diff options
Diffstat (limited to 'Platforms/ARM/VExpress/ArmVExpress.dsc.inc')
| -rw-r--r-- | Platforms/ARM/VExpress/ArmVExpress.dsc.inc | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/Platforms/ARM/VExpress/ArmVExpress.dsc.inc b/Platforms/ARM/VExpress/ArmVExpress.dsc.inc index c94001b..431d6d0 100644 --- a/Platforms/ARM/VExpress/ArmVExpress.dsc.inc +++ b/Platforms/ARM/VExpress/ArmVExpress.dsc.inc @@ -14,6 +14,9 @@ [Defines]
SECURE_BOOT_ENABLE = FALSE
+[BuildOptions.common.EDKII.DXE_CORE,BuildOptions.common.EDKII.DXE_DRIVER,BuildOptions.common.EDKII.UEFI_DRIVER,BuildOptions.common.EDKII.UEFI_APPLICATION]
+ GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
+
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
GCC:*_*_ARM_DLINK_FLAGS = -z common-page-size=0x1000
GCC:*_*_AARCH64_DLINK_FLAGS = -z common-page-size=0x10000
@@ -437,6 +440,24 @@ # GUID of the UI app
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
+ #
+ # Enable strict image permissions for all images. (This applies
+ # only to images that were built with >= 4 KB section alignment.)
+ #
+ gEfiMdeModulePkgTokenSpaceGuid.PcdImageProtectionPolicy|0x3
+
+ #
+ # Enable NX memory protection for all non-code regions, including OEM and OS
+ # reserved ones, with the exception of LoaderData regions, of which OS loaders
+ # (i.e., GRUB) may assume that its contents are executable.
+ #
+ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1
+
+ #
+ # Enable the non-executable DXE stack. (This gets set up by DxeIpl)
+ #
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|TRUE
+
[Components.common]
MdeModulePkg/Universal/PCD/Dxe/Pcd.inf {
<LibraryClasses>
|