From 2936b7d1628c8c6f7cc838af5f9ab1562dfb5122 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 15 Sep 2024 11:07:55 +0200 Subject: [PATCH] ArmVirtPkg: Correct PcdDxeNxMemoryProtectionPolicy comment Since commit 2997ae387397 ("ArmVirtPkg: make EFI_LOADER_DATA non-executable") the comment for PcdDxeNxMemoryProtectionPolicy is incorrect. * Remove the incorrect part of the description. * Describe overriding NX protection by passing a pcd parameter on the build command line. Signed-off-by: Heinrich Schuchardt --- ArmVirtPkg/ArmVirt.dsc.inc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 890a056cd0..6dd6ce69cc 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -381,8 +381,10 @@ # # Enable NX memory protection for all non-code regions, including OEM and OS - # reserved ones, with the exception of LoaderData regions, of which OS loaders - # (i.e., GRUB) may assume that its contents are executable. + # reserved ones. + # By passing --pcd PcdDxeNxMemoryProtectionPolicy=0xC000000000007FD1 on the + # build command line you can allow code execution in EfiLoaderData. This is + # required when using some outdated GRUB versions. # gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5