Note that there is also the upstream ticket https://sourceforge.net/p/gnu-efi/bugs/28/.
I'm not sure why EFI stacks would need to be executable. The better solution should be resolving that upstream and meanwhile carrying a gnu-efi patch. This does not only affect systemd-boot.
