On Tue, Dec 12, 2023 at 09:36:00AM +0100, Ard Biesheuvel wrote: > From: Ard Biesheuvel <a...@kernel.org> > > Shim's PE loader uses the EFI memory attributes protocol in a way that > results in an immediate crash when invoking the loaded image, unless the > base and size of its executable segment are both aligned to 4k. > > If this is not the case, it will strip the memory allocation of its > executable permissions, but fail to add them back for the executable > region, resulting in non-executable code. Unfortunately, the PE loader > does not even bother invoking the protocol in this case (as it notices > the misalignment), making it very hard for system firmware to work > around this by attempting to infer the intent of the caller. > > So let's introduce a QEMU command line option to indicate that the > protocol should not be exposed at all, and a PCD to set the default for > this option when it is omitted. > > -fw_cfg opt/org.tianocore/UninstallMemAttrProtocol,string=y
Tested-by: Gerd Hoffmann <kra...@redhat.com> Reviewed-by: Gerd Hoffmann <kra...@redhat.com> take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112384): https://edk2.groups.io/g/devel/message/112384 Mute This Topic: https://groups.io/mt/103126734/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
