Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: f9c373c8388f819166e57365197bc423d56209a6
https://github.com/tianocore/edk2/commit/f9c373c8388f819166e57365197bc423d56209a6
Author: Mario Bălănică <[email protected]>
Date: 2024-07-16 (Tue, 16 Jul 2024)
Changed paths:
A EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxe.c
A EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxe.h
A
EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxe.inf
A
EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxeHii.uni
A
EmbeddedPkg/Drivers/MemoryAttributeManagerDxe/MemoryAttributeManagerDxeHii.vfr
M EmbeddedPkg/EmbeddedPkg.dec
M EmbeddedPkg/EmbeddedPkg.dsc
A EmbeddedPkg/Include/Guid/MemoryAttributeManagerFormSet.h
Log Message:
-----------
EmbeddedPkg: Add option to disable EFI Memory Attribute Protocol
Introduce a driver that allows users to disable the EFI Memory Attribute
protocol through an HII setup option, in order to work around a broken
version of rhboot's shim used in some distros (e.g. CentOS Stream 9)
which incorrectly invokes the protocol and results in a Synchronous
Exception.
Default is enabled, which can also be overridden at build time by
changing `gEmbeddedTokenSpaceGuid.PcdMemoryAttributeEnabledDefault`.
It is only applicable to ARM64 and there isn't any other technical
reason for disabling this security feature.
See:
- https://github.com/microsoft/mu_silicon_arm_tiano/issues/124
- https://edk2.groups.io/g/devel/topic/99631663
- https://github.com/tianocore/edk2/pull/5840
Signed-off-by: Mario Bălănică <[email protected]>
To unsubscribe from these emails, change your notification settings at
https://github.com/tianocore/edk2/settings/notifications
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
