-
Notifications
You must be signed in to change notification settings - Fork 110
/
DxeMemoryProtectionSettings.h
520 lines (491 loc) · 28.9 KB
/
DxeMemoryProtectionSettings.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
/** @file
Defines memory protection settings guid and struct
Copyright (C) Microsoft Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef __DXE_MEMORY_PROTECTION_SETTINGS_H__
#define __DXE_MEMORY_PROTECTION_SETTINGS_H__
typedef union {
UINT8 Data;
struct {
UINT8 UefiNullDetection : 1;
UINT8 DisableEndOfDxe : 1;
UINT8 DisableReadyToBoot : 1;
} Fields;
} DXE_NULL_DETECTION_POLICY;
typedef union {
UINT8 Data;
struct {
UINT8 UefiPageGuard : 1;
UINT8 UefiPoolGuard : 1;
UINT8 UefiFreedMemoryGuard : 1;
UINT8 Direction : 1;
} Fields;
} DXE_HEAP_GUARD_POLICY;
typedef union {
UINT32 Data;
struct {
UINT8 EfiReservedMemoryType : 1;
UINT8 EfiLoaderCode : 1;
UINT8 EfiLoaderData : 1;
UINT8 EfiBootServicesCode : 1;
UINT8 EfiBootServicesData : 1;
UINT8 EfiRuntimeServicesCode : 1;
UINT8 EfiRuntimeServicesData : 1;
UINT8 EfiConventionalMemory : 1;
UINT8 EfiUnusableMemory : 1;
UINT8 EfiACPIReclaimMemory : 1;
UINT8 EfiACPIMemoryNVS : 1;
UINT8 EfiMemoryMappedIO : 1;
UINT8 EfiMemoryMappedIOPortSpace : 1;
UINT8 EfiPalCode : 1;
UINT8 EfiPersistentMemory : 1;
UINT8 OEMReserved : 1;
UINT8 OSReserved : 1;
} Fields;
} DXE_HEAP_GUARD_MEMORY_TYPES;
typedef union {
UINT8 Data;
struct {
UINT8 ProtectImageFromUnknown : 1;
UINT8 ProtectImageFromFv : 1;
UINT8 RaiseErrorIfProtectionFails : 1;
UINT8 BlockImagesWithoutNxFlag : 1;
} Fields;
} DXE_IMAGE_PROTECTION_POLICY;
typedef UINT8 DXE_MEMORY_PROTECTION_SETTINGS_VERSION;
#define DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION 4 // Current iteration of DXE_MEMORY_PROTECTION_SETTINGS
//
// Memory Protection Settings struct
//
typedef struct {
// The current version of the structure definition. This is used to ensure there isn't a definition mismatch
// if modules have differing iterations of this header. When creating this struct, use the
// DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION macro.
DXE_MEMORY_PROTECTION_SETTINGS_VERSION StructVersion;
// Indicates if UEFI Stack Guard will be enabled.
//
// If enabled, stack overflow in UEFI can be caught.
// TRUE - UEFI Stack Guard will be enabled.
// FALSE - UEFI Stack Guard will be disabled.
BOOLEAN CpuStackGuard;
// Bitfield to control the NULL address detection in code for different phases.
// If enabled, accessing NULL address in UEFI or SMM code can be caught by marking
// the NULL page as not present.
// .UefiNullDetection : Enable NULL pointer detection for UEFI.
// .DisableEndOfDxe : Disable NULL pointer detection just after EndOfDxe.
// This is a workaround for those unsolvable NULL access issues in
// OptionROM, boot loader, etc. It can also help to avoid unnecessary
// exception caused by legacy memory (0-4095) access after EndOfDxe,
// such as Windows 7 boot on Qemu.
// .DisableReadyToBoot : Disable NULL pointer detection just after ReadyToBoot.
DXE_NULL_DETECTION_POLICY NullPointerDetectionPolicy;
// Bitfield to control Heap Guard behavior.
//
// Note:
// a) Due to the limit of pool memory implementation and the alignment
// requirement of UEFI spec, HeapGuardPolicy.Direction is a try-best
// setting which cannot guarantee that the returned pool is exactly
// adjacent to head guard page or tail guard page.
// b) UEFI freed-memory guard and UEFI pool/page guard cannot be enabled
// at the same time.
//
// .UefiPageGuard : Enable UEFI page guard.
// .UefiPoolGuard : Enable UEFI pool guard.
// .UefiFreedMemoryGuard : Enable UEFI freed-memory guard (Use-After-Free memory detection).
// .Direction : The direction of Guard Page for Pool Guard.
// 0 - The returned pool is near the tail guard page.
// 1 - The returned pool is near the head guard page.
DXE_HEAP_GUARD_POLICY HeapGuardPolicy;
// Set image protection policy.
//
// .ProtectImageFromUnknown : If set, images from unknown devices will be protected by DxeCore
// if they are aligned. The code section becomes read-only, and the data
// section becomes non-executable.
// .ProtectImageFromFv : If set, images from firmware volumes will be protected by DxeCore
// if they are aligned. The code section becomes read-only, and the data
// section becomes non-executable.
// .RaiseErrorIfProtectionFails : If set, the image protection logic will return an error if protection fails.
// .BlockImagesWithoutNxFlag : If set, images of subsystem type EFI_APPLICATION
// which don't utilize the /NXCOMPAT DLL flag will not be loaded.
//
// Note: If a bit is cleared, an image data section could be still non-executable if
// NxProtectionPolicy is enabled for EfiLoaderData, EfiBootServicesData or EfiRuntimeServicesData.
DXE_IMAGE_PROTECTION_POLICY ImageProtectionPolicy;
// Indicates which type allocation need guard page.
//
// If bit is set, a head guard page and a tail guard page will be added just
// before and after corresponding type of pages which the allocated pool occupies,
// if there's enough free memory for all of them. The pool allocation for the
// type related to cleared bits keeps the same as ususal.
//
// This bitfield is only valid if UefiPoolGuard and/or MmPoolGuard are set in HeapGuardPolicy.
DXE_HEAP_GUARD_MEMORY_TYPES HeapGuardPoolType;
// Indicates which type allocation need guard page.
//
// If a bit is set, a head guard page and a tail guard page will be added just
// before and after corresponding type of pages allocated if there's enough
// free pages for all of them. The page allocation for the type related to
// cleared bits keeps the same as ususal.
//
// This bitfield is only valid if UefiPageGuard is set in HeapGuardPolicy.
DXE_HEAP_GUARD_MEMORY_TYPES HeapGuardPageType;
// DXE no execute memory protection policy.
//
// If a bit is set, memory regions of the associated type will be mapped
// non-executable. If a bit is cleared, nothing will be done to associated type of memory.
//
// NOTE: - User MUST set the same NX protection for EfiBootServicesData and EfiConventionalMemory.
DXE_HEAP_GUARD_MEMORY_TYPES NxProtectionPolicy;
// Indicates if stack cookie protection will be enabled
//
// A stack cookie check failure will trigger an interrupt. If this boolean is set to FALSE,
// the interrupt should be ignored.
BOOLEAN StackCookies;
} DXE_MEMORY_PROTECTION_SETTINGS;
#define HOB_DXE_MEMORY_PROTECTION_SETTINGS_GUID \
{ \
{ 0x9ABFD639, 0xD1D0, 0x4EFF, { 0xBD, 0xB6, 0x7E, 0xC4, 0x19, 0x0D, 0x17, 0xD5 } } \
}
extern GUID gDxeMemoryProtectionSettingsGuid;
// HeapGuardPolicy.Fields.Direction value indicating tail alignment
#define HEAP_GUARD_ALIGNED_TO_TAIL 0
// HeapGuardPolicy.Fields.Direction value indicating head alignment
#define HEAP_GUARD_ALIGNED_TO_HEAD 1
//
// A memory profile with strict settings. This will likely add to the
// total boot time but will catch more configuration and memory errors.
//
#define DXE_MEMORY_PROTECTION_SETTINGS_DEBUG \
{ \
DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \
TRUE, /* Stack Guard On */ \
{ \
.Fields.UefiNullDetection = 1, \
.Fields.DisableEndOfDxe = 0, \
.Fields.DisableReadyToBoot = 0 \
}, \
{ \
.Fields.UefiPageGuard = 1, \
.Fields.UefiPoolGuard = 1, \
.Fields.UefiFreedMemoryGuard = 0, \
.Fields.Direction = 0 \
}, \
{ \
.Fields.ProtectImageFromUnknown = 1, \
.Fields.ProtectImageFromFv = 1, \
.Fields.RaiseErrorIfProtectionFails = 1, \
.Fields.BlockImagesWithoutNxFlag = 1 \
}, \
{ \
.Fields.EfiReservedMemoryType = 1, \
.Fields.EfiLoaderCode = 1, \
.Fields.EfiLoaderData = 1, \
.Fields.EfiBootServicesCode = 1, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 1, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 1, \
.Fields.EfiACPIReclaimMemory = 1, \
.Fields.EfiACPIMemoryNVS = 1, \
.Fields.EfiMemoryMappedIO = 1, \
.Fields.EfiMemoryMappedIOPortSpace = 1, \
.Fields.EfiPalCode = 1, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 1, \
.Fields.OSReserved = 1 \
}, \
{ \
.Fields.EfiReservedMemoryType = 1, \
.Fields.EfiLoaderCode = 1, \
.Fields.EfiLoaderData = 1, \
.Fields.EfiBootServicesCode = 1, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 1, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 1, \
.Fields.EfiACPIReclaimMemory = 1, \
.Fields.EfiACPIMemoryNVS = 1, \
.Fields.EfiMemoryMappedIO = 1, \
.Fields.EfiMemoryMappedIOPortSpace = 1, \
.Fields.EfiPalCode = 1, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 1, \
.Fields.OSReserved = 1 \
}, \
{ \
.Fields.EfiReservedMemoryType = 1, \
.Fields.EfiLoaderCode = 1, \
.Fields.EfiLoaderData = 1, \
.Fields.EfiBootServicesCode = 1, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 1, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 1, \
.Fields.EfiUnusableMemory = 1, \
.Fields.EfiACPIReclaimMemory = 1, \
.Fields.EfiACPIMemoryNVS = 1, \
.Fields.EfiMemoryMappedIO = 1, \
.Fields.EfiMemoryMappedIOPortSpace = 1, \
.Fields.EfiPalCode = 1, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 1, \
.Fields.OSReserved = 1 \
}, \
TRUE \
}
//
// A memory profile recommended for SHIP_MODE. Compared to the debug
// settings, this removes the pool guards and doesn't unload images
// which fail protection.
//
#define DXE_MEMORY_PROTECTION_SETTINGS_SHIP_MODE \
{ \
DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \
TRUE, /* Stack Guard On */ \
{ \
.Fields.UefiNullDetection = 1, \
.Fields.DisableEndOfDxe = 0, \
.Fields.DisableReadyToBoot = 0 \
}, \
{ \
.Fields.UefiPageGuard = 1, \
.Fields.UefiPoolGuard = 0, \
.Fields.UefiFreedMemoryGuard = 0, \
.Fields.Direction = 0 \
}, \
{ \
.Fields.ProtectImageFromUnknown = 0, \
.Fields.ProtectImageFromFv = 1, \
.Fields.RaiseErrorIfProtectionFails = 0, \
.Fields.BlockImagesWithoutNxFlag = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 1, \
.Fields.EfiLoaderCode = 1, \
.Fields.EfiLoaderData = 1, \
.Fields.EfiBootServicesCode = 1, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 1, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 1, \
.Fields.EfiUnusableMemory = 1, \
.Fields.EfiACPIReclaimMemory = 1, \
.Fields.EfiACPIMemoryNVS = 1, \
.Fields.EfiMemoryMappedIO = 1, \
.Fields.EfiMemoryMappedIOPortSpace = 1, \
.Fields.EfiPalCode = 1, \
.Fields.EfiPersistentMemory = 1, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
TRUE \
}
//
// A memory profile which mirrors DXE_MEMORY_PROTECTION_SETTINGS_SHIP_MODE
// but doesn't include page guards.
//
#define DXE_MEMORY_PROTECTION_SETTINGS_SHIP_MODE_NO_PAGE_GUARDS \
{ \
DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \
TRUE, /* Stack Guard On */ \
{ \
.Fields.UefiNullDetection = 1, \
.Fields.DisableEndOfDxe = 0, \
.Fields.DisableReadyToBoot = 0 \
}, \
{ \
.Fields.UefiPageGuard = 0, \
.Fields.UefiPoolGuard = 0, \
.Fields.UefiFreedMemoryGuard = 0, \
.Fields.Direction = 0 \
}, \
{ \
.Fields.ProtectImageFromUnknown = 0, \
.Fields.ProtectImageFromFv = 1, \
.Fields.RaiseErrorIfProtectionFails = 0, \
.Fields.BlockImagesWithoutNxFlag = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 1, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 1, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 1, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 1, \
.Fields.EfiConventionalMemory = 1, \
.Fields.EfiUnusableMemory = 1, \
.Fields.EfiACPIReclaimMemory = 1, \
.Fields.EfiACPIMemoryNVS = 1, \
.Fields.EfiMemoryMappedIO = 1, \
.Fields.EfiMemoryMappedIOPortSpace = 1, \
.Fields.EfiPalCode = 1, \
.Fields.EfiPersistentMemory = 1, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
TRUE \
}
//
// A memory profile which disables all memory protection settings.
//
#define DXE_MEMORY_PROTECTION_SETTINGS_OFF \
{ \
DXE_MEMORY_PROTECTION_SETTINGS_CURRENT_VERSION, \
FALSE, /* Stack Guard On */ \
{ \
.Fields.UefiNullDetection = 0, \
.Fields.DisableEndOfDxe = 0, \
.Fields.DisableReadyToBoot = 0 \
}, \
{ \
.Fields.UefiPageGuard = 0, \
.Fields.UefiPoolGuard = 0, \
.Fields.UefiFreedMemoryGuard = 0, \
.Fields.Direction = 0 \
}, \
{ \
.Fields.ProtectImageFromUnknown = 0, \
.Fields.ProtectImageFromFv = 0, \
.Fields.RaiseErrorIfProtectionFails = 0, \
.Fields.BlockImagesWithoutNxFlag = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
{ \
.Fields.EfiReservedMemoryType = 0, \
.Fields.EfiLoaderCode = 0, \
.Fields.EfiLoaderData = 0, \
.Fields.EfiBootServicesCode = 0, \
.Fields.EfiBootServicesData = 0, \
.Fields.EfiRuntimeServicesCode = 0, \
.Fields.EfiRuntimeServicesData = 0, \
.Fields.EfiConventionalMemory = 0, \
.Fields.EfiUnusableMemory = 0, \
.Fields.EfiACPIReclaimMemory = 0, \
.Fields.EfiACPIMemoryNVS = 0, \
.Fields.EfiMemoryMappedIO = 0, \
.Fields.EfiMemoryMappedIOPortSpace = 0, \
.Fields.EfiPalCode = 0, \
.Fields.EfiPersistentMemory = 0, \
.Fields.OEMReserved = 0, \
.Fields.OSReserved = 0 \
}, \
FALSE \
}
#endif