcode regions.
//
- if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) != 0) {
+ if (IS_DXE_EXECUTION_PROTECTION_ACTIVE) {
InitializeDxeNxMemoryProtectionPolicy ();
}
@@ -1036,7 +1042,7 @@ MemoryProtectionCpuArchProtocolNotify (
// Mark the HOB list XP and RO.
ProtectHobList ();
- if (mImageProtectionPolicy == 0) {
+ if (!IS_DXE_IMAGE_PROTECTION_ACTIVE) {
goto Done;
}
@@ -1099,7 +1105,7 @@ MemoryProtectionExitBootServicesCallback (
// delay setting protections on RT code pages until after
SetVirtualAddressMap().
// OS may set protection on RT based upon EFI_MEMORY_ATTRIBUTES_TABLE later.
//
- if (mImageProtectionPolicy != 0) {
+ if (IS_DXE_IMAGE_PROTECTION_ACTIVE) {
for (Link = gRuntime->ImageHead.ForwardLink; Link != &gRuntime->ImageHead;
Link = Link->ForwardLink) {
RuntimeImage = BASE_CR (Link, EFI_RUNTIME_IMAGE_ENTRY, Link);
SetUefiImageMemoryAttributes ((UINT64)(UINTN)RuntimeImage->ImageBase,
ALIGN_VALUE (RuntimeImage->ImageSize, EFI_PAGE_SIZE), 0);
@@ -1173,19 +1179,20 @@ CoreInitializeMemoryProtection (
EFI_EVENT EndOfDxeEvent;
VOID *Registration;
- mImageProtectionPolicy = PcdGet32 (PcdImageProtectionPolicy);
+ mIsExecutionProtectionActive = IS_DXE_EXECUTION_PROTECTION_ACTIVE;
+ mIsPageOrPoolGuardActive = IS_DXE_PAGE_GUARD_ACTIVE ||
IS_DXE_POOL_GUARD_ACTIVE;
InitializeListHead (&mProtectedImageRecordList);
//
- // Sanity check the PcdDxeNxMemoryProtectionPolicy setting:
+ // Sanity check the DXE NX protection policy setting:
// - code regions should have no EFI_MEMORY_XP attribute
// - EfiConventionalMemory and EfiBootServicesData should use the
// same attribute
//
- ASSERT ((GetPermissionAttributeForMemoryType (EfiBootServicesCode) &
EFI_MEMORY_XP) == 0);
- ASSERT ((GetPermissionAttributeForMemoryType (EfiRuntimeServicesCode) &
EFI_MEMORY_XP) == 0);
- ASSERT ((GetPermissionAttributeForMemoryType (EfiLoaderCode) &
EFI_MEMORY_XP) == 0);
+ ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiLoaderCode]);
+ ASSERT (!gMps.Dxe.ExecutionProtection.EnabledForType[EfiBootServicesCode]);
+ ASSERT
(!gMps.Dxe.ExecutionProtection.EnabledForType[EfiRuntimeServicesCode]);
ASSERT (
GetPermissionAttributeForMemoryType (EfiBootServicesData) ==
GetPermissionAttributeForMemoryType (EfiConventionalMemory)
@@ -1213,9 +1220,7 @@ CoreInitializeMemoryProtection (
//
// Register a callback to disable NULL pointer detection at EndOfDxe
//
- if ((PcdGet8 (PcdNullPointerDetectionPropertyMask) & (BIT0|BIT7))
- == (BIT0|BIT7))
- {
+ if (gMps.Dxe.NullPointerDetection.Enabled &&
gMps.Dxe.NullPointerDetection.DisableEndOfDxe) {
Status = CoreCreateEventEx (
EVT_NOTIFY_SIGNAL,
TPL_NOTIFY,
@@ -1279,7 +1284,7 @@ ApplyMemoryProtectionPolicy (
UINT64 NewAttributes;
//
- // The policy configured in PcdDxeNxMemoryProtectionPolicy
+ // The policy configured in DXE Execution Protection Policy
// does not apply to allocations performed in SMM mode.
//
if (IsInSmm ()) {
@@ -1298,7 +1303,7 @@ ApplyMemoryProtectionPolicy (
//
// Check if a DXE memory protection policy has been configured
//
- if (PcdGet64 (PcdDxeNxMemoryProtectionPolicy) == 0) {
+ if (!mIsExecutionProtectionActive) {
return EFI_SUCCESS;
}
@@ -1306,7 +1311,7 @@ ApplyMemoryProtectionPolicy (
// Don't overwrite Guard pages, which should be the first and/or last page,
// if any.
//
- if (IsHeapGuardEnabled (GUARD_HEAP_TYPE_PAGE|GUARD_HEAP_TYPE_POOL)) {
+ if (mIsPageOrPoolGuardActive) {
if (IsGuardPage (Memory)) {
Memory += EFI_PAGE_SIZE;
Length -= EFI_PAGE_SIZE;
diff --git a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
index 25310122ca1b..eac38e699c30 100644
--- a/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
+++ b/MdeModulePkg/Core/PiSmmCore/HeapGuard.c
@@ -592,36 +592,29 @@ IsMemoryTypeToGuard (
IN UINT8 PageOrPool
)
{
- UINT64 TestBit;
UINT64 ConfigBit;
- if ( ((PcdGet8 (PcdHeapGuardPropertyMask) & PageOrPool) == 0)
+ ConfigBit = gMps.Mm.HeapGuard.PageGuardEnabled ? GUARD_HEAP_TYPE_PAGE : 0;
+ ConfigBit |= gMps.Mm.HeapGuard.PoolGuardEnabled ? GUARD_HEAP_TYPE_POOL : 0;
+
+ if ( ((ConfigBit & PageOrPool) == 0)
|| mOnGuarding
|| (AllocateType == AllocateAddress))
{
return FALSE;
}
- ConfigBit = 0;
- if ((PageOrPool & GUARD_HEAP_TYPE_POOL) != 0) {
- ConfigBit |= PcdGet64 (PcdHeapGuardPoolType);
- }
-
- if ((PageOrPool & GUARD_HEAP_TYPE_PAGE) != 0) {
- ConfigBit |= PcdGet64 (PcdHeapGuardPageType);
- }
-
if ((MemoryType == EfiRuntimeServicesData) ||
(MemoryType == EfiRuntimeServicesCode))
{
- TestBit = LShiftU64 (1, MemoryType);
+ return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) != 0) &&
gMps.Mm.PageGuard.EnabledForType[MemoryType]) ||
+ (((PageOrPool & GUARD_HEAP_TYPE_POOL) != 0) &&
gMps.Mm.PoolGuard.EnabledForType[MemoryType]);
} else if (MemoryType == EfiMaxMemoryType) {
- TestBit = (UINT64)-1;
- } else {
- TestBit = 0;
+ return (((PageOrPool & GUARD_HEAP_TYPE_PAGE) != 0) &&
IS_MM_PAGE_GUARD_ACTIVE) ||
+ (((PageOrPool & GUARD_HEAP_TYPE_POOL) != 0) &&
IS_MM_POOL_GUARD_ACTIVE);
}
- return ((ConfigBit & TestBit) != 0);
+ return FALSE;
}
/**
@@ -951,7 +944,7 @@ AdjustPoolHeadA (
IN UINTN Size
)
{
- if ((Memory == 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0)) {
+ if ((Memory == 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) {
//
// Pool head is put near the head Guard
//
@@ -977,7 +970,7 @@ AdjustPoolHeadF (
IN EFI_PHYSICAL_ADDRESS Memory
)
{
- if ((Memory == 0) || ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) != 0)) {
+ if ((Memory == 0) || (!gMps.Mm.HeapGuard.GuardAlignedToTail)) {
//
// Pool head is put near the head Guard
//
diff --git a/MdeModulePkg/Core/PiSmmCore/Pool.c
b/MdeModulePkg/Core/PiSmmCore/Pool.c
index e1ff40a8ea55..991efaf33bdd 100644
--- a/MdeModulePkg/Core/PiSmmCore/Pool.c
+++ b/MdeModulePkg/Core/PiSmmCore/Pool.c
@@ -258,7 +258,7 @@ SmmInternalAllocatePool (
NeedGuard = IsPoolTypeToGuard (PoolType);
HasPoolTail = !(NeedGuard &&
- ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0));
+ gMps.Mm.HeapGuard.GuardAlignedToTail);
//
// Adjust the size by the pool header & tail overhead
@@ -392,7 +392,7 @@ SmmInternalFreePool (
MemoryGuarded = IsHeapGuardEnabled () &&
IsMemoryGuarded ((EFI_PHYSICAL_ADDRESS)(UINTN)FreePoolHdr);
HasPoolTail = !(MemoryGuarded &&
- ((PcdGet8 (PcdHeapGuardPropertyMask) & BIT7) == 0));
+ gMps.Mm.HeapGuard.GuardAlignedToTail);
if (HasPoolTail) {
PoolTail = HEAD_TO_TAIL (&FreePoolHdr->Header);
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.h b/MdeModulePkg/Core/Dxe/DxeMain.h
index 43daa037be44..8b8b97666f38 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.h
+++ b/MdeModulePkg/Core/Dxe/DxeMain.h
@@ -84,6 +84,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/DxeServicesLib.h>
#include <Library/DebugAgentLib.h>
#include <Library/CpuExceptionHandlerLib.h>
+#include <Library/GetMemoryProtectionsLib.h>
//
// attributes for reserved memory before it is promoted to system memory
diff --git a/MdeModulePkg/Core/Dxe/DxeMain.inf
b/MdeModulePkg/Core/Dxe/DxeMain.inf
index 6c896a0e7f0f..ddbbee5f68ce 100644
--- a/MdeModulePkg/Core/Dxe/DxeMain.inf
+++ b/MdeModulePkg/Core/Dxe/DxeMain.inf
@@ -94,6 +94,7 @@ [LibraryClasses]
DebugAgentLib
CpuExceptionHandlerLib
PcdLib
+ GetMemoryProtectionsLib
[Guids]
gEfiEventMemoryMapChangeGuid ## PRODUCES ##
Event
@@ -179,13 +180,6 @@ [Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileMemoryType ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdFwVolDxeMaxEncapsulationDepth ##
CONSUMES
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel ##
CONSUMES
diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
index b8a490a8c3b5..2fabed0670e0 100644
--- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
@@ -55,6 +55,7 @@
#include <Library/HobLib.h>
#include <Library/SmmMemLib.h>
#include <Library/SafeIntLib.h>
+#include <Library/GetMemoryProtectionsLib.h>
#include "PiSmmCorePrivateData.h"
#include "HeapGuard.h"
diff --git a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
index 3df44b38f13c..4586ec39d7c7 100644
--- a/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
+++ b/MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
@@ -61,6 +61,7 @@ [LibraryClasses]
HobLib
SmmMemLib
SafeIntLib
+ GetMemoryProtectionsLib
[Protocols]
gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED #
SmiHandlerRegister
@@ -94,9 +95,6 @@ [Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfileDriverPath ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdSmiHandlerProfilePropertyMask ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPageType ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPoolType ##
CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ##
CONSUMES
[Guids]
--
2.42.0.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109424): https://edk2.groups.io/g/devel/message/109424
Mute This Topic: https://groups.io/mt/101843363/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
