On 12/12/23 11:42, Ard Biesheuvel wrote: > On Tue, 12 Dec 2023 at 11:08, Gerd Hoffmann <kra...@redhat.com> wrote: >> >> On Tue, Dec 12, 2023 at 09:36:00AM +0100, Ard Biesheuvel wrote: >>> From: Ard Biesheuvel <a...@kernel.org> >>> >>> Shim's PE loader uses the EFI memory attributes protocol in a way that >>> results in an immediate crash when invoking the loaded image, unless the >>> base and size of its executable segment are both aligned to 4k. >>> >>> If this is not the case, it will strip the memory allocation of its >>> executable permissions, but fail to add them back for the executable >>> region, resulting in non-executable code. Unfortunately, the PE loader >>> does not even bother invoking the protocol in this case (as it notices >>> the misalignment), making it very hard for system firmware to work >>> around this by attempting to infer the intent of the caller. >>> >>> So let's introduce a QEMU command line option to indicate that the >>> protocol should not be exposed at all, and a PCD to set the default for >>> this option when it is omitted. >>> >>> -fw_cfg opt/org.tianocore/UninstallMemAttrProtocol,string=y >> >> Tested-by: Gerd Hoffmann <kra...@redhat.com> >> Reviewed-by: Gerd Hoffmann <kra...@redhat.com> >> > > Thanks all - I've queued this up now. >
If it hasn't been merged yet, add: Reviewed-by: Laszlo Ersek <ler...@redhat.com> thanks Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112447): https://edk2.groups.io/g/devel/message/112447 Mute This Topic: https://groups.io/mt/103126734/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/9847357/21656/1706620634/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
