Skip to content

Commit

Permalink
OvmfPkg: enable stack NX in OvmfPkgX64.dsc rather than .dec
Browse files Browse the repository at this point in the history 
Signed-off-by: Jiaqi Gao <jiaqi.gao@intel.com>
  • Loading branch information
@gaojiaqi7 @mxu9
gaojiaqi7 authored and mxu9 committed Dec 9, 2021
1 parent 71db2be commit 4bd322d
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
2 changes: 1 addition & 1 deletion OvmfPkg/OvmfPkg.dec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -338,7 +338,7 @@
gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxMsr|TRUE|BOOLEAN|0x56

gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptChunkSize|0x2000000|UINT64|0x59
gUefiOvmfPkgTokenSpaceGuid.PcdTdxSetNxForStack|TRUE|BOOLEAN|0x5b
gUefiOvmfPkgTokenSpaceGuid.PcdTdxSetNxForStack|FALSE|BOOLEAN|0x5b
gUefiOvmfPkgTokenSpaceGuid.PcdTdxPteMemoryEncryptionAddressOrMask|0|UINT64|0x5c

## The Tdx accept page size. 0x1000,0x200000
Expand Down
1 change: 1 addition & 0 deletions OvmfPkg/OvmfPkgX64.dsc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -637,6 +637,7 @@
# TDX doesn't allow us to change EFER so make sure these are disabled
#gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable|TRUE
gUefiOvmfPkgTokenSpaceGuid.PcdTdxSetNxForStack|TRUE

# Set memory encryption mask
gUefiOvmfPkgTokenSpaceGuid.PcdTdxPteMemoryEncryptionAddressOrMask|0x0
Expand Down

0 comments on commit 4bd322d

Please # to comment.